Search results for black hat | Breaking Cybersecurity News | The Hacker News

Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only when the target's face is detected by the camera. To demonstrate this scenario, security researchers at IBM Research came up with DeepLocker —a new breed of "highly targeted and evasive" attack tool powered by AI," which conceals its malicious intent until it reached a specific victim. According to the IBM researcher, DeepLocker flies under the radar without being detected and "unleashes its malicious action as soon as the AI model identifies the target through indicators like facial recognition, geolocation and voice recognition." Describing it as the "sp

A number of firmware security flaws uncovered in HP's business-oriented high-end notebooks continue to be left unpatched in some devices even months after public disclosure. Binarly, which first  revealed details  of the issues at the  Black Hat USA conference  in mid-August 2022, said the vulnerabilities "can't be detected by firmware integrity monitoring systems due to limitations of the Trusted Platform Module (TPM) measurement." Firmware flaws can have serious implications as they can be abused by an adversary to achieve long-term persistence on a device in a manner that can survive reboots and evade traditional operating system-level security protections. The high-severity weaknesses identified by Binarly affect HP EliteBook devices and concern a case of memory corruption in the System Management Mode (SMM) of the firmware, thereby enabling the execution of arbitrary code with the highest privileges - CVE-2022-23930  (CVSS score: 8.2) - Stack-based buffer

Almost a year ago, at the ' Hack In The Box ' security summit in Amsterdam, a security researcher at N.Runs and a commercial airline pilot, Hugo Teso presented a demonstration that it's possible to take control of aircraft flight systems and communications using an Android smartphone and some specialized attack code. Quite similar to the previous one, a security researcher claims to have devised a method that can give cyber criminals access to the satellite communications equipment on passenger jets through their WiFi and in-flight entertainment systems. Cyber security expert Ruben Santamarta, a consultant with cyber security firm IOActive , will unveil his research and all the technical details this week at a major Las Vegas hacker convention, Black Hat conference, showing How commercial airliner satellite communication systems can also be compromised by hackers, along with the evidence of satellite communications system vulnerabilities that questions the standards th

Indian embassy websites in seven different countries have been hacked, and attackers have leaked personal data, including full name, residential address, email address, passport number and phone number, of Indian citizens living abroad. This incident is extremely worrying because it involves diplomatic personnel working in the embassies that have always been a favorite target of state-sponsored hackers launching cyber espionage campaigns. Security pen-testers who go by the name Kapustkiy and Kasimierz have claimed responsibility for the hack and told The Hacker News that the reason behind the hack was to force administrators to consider the cyber security of their websites seriously. In Pastebin link shared on their Twitter account , the hackers claimed to have hijacked Indian Embassy websites in Switzerland, Italy, Romania, Mali, South Africa, Libya, and Malawi and leaked personal details of hundreds of Indians, including students studying abroad. The pair exploited a si

Security researchers have developed a Flying Drone with a custom-made tracking tool capable of sniffing out data from the devices connected to the Internet – better known as the Internet-of-things. Under its Internet of Things Map Project , a team of security researchers at the Texas-based firm Praetorian wanted to create a searchable database that will be the Shodan search engine for SCADA devices. Located More Than 1600+ Devices Using Drone To make it possible, the researchers devised a drone with their custom built connected-device tracking appliance and flew it over Austin, Texas in real time. During an 18 minute flight, the drone found nearly 1,600 Internet-connected devices , of which 453 IoT devices are made by Sony and 110 by Philips. You can see the full Austin map here . How did They locate Internet of Things Devices? The researchers located all ZigBee-enabled smart devices and networks and then started expanding their research. "When [I

At Black Hat security conference this year Cody Brocious demonstrated that How a simple Dry erase marker allows him to open an Onity hotel room door lock with an Arduino, which is totally James Bond. This is just kind of scary on multiple levels, the least being that dry erase markers are one of the most ordinary, non-suspicious objects we can think of. Watch the video below and be afraid – be very afraid. It has been refined to such a state where there are no dangling bits that come out of the marker, with a tip that looks totally normal sans any wires. All you need to do is touch the tip of the market to the door port, and you would have gained entry without mentioning a secret password. The story didn't stop there with Onity, the electronic door specialist in question, stepping in to introduce several measures to secure the doors. Brocious created a proof-of-concept device to show to security experts and press, but it was a bit crude. In order to build and test all of this yoursel

