Hack iPhone with only one vulnerability

With just the Apple ID, you can remotely hack your iPhone, access passwords and activate the camera in a few minutes. Vulnerabilities in software that could compromise a system without user intervention (for example, without clicking on a malicious link…

Cybercriminal sentenced to jail for blackmail Apple

The attacker threatened to publish the data of 319 million iCloud users. A cybercriminal who tried to blackmail Apple in 2017 was sentenced to a prison term of 2 years. On March 12, 2017, 22-year-old Kerem Albayrak from North London…

A bug in Chrome 79 for Android deletes user data

Google developers “forgot” to move some user data during the upgrade process. Google has suspended the release of Google Chrome 79 for Android after developers of mobile applications reported a dangerous browser error that led to the deletion of user…

Briefly about the main events of the past week from December 2 to 8, 2019

Last work week began with Europol reporting that more than 30 thousand pirated web sites distributing counterfeit and pirated products were disconnected. Resources offered various goods and services, including counterfeit pharmaceuticals and films, illegal streaming services, music, software, electronics, etc….

Briefly about the main events of the past week, for the period from November 25 to December 1, 2019

The beginning of the past week was marked by the next accusation of the Russian Federation in cyber espionage. In particular, the Security and Information Service of the Czech Republic published a report according to which, last year, Russian and…

Twitter will postpone mass “cleaning” of the service from obsolete pages

Twitter management has revised its decision to mass “clean” the social network from obsolete accounts. The reason is numerous complaints from users about the inability to perpetuate the pages of deceased people. Recall that the administration of Twitter began to…

New IB solutions of the week: November 22, 2019

Sysdig has unveiled the latest release of its Sysdig Secure intrusion detection platform. Among other things, Sysdig Secure 3.0 includes an audit and threat response tool for Kubernetes. This release focuses on ensuring the security of the Kubernetes environment throughout…

Russian Interior Ministry decided to create a unit to combat cybercrime

The Russian Ministry of Internal Affairs, following a meeting of the board of the department, decided to create new units to combat cybercrime. This was the official representative of the Ministry of Internal Affairs Irina Volk told RBC. “The Minister…

Largest cyberattack in Georgian history affects government sites

Unknown cybercriminals have carried out at the moment the largest attack in the history of Georgia, during which they carried out a deface of 15 thousand websites, which were subsequently disabled. According to local media, the malicious campaign affected the…

Android Critical Vulnerability

Android Critical Vulnerability Lets attack Samsung, Huawei, Moto, Xiaomi and Pixel phones Researchers at the Google Zero project have identified a critical zero-day vulnerability that affects at least 18 Android smartphone smartphones. The study shows that it is already in…

In the 1st half of 2019, more than 100 million attacks on IoT devices were recorded

30% of all attacks occurred in China, 19% – in Brazil, 12% accounted for Egypt. In the first half of 2019, experts from Kaspersky Lab using hanipot (a resource that is a bait for attackers) recorded 105 million attacks on…

Thai authorities obliged cafe with free Wi-Fi to store user data

Cafes, restaurants and shops that violate the law are punishable. The administration of restaurants and other public places with free Wi-Fi access must store data on user activity on the Web for 90 days. As Thai Minister of Digital Economy…

Briefly about the most significant events of the past week.

Last week, it became known about the leak of customer data from Sberbank. As stated in the financial institution itself, the incident affected at least 200 people. An investigation was conducted into the leak, during which the culprit of the…

90% of Russian popular Android applications transfer personal data to third parties

The leader in the number of data transmission channels was the “Read for free” application from Litres – 31 channels. Using the AppCensus service and Exodus application privacy audit platform, the Internet edition of The Bell analyzed what data the…

A USB cable for hacking computers will soon be on sale

After connecting the cable, the criminal can remotely run commands and gain access to the victim’s files. Soon, a cable will appear on sale that looks like Apple’s official Lightning cable, but actually allows you to remotely hack computers. Security…

New SIM attack detected, similar to Simjacker

Criminals can track users, make phone calls and listen to conversations. A team of researchers from Ginno Security Labs discovered and analyzed a new attack using SMS messages, which allows attackers to track user devices using little-known applications running on…

Russia wants to combine biometrics and eSIM

As in the case of the State Services, in order for the EBS to become fully operational, it needs a “real” application, preferably not only in the banking sector. Izvestia reported that Rostelecom decided to combine plans to launch remote…

Security Review for September 16-22, 2019

Briefly about the main events of the past week. After several months of inactivity on the Web, one of the most dangerous botnets became active – Emotet. On September 16, security researchers recorded new spam mailings containing malicious files and…

Data leakage from the OFD Dimkas server

Data leakage from the OFD Dimkas server Among the data that got into the Network were the full details of fiscal checks. Last week, SecurityLab reported a vulnerability in the server of the fiscal data operator (OFD) “Dreamkas”, due to…

Google Calendars disclose sensitive information.

The researcher was able to not only view records, but also make new ones, including those containing malicious links. Users of the Google Calendar service often make their notes available to third parties, without thinking that in this way anyone…

More than 1 billion users have become victims of SIM card vulnerabilities.

