Facebook tests new CAPTCHA facial recognition tool
Facebook confirmed the new CAPTCHA system and said its role is to "catch suspicious activity at various points of interaction on the site." The new CAPTCHA system is automated, uses facial recognition, and requires the use of unique photos to prevent bots from taking existing photos of random people off the Internet or from other Facebook accounts to authenticate.
Is Your DJI Drone a Chinese Spy?
The United States Department of Homeland Security (DHS) has recently accused Da-Jiang Innovations (DJI), one of the largest drone manufacturers, of sending sensitive information about U.S. infrastructure to China through its commercial drones and software. A copy memo from the Los Angeles office of the Immigration and Customs Enforcement bureau (ICE) has begun circulating online more recently, alleging "with moderate confidence" that DJI drones may be sending US critical infrastructure and law enforcement data back to China.
Feds shut down 'longest-running' Andromeda Botnet
In a coordinated International cyber operation, Europol, with the help of international law enforcement agencies has taken down what it called "one of the longest-running malware families in existence" known as Andromeda. Andromeda, also known as Win32/Gamarue, is an infamous HTTP-based modular botnet that has been around for several years now, infecting countless computers along the way.
Hacker who took over jail network to release friend faces…jail!
A 27-year-old Michigan man who hacked into the government computer system of Washtenaw County Jail to alter inmate records and gain early release for his friend is now himself facing federal charges after getting caught. https://www.justice.gov/usao-edmi/pr/ann-arbor-man-pleads-guilty-computer-intrusion-case
MailSploit — email spoofing flaw affects over 30 popular email clients
A security researcher has discovered a collection of vulnerabilities in more than 30 popular email client applications that could allow anyone to send spoofed emails. Discovered by security researcher Sabri Haddouche, the set of vulnerabilities, dubbed MailSploit, affects Apple Mail (macOS, iOS, and watchOS), Mozilla Thunderbird, several Microsoft email clients, Yahoo Mail, ProtonMail, and others. https://www.mailsploit.com/index
Massive breach exposes keyboard app that collects personal data on 31 million users
Founded in 2010, Ai.type is a customisable and personalisable on-screen keyboard for mobile phones and tablets, with more than 40 million users worldwide. Apparently, a misconfigured MongoDB database, owned by the Tel Aviv-based start-up AI.type, exposed their entire 577 GB database online, including a shocking amount of sensitive details on their users, which are not even necessary for the app to work.
New TeamViewer hack could allow clients to hijack viewers' computer
Do you have remote support software TeamViewer installed on your desktop? If yes, then you should pay attention to a critical vulnerability discovered in the software that could allow users sharing a desktop session to gain complete control of the other's PC without permission. https://github.com/gellin/TeamViewer_Permissions_Hook_V1
Largest crypto-mining exchange hacked; over $70 million in Bitcoin stolen
NiceHash, the largest Bitcoin mining marketplace, has been hacked, resulting in the theft of more than 4,700 Bitcoins worth over $57 million (at the time of breach). And guess what? You'll be surprised to know that the stolen BTC is now worth over $70 million—in less than 24 hours. https://www.nicehash.com/
Process Doppelgänging: new malware evasion technique works on all Windows versions
A team of security researchers has discovered a new malware evasion technique that could help malware authors defeat most of the modern antivirus solutions and forensic tools. Dubbed Process Doppelgänging, the new fileless code injection technique takes advantage of a built-in Windows function and an undocumented implementation of Windows process loader. https://www.blackhat.com/eu-17/briefings/schedule/index.html#lost-in-transaction-process-doppelgnging-8811
Security flaw left major banking apps vulnerable to MiTM attacks over SSL
The vulnerability was discovered by researchers of the Security and Privacy Group at the University of Birmingham, who tested hundreds of different banking apps—both iOS and Android—and found that several of them were affected by a common issue, leaving their users vulnerable to man-in-the-middle attacks. The affected banking apps include HSBC, NatWest, Co-op, Santander, and Allied Irish bank, which have now been updated after researchers reported them of the issue. http://www.cs.bham.ac.uk/~garciaf/publications/spinner.pdf
Microsoft issues emergency Windows Security update for critical vulnerability
Microsoft has just released an emergency security patch to address a critical remote code execution (RCE) vulnerability in its Malware Protection Engine (MPE) that could allow an attacker to take full control of a victim's PC. https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937
8 December 2017