HackDig : Dig high-quality web security articles for hacker

After hiatus, in-the-wild Mac backdoors are suddenly back

After taking a hiatus, Mac malware is suddenly back, with three newly discovered strains that have access to Web cameras, password keychains, and pretty much every other resource on an infected machine.The first one, dubbed Eleanor by researchers at antivirus provider Bitdefender, is hidden inside EasyDoc Converter, a malicious app that is, or at least was,
Publish At:2016-07-07 00:40 | Read:4847 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

Android’s full-disk encryption just got much weaker—here’s why

Privacy advocates take note: Android's full-disk encryption just got dramatically easier to defeat on devices that use chips from semiconductor maker Qualcomm, thanks to new research that reveals several methods to extract crypto keys off of a locked handset. Those methods include publicly available attack code that works against an estimated 37 percent of e
Publish At:2016-07-02 10:35 | Read:4759 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

iOS 10 beta still encrypts user data, but not the kernel

Further ReadingFBI paid at least $1.3M for zero-day to get into San Bernardino iPhoneFBI Director James Comey: "But it was, in my view, worth it."Apple has made encryption and user privacy a pillar of the iOS platform in recent years, but earlier this week, security researchers made a curious discovery: as reported by the MIT Technology Review, the operating
Publish At:2016-06-24 01:50 | Read:3151 | Comments:0 | Tags:Gear & Gadgets Infinite Loop Risk Assessment iOS 10 IOS

John Oliver explains why iPhone encryption debate is no joking matter

The FBI's legal showdown with Apple over iPhone security has spilled into just about every facet of popular culture, from endless news coverage to Congressional hearings and even to comments from President Obama. On Sunday, it got treatment from comedian John Oliver, whose weekly HBO series Last Week Tonight does a better job than most news shows covering th
Publish At:2016-03-15 08:00 | Read:2866 | Comments:0 | Tags:Gear & Gadgets Infinite Loop Law & Disorder Risk Assessment

There are ways the FBI can crack the iPhone PIN without Apple doing it for them

Apple's encryption battle Feds: New judge must force iPhone unlock, overturning ruling that favored Apple Amazon will restore Fire OS‘ encryption support in the spring What is a “lying-dormant cyber pathogen?” San Bernardino DA says it’s made up [Updated] San Bernardino DA says seized iPhone may hold “dormant cyber pathogen” [Update]
Publish At:2016-03-10 01:15 | Read:2885 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment apple fbi iphon

First Mac-targeting ransomware hits Transmission users, researchers say

Further ReadingInside CryptoWall 2.0: Ransomware, professional editionCode that switches from 32-bit to 64-bit and turns off Windows' defenses.A security research firm announced Sunday its discovery of what is believed to be the world’s first ransomware that specifically goes after OS X machines."This is the first one in the wild that is definitely functiona
Publish At:2016-03-07 00:55 | Read:3237 | Comments:0 | Tags:Infinite Loop Risk Assessment KeRanger Palo Alto Networks Tr

New attack steals secret crypto keys from Android and iOS phones

Researchers have devised an attack on Android and iOS devices that successfully steals cryptographic keys used to protect Bitcoin wallets, Apple Pay accounts, and other high-value assets.The exploit is what cryptographers call a non-invasive side-channel attack. It works against the Elliptic Curve Digital Signature Algorithm, a crypto system that's widely us
Publish At:2016-03-04 00:35 | Read:3595 | Comments:0 | Tags:Gear & Gadgets Infinite Loop Risk Assessment Technology Lab

John McAfee better prepare to eat a shoe because he doesn’t know how iPhones work

Former antivirus developer and presidential wannabe John McAfee claimed a couple of weeks ago to have the perfect solution to the FBI-Apple stand-off. He offered to crack the iPhone for the FBI for free. This would let the government agency gain access to the phone while freeing Apple from any demands to assist. So confident was McAfee of his ability to help
Publish At:2016-03-02 12:25 | Read:4228 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab apple backdoor

Largely undetected Mac malware suggests disgraced HackingTeam has returned

Researchers have uncovered what appears to be newly developed Mac malware from HackingTeam, a discovery that's prompting speculation that the disgraced malware-as-a-service provider has reemerged since last July's hack that spilled gigabytes worth of the group's private e-mail and source code.Further ReadingMassive leak reveals Hacking Team’s most private mo
Publish At:2016-03-01 00:15 | Read:2765 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

Malicious websites exploit Silverlight bug that can pwn Macs and Windows

Malicious websites are exploiting a recently fixed vulnerability in Microsoft's Silverlight application framework to perform drive-by malware attacks on vulnerable visitor devices, a security researcher has determined.Further ReadingHow a Russian hacker made $45,000 selling a 0-day Flash exploit to Hacking Team"Volume discounts are possible if you take sever
Publish At:2016-02-25 11:45 | Read:3725 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

How the FBI could use acid and lasers to access data stored on seized iPhone

Apple's encryption battle Activists plan rally on Tuesday at dozens of Apple Stores worldwide Apple CEO Tim Cook: Complying with court order is “too dangerous to do” If FBI busts into seized iPhone, it could get non-iCloud data, like Telegram chats Apple: We tried to help FBI terror probe, but someone changed iCloud password Trump ur
Publish At:2016-02-23 05:30 | Read:2556 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment Technology Lab

Encryption isn’t at stake, the FBI knows Apple already has the desired key

Apple has been served with a court order at the FBI's request, demanding that it assist the government agency with unlocking an iPhone 5C that was used by Syed Rizwan Farook. Farook and his wife, Tashfeen Malik, killed 14 and injured 24 in an attack in San Bernardino, California on December 2, 2015.In response, Apple CEO Tim Cook said that the FBI was demand
Publish At:2016-02-19 11:05 | Read:2728 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment apple encryptio

Why Tim Cook is right to call court-ordered iPhone hack a “backdoor”

Tuesday's court order compelling Apple to hack the iPhone belonging to a gunman who killed 14 people and injured 22 others has ignited an acrimonious debate. CEO Tim Cook called the order "chilling" because, he said, it requires company engineers to create the equivalent of a backdoor that could be used against any iPhone. Law enforcement officials, meanwhil
Publish At:2016-02-17 22:55 | Read:3185 | Comments:0 | Tags:Infinite Loop Law & Disorder Risk Assessment backdoors Crack

Warning: Bug in Adobe Creative Cloud deletes Mac user data without warning

Adobe Systems has stopped distributing a recently issued update to its Creative Cloud graphics service amid reports a Mac version can delete important user data without warning or permission.The deletions happen whenever Mac users log in to the Adobe service after the update has been installed, according to officials from Backblaze, a data backup service who
Publish At:2016-02-13 10:20 | Read:3252 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab Adobe Creative

“Huge” number of Mac apps vulnerable to hijacking, and a fix is elusive

Camtasia, uTorrent, and a large number of other Mac apps are susceptible to man-in-the-middle attacks that install malicious code, thanks to a vulnerability in Sparkle, the third-party software framework the apps use to receive updates.The vulnerability is the result of apps that use a vulnerable version of Sparkle along with an unencrypted HTTP channel to r
Publish At:2016-02-09 15:55 | Read:2918 | Comments:0 | Tags:Infinite Loop Risk Assessment Technology Lab apps exploits M

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud