Search results for hack change time on phone | Breaking Cybersecurity News | The Hacker News

A new Android malware has been making waves recently that have the capability to gain root access on your smartphone and completely erase your phone's storag e. Dubbed Mazar BOT , the serious malware program is loaded with so many hidden capabilities that security researchers are calling it a dangerous malware that can turn your smartphone into a zombie inside hacker's botnet. Mazar BOT was discovered by Heimdal Security while the researchers at the firm were analyzing an SMS message sent to random mobile numbers and locations. How Mazar BOT Works Despite other Android malware that distributes itself by tricking users into installing an app from third-party app stores, Mazar spreads via a spam SMS or MMS messages that carry a link to a malicious APK (Android app file). Once the user clicks the given link, he/she'll be ending up downloading the APK file on their Android devices, which when run, prompts the user to install a new application. This ...

Earlier last year, security researchers from Google's Project Zero outlined a way to hijack the computers running Linux by abusing a design flaw in the memory and gaining higher kernel privileges on the system. Now, the same previously found designing weakness has been exploited to gain unfettered "root" access to millions of Android smartphones, allowing potentially anyone to take control of affected devices. Researchers in the VUSec Lab at Vrije Universiteit Amsterdam have discovered a vulnerability that targets a device's dynamic random access memory (DRAM) using an attack called Rowhammer . Although we are already aware of the Rowhammer attack , this is the very first time when researchers have successfully used this attack to target mobile devices. What is DRAM Rowhammer Attack? The Rowhammer attack against mobile devices is equally dangerous because it potentially puts all critical data on millions of Android phones at risk, at least until a secu...

For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely. Dubbed GLitch , the proof-of-concept technique is a new addition to the Rowhammer attack series which leverages embedded graphics processing units (GPUs) to carry out a Rowhammer attack against Android smartphones. Rowhammer is a problem with recent generation dynamic random access memory (DRAM) chips in which repeatedly accessing a row of memory can cause "bit flipping" in an adjacent row, allowing anyone to change the value of contents stored in computer memory. Known since at least 2012, the issue was first exploited by Google's Project Zero researchers in early 2015, when they pulled off remote Rowhammer attacks on computers running Windows and Linux. Last year, a team of researchers in the VUSec Lab at Vrije Universiteit Amsterdam demonstrated that the Rowhammer technique could ...

" Choose a job you love, and you will never have to work a day in your life " said Confucius. These would be the words that describe Marius Corîci the most. In 2003 he started doing business in the plumbing industry and co-founded ITS Group, a franchise for Romstal Company, the biggest plumbing installations retailer from South-Eastern Europe. In 2007 he moved into Artificial Intelligence field and founded Intelligentics, a group for Natural Language Processing. Now, he is very focused on infosec and got involved in all the biggest independent security projects in Romania: S3ntinel , Hack Me If You Can , Hack a Server and DefCamp . Marius considers himself a serial entrepreneur and is very passionate about Artificial Intelligence. Never a quitter, always a perfectionist, looking for challenges that will change the world we live in. He believes in people and the power of great teams, and he intends to start blogging in the near future. What determined you to shift your attention towar...

Researchers have discovered a new attack, dubbed 'Cloak and Dagger', that works against all versions of Android, up to version 7.1.2. Cloak and Dagger attack allows hackers to silently take full control of your device and steal private data, including keystrokes, chats, device PIN, online account passwords, OTP passcode, and contacts. What's interesting about Cloak and Dagger attack? The attack doesn't exploit any vulnerability in Android ecosystem; instead, it abuses a pair of legitimate app permissions that is being widely used in popular applications to access certain features on an Android device. Researchers at Georgia Institute of Technology have discovered this attack, who successfully performed it on 20 people and none of them were able to detect any malicious activity. Cloak and Dagger attacks utilise two basic Android permissions: SYSTEM_ALERT_WINDOW ("draw on top") BIND_ACCESSIBILITY_SERVICE ("a11y") The first permissi...

SMS-based Two-Factor Authentication (2FA) has been declared insecure and soon it might be a thing of the past. Two-Factor Authentication or 2FA adds an extra step of entering a random passcode sent to you via an SMS or call when you log in to your account as an added layer of protection. For example, if you have 2FA enabled on Gmail, the platform will send a six-digit passcode to your mobile phone every time you sign in to your account. But, the US National Institute of Standards and Technology (NIST) has released a new draft of its Digital Authentication Guideline that says SMS-based two-factor authentication should be banned in future due to security concerns. Here's what the relevant paragraph of the latest DAG draft reads: "If the out of band verification is to be made using an SMS message on a public mobile telephone network, the verifier SHALL verify that the pre-registered telephone number being used is actually associated with a mobile network and not wi...

Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management (MDM) protocol—a type of security software used by large enterprises to control and enforce policies on devices being used their employees—to contol and deploy malicious applications remotely. Exploiting Apple MDM Service to Remotely Control Devices To enroll an iOS device into the MDM requires a user to manually install enterprise development certificate, which enterprises obtained through the Apple Developer Enterprise Program. Companies can deliver MDM configuration file through email or a webpage for over-the-air enrollment service using Apple Configurator. Once a user installs it, the service allows the company administrators to remotely control the device, install/remove apps, in...

The arrest is the first major outcome since TalkTalk – the biggest phone and broadband provider in the UK with more than 4 Million customers – had suffered a serious data breach. The Police Service of Northern Ireland (PSNI) and the investigating officers from the Metropolitan police's cyber crime unit (MPCCU) have arrested a 15-year-old boy in connection with the latest cyber attack on TalkTalk . The press release issued by the police said the boy was detained in County Antrim at about 4.20pm on Monday on suspicion of committing offences under the Computer Misuse Act. The Computer Misuse Act 1990 is an act of the Parliament of the United Kingdom, according to which any computer misuse offences like: Unauthorised access to computer material. Unauthorised access with the intent to commit further offences. Unauthorised acts with the intent to impair, or with recklessness as to impairing, operation of the computers, and other electronic devices. ...Are consi...

How to Hack a Facebook Account? That's possibly the most frequently asked question on the Internet today. Though the solution is hard to find, a white hat hacker has just proven how easy it is to hack multiple Facebook accounts with some basic computer skills. Your Facebook account can be hacked, no matter how strong your password is or how much extra security measures you have taken. No joke! Gurkirat Singh from California recently discovered a loophole in Facebook's password reset mechanism that could have given hackers complete access to the victim's Facebook account, allowing them to view message conversations and payment card details, post anything and do whatever the real account holder can. The attack vector is simple, though the execution is quite difficult. The issue, Gurkirat ( @GurkiratSpeca ) says, actually resides in the way Facebook allows you to reset your password. The social network uses an algorithm that generates a random 6-digit passcode ‒ ...

Stratfor hacked by Anonymous Hackers for #AntiSec Stratfor who provides strategic intelligence on global business, economic, security and geopolitical affairs just now has been defaced by Anonymous Group of Hackers. Mirror of Hack is available here . Lulzsec Leader, SABU tweeted that " Over 90,000 Credit cards from LEA, journalists, intelligence community and whitehats leaked and used for over a million dollars in donations ". Private Clients List of Stratfor is also leaked on a Pastebin note. For all this clients have been exposed sensible information including credit cards (which supposedly have been used to make $1 million in "donations"), as well as over 200 GB of email correspondence. As a result of this incident the operation of Stratfor's servers and email have been suspended. Anonymous has now exposed two lists of credit card details belonging to people who have subscribed to STRATFOR services, the first one containing 3956 card details and the second one...