Facebook has withdrawn its Onavo Protect VPN app from the iOS App Store after Apple determined that it was breaking data-collection policies. The app, which was free to download, promoted itself as helping users keep themselves and their data safe when you go online, “blocking potentially harmful websites and securing your personal information.” What users of Onavo may not have realised was that the app was also being used by Facebook to collect information about other apps installed on a user’s iPhone. Under Apple developer guidelines, such information is not allowed to be collected by apps for analysis or marketing. However, data collected by Onavo is used to provide valuable market intelligence about marketshare and usage of apps. In the words of the app’s own store description: “Onavo may collect your mobile data traffic. This helps us improve and operate the Onavo service by analyzing your use of websites, apps, and data. Because we’re part of Facebook, we also use this info ..
The Chinese global mobile app and mobile platform development firm, Sungy Mobile, aka GOMO, may have leaked the data of over 50.5 million customers, mostly of which are children. An open port allowed independent researcher going by the pseudonym “Flash Gordon” to infiltrate the database through vulnerable IP addresses that had no login credentials. The researcher detected the flaw on May 25. The apps developed by GOMO are very popular in China, especially among kids, the company claiming more than 2 billion downloads. The data exposed information such as emails, bcrypt passwords, country of user, avatars and purchases, as well as some information of US users such as emails, username, school, gender, date of birth and their International Mobile Subscriber Identity number. Overall, some 100GB of decompressed data was exposed. Number-wise, the data exposed contained 50,553,664 unique accounts, 47,415,210 unique devices, 4,379 distinct mobile numbers in accounts, 51,426,769 distinct emai..
US president Donald Trump signed the NIST Small Business Cybersecurity Act last week, a law that will help small businesses with resources to fend off cyberattacks, as part of a comprehensive governmental strategy to improve cybersecurity. The act was written by U.S. Senators Brian Schatz (D-Hawai‘i) and James Risch (R-Idaho), and supported by John Thune (R-S.D.), Maria Cantwell (D-Wash.), Bill Nelson (D-Fla.), Cory Gardner (R-Colo.), Catherine Cortez Masto (D-Nev.), Maggie Hassan (D-N.H.), Claire McCaskill (D-Mo.), and Kirsten Gillibrand (D-N.Y.). “As businesses rely more and more on the internet to run efficiently and reach more customers, they will continue to be vulnerable to cyberattacks. But while big businesses have the resources to protect themselves, small businesses do not, and that’s exactly what makes them an easy target for hackers,” said Senator Schatz, lead Democrat on the Commerce Subcommittee on Communications, Technology, Innovation, and the Internet. “This new law ..
An Australian teenager has admitted hacking into Apple’s internal network and stealing 90 GB worth of files. The 16-year-old, who cannot be named for legal reasons, has pleaded guilty to breaking into Apple’s systems on multiple occasions over the course of a year, from his parent’s home in Melbourne’s suburbs. According to a report in The Age, the young hacker claimed to be a “fan” of the company, who “dreamed” of working for Apple one day. The teen is thought to have attempted to hide his identity using a variety of tools, such as VPN software. But after Apple eventually spotted the unauthorised access of their internal systems they informed the FBI, who in turn worked with the Australian Federal Police to track down the intruder. A search of the teenager’s home last year saw law enforcement officers seize two Apple laptops with serial numbers that “matched the serial numbers of devices which accessed the internal systems”, according to a prosecutor. In addition, a mobile phone ..
A cyber fraud ring operating across multiple states was detected by US law enforcement in February 2018, after the mother of one of the perpetrators overheard him masquerading as an AT&T employee in a phone conversation. The woman called the police and officers found a number of cell phones and SIM cards, as well as “an extensive list of names and phone numbers of people from around the world” on his computer, writes security researcher Brian Krebs. The same person was later found to be in the possession of 45 SIM cards and a Trezor Wallet used for cryptocurrency account data. After searching his home again, police found more SIM cards and driver’s licenses and passports. On the other side of the country, Florida police has arrested 25-year-old Ricky Joseph Handschumacher on money laundering and grand theft charges. The man is allegedly part of the aforementioned SIM hijacking group, which includes nine more members, who cloned phones to steal cryptocurrency. Police say that for the ..
Iranian hackers might be the next criminal group to be worried about, after the country has joined the ranks of Russia, North Korea, the US and African countries when it comes to cyberespionage operations. Research carried out by Accenture Security iDefense states that Iran has surfaced as a major security threat. “The Iranian government and hacktivists located in Iran pose a disruptive or destructive cyber threat against the United States, Europe, and the Middle East,” reads the report. The country is step-by-step turning into a focal point for cyberespionage operations, confirmed by the high number of attacks originating from Iran in the first half of 2018, specifically state-sponsored campaigns with an increased focus on other nations in the Middle East. As shown by research, Iranian hackers’ preferred method of attack is Android-based malware and ransomware launched not only against governments, but also consumers and businesses. Google Play store is almost satiated by various a..
Apple prides itself on the airtight security offered by its family of products, including the Mac operating system, macOS. But while considerably less targeted by hackers, macOS is still vulnerable to attacks – especially when a bad actor comes at it with an exploit that takes advantage of a zero-day vulnerability. Ex-NSA hacker Patrick Wardle demonstrated just that at the Def Con conference in Vegas, when he showed that macOS High Sierra (the current version of Apple’s Mac operating system) is vulnerable to attacks involving “synthetic clicks.” macOS is rich in Accessibility features, and one of these abilities is the nifty trick of making mouse-clicks without actually touching the mouse – everything happens in the software. Wardle found that an unpatched 0-day flaw can be exploited to virtually click objects and gain access to password protected areas. In fact, he found a way to dump all passwords from the keychain and bypass 3rd-party security tools. “Via a single click, countles..
IBM researchers are seeking to raise awareness that AI-powered threats are coming our way soon. To that end, they’ve created an all-new breed of malware to provide insights into how to reduce risks and deploy adequate countermeasures. DeepLocker was showcased at Black Hat USA 2018, the hacker conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies globally. Researchers Marc Ph. Stoecklin, Jiyong Jang, and Dhilung Kirat demonstrated how a piece of malware can be specifically targeted at one person and not others by training a neural network to recognize the victim’s face. The malware is obfuscated and hidden inside a legitimate program, in this case a video conferencing app. When the AI finds its target, it triggers the unlock key that de-obfuscates the hidden malware and executes it. For this proof of concept, they used WannaCry itself – the infamous ransomware that made headlines last year. “What is unique about DeepL..
The Tibetan diaspora has once again fallen victim to a sophisticated malware campaign similar to one detected in 2016, reports Citizen Lab after receiving the infected files from one of the targets – a Tibetan NGO. It appears the campaign was activated between January and March 2018 and bears a lot of similarity with another malware campaign that happened in 2016, both allegedly part of the Tropic Trooper campaign, when hackers targeted the governments of Taiwan and the Philippines. “The Resurfaced Campaign used different exploits and payloads than the Parliamentary Campaign but shares other connections,” reads the report. “The two campaigns used similar spear phishing messages and both targeted Tibetan parliamentarians. One of the e-mail addresses used to send spear phishing messages in the Resurfaced Campaign (tibetanparliarnent[@]yahoo.com) was also used repeatedly during the Parliamentary Campaign.” Malicious campaigns have so far targeted Tibetan activists, journalists, members..
Fabled British holiday camp chain Butlin’s has admitted that it has suffered a data breach that may have exposed details of 34,000 guests. Personal information contained within the records accessed by hackers includes names, booking reference numbers, arrival dates, home addresses, email addresses, and telephone numbers. According to be a BBC News report, the attack is said to have happened in the last three days, and it is currently unclear the precise number of affected guests. The company, which has sites in Skegness, Bognor Regis, and Minehead, is at pains to point out in an advisory posted on its website that no financial information has been compromised, and says it will be contacting affected guests in the next few days. Obviously as the hackers appear to have made off with holidaymakers’ contact details, Butlin’s customers would be wise to be cautious of any approaches (via phone or letter) that might request further personal information, such as financial details, perhaps ..