#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

Qr Code | Breaking Cybersecurity News | The Hacker News

QR Code Bug in Apple iOS 11 Could Lead You to Malicious Sites

QR Code Bug in Apple iOS 11 Could Lead You to Malicious Sites
Mar 28, 2018
A new vulnerability has been disclosed in iOS Camera App that could be exploited to redirect users to a malicious website without their knowledge. The vulnerability affects Apple's latest iOS 11 mobile operating system for iPhone, iPad, and iPod touch devices and resides in the built-in QR code reader. With iOS 11, Apple introduced a new feature that gives users ability to automatically read QR codes using their iPhone's native camera app without requiring any third-party QR code reader app. You need to open the Camera app on your iPhone or iPad and point the device at a QR code. If the code contains any URL, it will give you a notification with the link address, asking you to tap to visit it in Safari browser. However, be careful — you may not be visiting the URL displayed to you, security researcher Roman Mueller discovered . According to Mueller, the URL parser of built-in QR code reader for iOS camera app fails to detect the hostname in the URL, which allows at

QRLJacking — Hacking Technique to Hijack QR Code Based Quick Login System

QRLJacking — Hacking Technique to Hijack QR Code Based Quick Login System
Jul 28, 2016
Do you know that you can access your WeChat, Line and WhatsApp chats on your desktop as well using an entirely different, but fastest authentication system? It's SQRL , or Secure Quick Response Login, a QR-code-based authentication system that allows users to quickly sign into a website without having to memorize or type in any username or password. QR codes are two-dimensional barcodes that contain a significant amount of information such as a shared key or session cookie. A website that implements QR-code-based authentication system would display a QR code on a computer screen and anyone who wants to log-in would scan that code with a mobile phone app. Once scanned, the site would log the user in without typing in any username or password. Since passwords can be stolen using a keylogger, a man-in-the-middle (MitM) attack, or even brute force attack, QR codes have been considered secure as it randomly generates a secret code, which is never revealed to anybody else.

Windows 10 Blue Screen of Death Gets QR Code

Windows 10 Blue Screen of Death Gets QR Code
Apr 13, 2016
If you are a Microsoft's Windows user, you may have encountered the infamous Blue Screen of Death (BSOD) . The Blue Screen of Death generally appears when Windows encounters any critical error due to software or hardware issues, displaying a sad face and no information other than "Your PC ran into a problem." However, now the company is apparently giving its infamous Blue Screen of Death a makeover. With the Microsoft's Anniversary Update, the company is making the Blue Screen of Death a little helpful for its users. Microsoft is adding QR code to its Blue Screen of Death (BSOD) in Windows 10 that will make it easier for users to identify potential issues with their devices. The new QR codes are featured in the Redmond's latest Windows 10 Preview, Build 14316, which will debut this summer as the Windows 10 Anniversary Update. Must Read:   Step-by-Step Tutorial to Run Ubuntu on latest Windows 10 Preview Build . Now, when your operating

Protecting Your Organization From Insider Threats - All You Need to Know

cyber security
websiteWing SecuritySaaS Security
Get practical insights and strategies to manage inadequate offboarding and insider risks effectively.

New Guide: How to Scale Your vCISO Services Profitably

New Guide: How to Scale Your vCISO Services Profitably
May 09, 2024vCISO / Regulatory Compliance
Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A  v CISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business and bottom line. MSPs and MSSPs that expand their offerings and provide vCISO services will cater to SME requirements and concerns. By answering this market gap, they can grow their customer base as well as upsell to existing clients. This will lead to recurring revenue and increased profitability. Developing and scaling vCISO services requires a well-thought-out plan. This will help guide you through the required processes, anticipate and overcome challenges and optimize resource use. To aid you, we introduce a comprehensive and actionable  guide: "How to Scale Your vCISO Services Profitably" . The guide was developed based on the experience of industry leader  Cynom i, who has helped hun

Hacking Google Glass with QR Code to sniff user data

Hacking Google Glass with QR Code to sniff user data
Jul 17, 2013
Researchers at mobile security firm Lookout discovered a security flaw in Google Glass which allowed them to capture data without the user's knowledge, when the user merely took a photo that captured a malicious QR code. Lookout was able to force Google Glass to silently connect to a Wi-Fi access point, which let the researchers view all of the data flowing to and from the device. When combined with an Android 4.0.4 web vulnerability , the hack apparently gave researchers full control of the Glass headset. The problem was that Google Glass could be told to execute a QR code without the user having to give permission. Because of Glass's limited user interface, Google set up the device's camera to automatically process any QR code in a photograph. In a video posted on YouTube, Lookout Security described the vulnerability: " That access point in turn allowed us to spy on the connections Glass made, from web requests to images uploaded to the Cloud ." said Mar
Expert Insights
Cybersecurity Resources