#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

malcon | Breaking Cybersecurity News | The Hacker News

Category — malcon
Hardware based malware steals contacts from all mobile platforms using only the Audio Jack!

Hardware based malware steals contacts from all mobile platforms using only the Audio Jack!

Nov 28, 2012
Indian Security Research Atul Alex presented his surprise paper at the International Malware Conference, MalCon on what can be termed as the onset of next generation of hardware based malware that can target mobile devices irrespective of Platforms. Typically, one of the largest challenges for malware coders are to target multiple platforms. A malware for Android will not work in Windows phone, Symbian or Apple iOS, which come in way of malware coders. Also, devices such as iPhone are extremely secure and there is little that can be extracted from a locked / secure iPhone, unless they are jailbroken. Atul Alex's research abuses voice dialing feature which is enabled by default on all mobile platforms - and combines a bugged headset with a micro controller and code to steal private data. The bugged headset can also dial a pre-defined number by detecting if the device is in use or not and turn the phone into a spy device. Further, it can steal contacts from all devices -
Hackers release Windows Phone 8 Malware - to be showcased at MalCon

Hackers release Windows Phone 8 Malware - to be showcased at MalCon

Nov 10, 2012
It's be Just hours Windows Phone 8 has been released - and hackers have already dished out a malware prototype for the platform. Windows Phone 8 is the second generation of the Windows Phone mobile operating system. Windows Phone 8 Microsoft's latest in mobile OS technology - comes in as a direct competition to rivals Apple and Google. The research firm Gartner indicates that by 2016 the increase in Windows Phone users will slightly fall below Apple`s iOS users. To be showcased at the International Malware Conference, MalCon - on 24th November in India, the prototype has been created by Shantanu Gawde, who has previously created a malware that utilized the famed Xbox Kinect. Windows Phone 8 replaces its previously Windows CE-based architecture with one based on the Windows NT kernel with many components shared with Windows 8, allowing applications to be easily ported between the two platforms. While no further details of the malware are available at this point of time, it will
NIST Cybersecurity Framework (CSF) and CTEM – Better Together

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

Sep 05, 2024Threat Detection / Vulnerability Management
It's been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally tailored for Critical infrastructure, 2018's version 1.1 was designed for any organization looking to address cybersecurity risk management.  CSF is a valuable tool for organizations looking to evaluate and enhance their security posture. The framework helps security stakeholders understand and assess their current security measures, organize and prioritize actions to manage risks, and improve communication within and outside organizations using a common language. It's a comprehensive collection of guidelines, best practices, and recommendations, divided into five core functions: Identify, Protec
Android 4.2 Jelly Bean Security Improvements overview

Android 4.2 Jelly Bean Security Improvements overview

Nov 02, 2012
Google is bringing a host of new features to its Android 4.2 Jelly Bean operating system designed to increase productivity, creativity and peace of mind and some very promising security improvements including: client side malware protection, Security Enhanced Linux, and always-on VPN . Most important Security Improvements in Android 4.2 is that it now includes a service based on Bouncer that works with all apps, not just those on Google Play. For example, it can check the apps you download on the Amazon App Store, or from 3rd Party sites. Whenever user will install any app from a different source than the official market, and will scan it for any malicious code that may prove potentially harmful for your device. Other than this, Users can now control how much data apps can access and share. This is made even more secure by something called VPN lockdown that can limit the amount of information sent over a connection that may not be secure or that is shared rather than priv
cyber security

Secure Your Network: 40% Face Full Takeover Risk

websitePicus SecurityEndpoint Security / Attack Surface
Understand and address the critical risks in your network to prevent takeovers.
New windows malware can target smart cards for full remote access

New windows malware can target smart cards for full remote access

Oct 25, 2012
If you think that having a USB Token Smartcard is extremely secure for Digital signatures or other activities, you may be wrong! The research done by Paul Rascagneres can remotely give access to victims smartcard! What makes the attack unique is it uses a keylogger to get the PIN or password and exports the complete USB device in raw to a command and control server (C&C) and uses a device driver to let the attacker use the victims smartcard remotely! The attack also impacts the eID (Belgium identity card) and millions of USB Tokens for Digital Signatures in India by Directors, Secretaries and CA firms for filing returns and signing corporate documents! To be showcased at MalCon next month - we asked Paul a few questions: Does the malware infect the PC or the smartcard? - The malware infects the PC not the hardware. So the attacker can use the smartcard of the victim remotely? - Exactly, the attacker can remotely use a smartcard connected to an infected computer. What makes
Expert Insights / Articles Videos
Cybersecurity Resources