Pebble, a wristwatch that can connect to your phone - both iOS and Android - and interact with apps, has a hard-coded vulnerability that allows a remote attacker to destroy your Smartwatch completely. Pebble Smartwatch , developed and released by Pebble Technology Corporation in 2013, is considered as one of the most popular SmartWatches that had become the most funded project in the history of Kickstarter. Just two hours after its crowd-funding campaign launched, Pebble had already surpassed its $100,000 goal and at last had reached over $10.25 million pledged by nearly 70,000 Kickstarter backers. A security enthusiast Hemanth Joseph  claimed to have found that his Pebble SmartWatch with the latest v2.4.1 Firmware can be remotely exploited by anyone with no technical knowledge in order to delete all data stored in the device, apps, notes, and other information stored in it. HOW PEBBLE SMARTWATCH WORKS Before proceeding towards how he did this, let me explain how Peb

Android Bloatware , Another Serious Android Privacy Issue Researchers have found that some Android smartphones are more vulnerable to attacks than others, thanks to add-on software and skins that get installed by handset makers before they ship their smartphones to subscribers. It's not just Carrier IQ that Android users need to be worried about. A team of researchers from North Carolina State University discovered the security vulnerability on eight different smartphones from Google, HTC, Motorola and Samsung. Black hat hacker can exploit these vulnerabilities to record phone calls (see proof of concept video below), wipe out your phone, call or text premium rate numbers, and read your private messages and emails, all without your permission, of course. According to the paper published by the team. " Our results with eight phone images show that among 13 privileged permissions examined so far, 11 were leaked, with individual phones leaking up to eight permissions. By exploi

Back in june this year, Google announced an alpha Google Chrome extension called " End-to-End " for sending and receiving emails securely, in wake of former NSA contractor Edward Snowden's revelations about the global surveillance conducted by the government law-enforcements. Finally, the company has announced that it made the source code for its End-to-End Chrome extension open source via GitHub . Google is developing a user-friendly tool for individuals to implement the tough encryption standard known as Pretty Good Privacy (PGP) in an attempt to fully encrypt people's Gmail messages that can't even be read by Google itself, nor anyone else other than the users exchanging the emails. PGP is an open source end-to-end encryption standard for almost 20 years, used to encrypt e-mail over the Internet providing cryptographic privacy and authentication for data communication, which makes it very difficult to break. But implementing PGP is too complicated for m

Offline Windows Analysis and Data Extraction (OWADE) - Forensics tool to expose all your online activity Researchers " Elie Bursztein " from Stanford University in California have managed to bypass the encryption on a PC's hard drive to find out what websites a user has visited and whether they have any data stored in the cloud. " Commercial forensic software concentrates on extracting files from a disc, but that's not super-helpful in understanding online activity ," says Elie Bursztein, whose team developed the software. " We've built a tool that can reconstruct where the user has been online, and what identity they used. " The open-source software, Offline Windows Analysis and Data Extraction (OWADE), was launched at the Black Hat 2011 security conference and works with PCs running on the Windows operating system. OWADE is in alpha version and is only available by checking out the code directly as we update it very frequently. Note th

Recently, two European countries, France and Germany, have declared war against encryption with an objective to force major technology companies to built encryption backdoors in their secure messaging services. However, another neighborhood country, Netherlands, is proactively taking down cyber criminals, but do you know how? Dutch Police has seized two servers belonging to Virtual Private Network (VPN) provider Perfect Privacy , as part of an investigation, without even providing any reason for seizures. Switzerland-based VPN provider said they came to know about the servers seizure from I3D, the company that provides server hosting across Rotterdam. For those unfamiliar, Virtual Private Networks or VPNs are easy security and privacy tools that route your Internet traffic through a distant connection, protecting your browsing, hiding your location data and accessing restricted resources. VPNs have now become a great tool not just for large companies, but also for individual

An "aggressive" advanced persistent threat (APT) group known as SideWinder has been linked to over 1,000 new attacks since April 2020. "Some of the main characteristics of this threat actor that make it stand out among the others, are the sheer number, high frequency and persistence of their attacks and the large collection of encrypted and obfuscated malicious components used in their operations," cybersecurity firm Kaspersky  said  in a report that was presented at Black Hat Asia this month. SideWinder , also called Rattlesnake or T-APT-04, is said to have been active since at least 2012 with a  track record  of targeting military, defense, aviation, IT companies, and legal firms in Central Asian countries such as Afghanistan, Bangladesh, Nepal, and Pakistan. Kaspersky's APT trends report for Q1 2022  published  late last month revealed that the threat actor is actively expanding the geography of its targets beyond its traditional victim profile to other

