communication hacked | Breaking Cybersecurity News | The Hacker News

Apple has removed several apps from its official iOS App Store that have the ability to compromise encrypted connections between the servers and the end-users. Apple has officially said: We have removed a "few" apps from the iOS App Store that could install root certificates and allow monitoring your data. It's like- they have analyzed and admitted that they lacked in the auditing of the App Store hosted Apps. The company is also advising its users to uninstall the malicious apps from their iPhones, iPads and iPods in order to prevent themselves from monitoring, though it has yet to name the offending apps. App Store Apps Spy on Encrypted Traffic The challenge that stood before Apple was, they discovered that "few" of the Apps in the iOS App Store were capable of spying on the users by compromising SSL/TLS security solutions of their online communication. Root certificates are the fundamental part of how encrypted connections like HTT...

Belgacom , the largest telecommunications company in Belgium today announced that their IT Systems were hacked and infected with an unknown Malware . In order to eliminate that virus effectively, they clean up the entire system. The company also highlights that they have no indication of any impact on their telecommunication services, customer and employee data. According to the complexity of the malware, it appears to be the work of a state-sponsored entity. Belgacom which handles some of the undersea cables that carry voice and data traffic around the world, so the NSA or Britain's GCHQ could be behind the intrusion. That traffic would be a likely target for an attacker. The attack reportedly affected a few dozen machines on Belgacom's network, including some servers and the intrusion had been active for as long as two years by the time the Belgian company discovered it. Hacked data might help intelligence agencies to gather data on communications coming fr...

The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider's storage security controls and default settings. "In just the past few months, I have witnessed two different methods for executing a ransomware attack using nothing but legitimate cloud security features," warns Brandon Evans, security consultant and SANS Certified Instructor. Halcyon disclosed an attack campaign that leveraged one of Amazon S3's native encryption mechanisms, SSE-C, to encrypt each of the target buckets. A few months prior, security consultant Chris Farris demonstrated how attackers could perform a similar attack using a different AWS security feature, KMS keys with external key material, using simple scripts generated by ChatGPT. "Clearly, this topic is top-of-mind for both threat actors and ...