Brinker International (the parent company of the Chili's restaurant chain) formally announced that on May 11, they discovered malware on an undisclosed number of their point of sales terminals. Details are sketchy at this point, because the investigation is still ongoing, but the company had the following to say about the incident: "If you used your payment card at a Chili's restaurant between March and April 2018, it does not mean you were affected by this incident. However, out of an … Read more
Vega Stealer Malware Goes After Your Saved Credentials
There's a new security threat to be worried about, and security professionals are warning that it could be very bad indeed. The new malware is known as the "Vega Stealer," and is currently being used in a relatively simplistic phishing campaign designed to harvest financial data that has been saved in both Google Chrome and Firefox browsers. Unfortunately, based on an analysis of the code, it could be a much more serious threat. Vega Stealer isn't 100 percent original work, but rather, is a … Read more
Your Kids’ Personal Info May Have Been Compromised
An identity threat company called 4iQ has recently published a report called "Identities in the Wild: The Tsunami of Breached Identities Continues." Unfortunately, the information in the report contains all bad news. Some of the details are simply confirmations of things we already knew, and some are shocking statistics that will leave you feeling dismayed. For instance: Cybercriminals and hackers are getting increasingly sophisticated - This isn't new, but it's even worse than that. … Read more
Some VW and Audi Cars May Be Hacked Through WiFi
Thanks to researchers Daan Keuper and Thijs Alkemade (who work at the Dutch cyber-security firm Computest), newly produced Golf GTE and Audi A3 vehicles are a little bit safer, and a lot less vulnerable to remote hacks. The duo found that by taking advantage of these vehicles' WiFi connection, they could access the cars' IVI, (in-vehicle infotainment system) and from there, gain access to other systems as well. The researchers had this to say about their work: "Under certain conditions, … Read more
Use Caution Traveling, Hackers Now Have Keys To Hotel Rooms
Score one for the good guys, but with hesitation. Unfortunately, in today's fast-moving digital world, even a victory doesn't mean the end of a problem. Recently, a pair of researchers (Tomi Tuominen and Timo Hirvonen of F-Secure) released information about a new hack they had discovered. It takes advantage of a critical security flaw in the magnetic VingCard locking systems used in hotel chains around the world. This particular system produced by Assa Abloy is deployed in more than 42,000 … Read more
Hackers Can Use PDF Files To Access Windows Credentials
Security researcher Assaf Baharav from Check Point Security has discovered a new twist on an old, fairly well-known attack. He was able to essentially "weaponize" PDFs to steal Windows credentials stored in NTLM hashes. Unfortunately, no action other than simply opening the PDF is required for the hacker to gain access to the information. Baharav used the same methodology that hackers have used in the past, which amounts to instantiating SMB requests from inside the document. Hackers have … Read more
WiFi Sync on iOS Vulnerable To TrustJacking
Owners of Apple devices have a new attack vector to worry about, called "TrustJacking." Symantec researchers recently stumbled across a pair of scenarios that take advantage of Wi-Fi syncing of various Apple devices. These are scenarios that also take advantage of the trust users have in the security of their own devices, allowing hackers to take complete control over those devices. The flaw is a consequence of the way that iTunes Wi-Fi Sync is designed. The vulnerability manifests when a … Read more
Researchers Find Major Vulnerabilities In Banking Apps
Do you do your banking online? If so, there's bad news in the form of a report recently released by the security firm "Positive Technologies." The company tested a variety of websites using a proprietary tool they developed in-house, which scans websites for security flaws. While flaws were found across a wide range of industries, literally every banking site Positive Technologies tested was found to have serious security flaws. The particulars varied from one bank to the next, but the … Read more
Major Server Ring Distributing Malware Taken Down
Score one for the good guys. A researcher from BrilliantIT was recently able to figure out how infected computers would connect to EITest's command and control server, and using that information, was able to bring down their entire network. If you haven't heard of EITest before, the true significance of that statement might not be registering. EITest first appeared in 2011. In its original incarnation, it was little more than an annoyance. It was a collection of compromised servers used … Read more
Hacked Routers Being Used To Spread Malware
Beware of compromised routers spreading malware. This is according to both Kaspersky Labs and a recently released government report. Using hacked routers to spread malware is nothing new. Security insiders have known about it for years. However, since 2008, the number of instances where routers are being used to push malicious code has been steadily increasing. Researchers are observing marked increases in their use by APTs (Advanced Persistent Threat) around the world. APTs are nothing … Read more