Once again USB has come up as a major threat to a vast number of users who use USB drives – including USB sticks and keyboards. Security researchers have released a bunch of hacking tools that can be used to convert USB drive into silent malware installer. This vulnerability has come about to be known as " BadUSB ", whose source code has been published by the researchers on the open source code hosting website Github , demanding manufacturers either to beef up protections for USB flash drive firmware and fix the problem or leave hundreds of millions of users vulnerable to the attack. The code released by researchers Adam Caudill and Brandon Wilson has capability to spread itself by hiding in the firmware meant to control the ways in which USB devices connect to computers. The hack utilizes the security flaw in the USB that allows an attacker to insert malicious code into their firmware. But Wait! What this means is that this critical vulnerability is now ava

Bleeding Life 2 Exploit Pack Released Black Hat Academy releases Bleeding Life 2 exploit pack. This is an exploit pack that affects Windows-based web browsers via Adobe and Java. You can read all about it, and download it for yourself. Statistics are kept based on exploit, browser, and OS version. Exploits Adobe CVE-2008-2992 CVE-2010-1297 CVE-2010-2884 CVE-2010-0188 Java CVE-2010-0842 CVE-2010-3552 Signed Applet Features Advanced Statistical Information Stylish Progress Bars Full User-Friendly Admin Panel Referer Stats Secure Panel - Login/Logout Ability To Set and Save Passwords On Panel Ability To Allow Guest Access - Guest Can Only View Stats Page, Clicking and Other Pages Disabled. Ability To Add and/or Remove Exploits Used Ability To Add Scan4You Credentials For Built-In Scanner Use Ability To Filter Browsers Ability To Filter Operating Systems Attempt To Detect and Filter HTTP Proxies Ability To Blacklist by IP/Range Ability To Import Blacklist On Pan

A team of security researchers has discovered a new malware evasion technique that could help malware authors defeat most of the modern antivirus solutions and forensic tools. Dubbed Process Doppelgänging , the new fileless code injection technique takes advantage of a built-in Windows function and an undocumented implementation of Windows process loader. Ensilo security researchers Tal Liberman and Eugene Kogan, who discovered the Process Doppelgänging attack, presented their findings today at Black Hat 2017 Security conference held in London. Process Doppelgänging Works on All Windows Versions Apparently, Process Doppelgänging attack works on all modern versions of Microsoft Windows operating system, starting from Windows Vista to the latest version of Windows 10. Tal Liberman, the head of the research team at enSilo, told The Hacker New that this malware evasion technique is similar to Process Hollowing—a method first introduced years ago by attackers to defeat the m

How much does your privacy cost? It will soon be sold for half a Million US dollars. A controversial company specialises in acquiring and reselling zero-day exploits is ready to pay up to US$500,000 for working zero-day vulnerabilities targeting popular secure messenger applications, such as Signal, Telegram and WhatsApp. Zerodium announced a new pricing structure on Wednesday, paying out $500,000 for fully functional remote code execution (RCE) and local privilege escalation (LPE) vulnerabilities in Signal, WhatsApp, iMessage, Viber, Facebook Messenger, WeChat, and Telegram. The payouts for all these secure messengers have been increased after tech companies introduced end-to-end encryption in their apps, making it more difficult for anyone to compromise their messaging platforms. The same payout is offered for remote code execution and local privilege escalation security flaws in default mobile email applications. Launched in 2015, Zerodium is a Washington, DC-based p

A researcher has demonstrated how easy it is to steal high-end drones, commonly deployed by government agencies and police forces, from 2 kilometres away with the help of less than $40 worth of hardware . The attack was developed by IBM security researcher Nils Rodday, who recently presented his findings at Black Hat Asia 2016. Hacking the $28,463 Drone with Less than $40 of Hardware Rodday explained how security vulnerabilities in a drone's radio connection could leverage an attacker ( with some basic knowledge of radio communications ) to hijack the US$28,463 quadcopters with less than $40 of hardware. Rodday discovered ( PPT ) two security flaws in the tested drone that gave him the ability to hack the device in seconds. First, the connection between drone's controller module, known as telemetry box, and a user's tablet uses extremely vulnerable ' WEP ' ( Wired-Equivalent Privacy ) encryption – a protocol long known to be 'crackable in sec

Recent disclosures by whistleblower Edward Snowden claiming that internet traffic is being intercepted and used by the Americans in their war on terror, force to re-think about the user's privacy and online anonymity. It has been relatively common knowledge for years that wherever we go on the web, we leave clear tracks, so it shouldn't really have come as much of a surprise to discover this has been going on. The best thing you can do to stay anonymous online is to hide your IP address . If someone knows your IP address, it is the easiest way to trace your online activity back to you and they can easily determine the geographic location of the server that hosts that address and get a rough idea of where you're located. TOR is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Browsing with TOR is a lot like simultaneously using hundreds of different proxies that are randomized periodically.