Researchers at cybersecurity company AdaptiveMobile Security have released a report on a new vulnerability called Simjacker, which uses your smartphone’s SIM card to spy on you. Since Simjacker can use all brands and models of mobile phones, the vulnerability could…

A simple trick allows you to share photos from closed pages on Instagram and Facebook

In order to take advantage of the trick, minimal knowledge about the work of HTML and the browser is enough. Photos and videos in closed accounts on Instagram and Facebook were not so closed. According to BuzzFeed, with a simple…

Vulnerability in Telegram allowed viewing deleted images

The vulnerability affects not only the removal of files from separate dialogs, but also when sending attachments to the Telegram supergroup. Version 5.11 has been released for the Telegram cross-platform messenger mobile client, fixing a vulnerability that allows the recipient…

53% of authentication attempts on social networks are made by scammers and bots!

53% of all authentication attempts on social networking sites belong to scammers. In addition, 25% of new applications on the same sites are fakes. Such data are reflected in a study by Arkose Labs. According to experts, they studied all…

Copyright: want to quote, take a license

  This summer, BadComedian blogger reported that the Kinodanz film studio sued him because of a review of their film. The reason is absurd – the excess of the permissible citation volume. The bottom line is that citation rules are…

Fraudsters steal money from cards, hiding behind popular surnames.

Following the offer to communicate with a financial robot and remote “technical support”, scammers have mastered a new way of stealing money from bank card holders, Kommersant reports. Despite the fact that every third Russian faced a similar situation, the…

What is a secure messenger. User misconceptions.

After reading the posts of “supposedly” cyber security experts in messengers, I was shocked … People are not correctly forming even a list of security criteria. I came across the following criteria: 1. The degree of centralization – (for the…

Hackers can access the contacts of your iPhone

At the last DEFCON conference, Check Point experts demonstrated how to hack an iPhone through a database engine that uses iOS – SQLite. In this case, hackers will be able to obtain administrator rights over the device. SQLite is the…

Banks began to deal with a new kind of leaks.

Large banks, such as Sberbank, VTB, UniCredit and Otkritie, began to introduce direct bans on photographing computer screens using personal mobile devices. Restrictions are fixed in regulatory documents or contracts. The reason for this was the previously mentioned problem of…

Autonomous Runet: what is it and why?

From November 1, 2019, a provision will come into force according to which, in the event of a threat to the stable and safe operation of the Russian Internet segment, Roskomnadzor will be able to exercise centralized traffic management in…

Thank you for not paying for emoticons!

From the patent for the image now known even to a child – a smiley – a successful business has grown, and its owners – father and son Lufrani – have become millionaires Two eyes and a smile on a…

Apple accused of illegally disclosing customer information on purchases in iTunes

Apple Inc. sued customers who claim that the company illegally discloses and sells information about the purchases of people on iTunes, as well as their personal data. Three iTunes customers from Rhode Island and Michigan filed a federal court in…

The establishment of a monitoring center in Russia will cost almost 5 billion budget funds.

The Government of the Russian Federation intends to allocate from the federal budget subsidies of 4.96 billion rubles, which will be sent to create a Center for monitoring public communication networks and an appropriate information system. These funds are assigned…

In Russia, will begin to test a new way to pay for purchases with smartphones without NFC

This summer, the Central Bank of Russia will begin testing a new method of contactless payment for purchases. Owners of absolutely all smartphones with a camera, including models without an NFC module, will be able to use it. The calculation…

Identification of messenger users

The Russian Government adopted Resolution No. 1279 of 27 October 2018 (the “Resolution”), which approved the rules for the identification of users by the organizer of the instant messaging service (the “owner of the messenger”). The document will come into…

Drivers with iPhone turned out to be more dangerous than with Android smartphones.

Zebra, which specializes in car insurance, has published statistics comparing the level of danger from drivers with smartphones on Android and iOS. More than 2,100 American driver respondents participated in the survey on distractions. According to the data, iPhone owners…

Vulnerability in Internet Explorer allows to steal files from PC to Windows.

Internet Explorer has discovered a dangerous vulnerability, XXE, that allows you to steal files from computers. XXE (XML eXternal Entity) was discovered by security researcher John page. The “hole” opens when you run the file in MHT (MHTML Web Archive)…

The government announced the future of the Internet and popular social networks

In the near future, the demand for data privacy will increase among Runet users. This opinion was expressed by Deputy Minister of digital development, communications and mass communications Alexey Volin. He also suggested that in a few years Russians may…

Partner company Facebook had stored information on 540 million users free

On Amazon servers in the public domain found a database with the data of Facebook users: ID-account numbers, names, comments and other reactions. Only 540 million records. They were gathered by the media company Cultura Colectiva. But in the open…

Roskomnadzor will spend 20 billion rubles to fight Telegram

According to a source close to the development of the project, at the moment one of the regions of the country is testing the technology of DPI (deep packet inspection), which will have to block access to the Telegram messenger,…

Facebook stored passwords of hundreds of millions of users in a simple form on the internal servers

Facebook admitted that for some time kept the user passwords in plain text on the company’s internal servers. Access was only for employees. Affected hundreds of millions of Facebook Lite accounts, tens of millions – Facebook, tens of thousands –…

Lang:
  • ru
  • en