Hacking, Security & Privacy - Page 13

Swiss cyber-security company Modzero discovered some worrying security flaws in certain HP laptops and made them public.

According to their report, some HP laptops come with an audio driver that includes a feature which would be best described as a keylogger. This feature records all the user's keystrokes and saves the information into a local file, which is accessible to third-party software or malware.

The keylogger feature was discovered in the Conexant HD Audio Driver Package version 1.0.0.46 and earlier. The audio driver in question is preinstalled on the HP laptops.

Bose are one of the biggest high-end audio companies in the world, a brand that has trust associated with it - but, were we foolish to think so? According to a new lawsuit filed by Kyle Zak in Chicago, Bose's current $350 wireless headphones are spying on you.

The headphones in question require an app to "get the most" out of them, but the app monitors everything you listen to - including the names of the podcasts, the music, videos, and more. It then sends all of that information back to Bose, according to Zak's claim and lawsuit. According to Christopher Dore, Zak's lawyer: "People should be uncomfortable with it. People put headphones on their head because they think it's private, but they can be giving out information they don't want to share".

According to Reuters: "Zak is seeking millions of dollars of damages for buyers of headphones and speakers, including QuietComfort 35, QuietControl 30, SoundLink Around-Ear Wireless Headphones II, SoundLink Color II, SoundSport Wireless and SoundSport Pulse Wireless". Not just that, but Zak also "wants a halt to the data collection, which he said violates the federal Wiretap Act and Illinois laws against eavesdropping and consumer fraud", Reuters reports.

We all know the NSA has the tools to spy on virtually everyone, but now hacking group Shadow Brokers has released a data dump that has allegedly come from the NSA, which details that the US spy agency can hack international banks - and more important,yl the SWIFT network through Windows PCs and servers that are used during global financial transfers.

What is the SWIFT? It's used by banks as a security measure for fraud, as it's used to validate ones back account - and vica versa. There are trillions of dollars per day that get transferred through SWIFT, with over 11,000 banks and securities organizations in over 200 countries using SWIFT. The NSA allegedly claimed in its now hacked and released article that the "box has been implanted and we are collecting", which Wired explains as the "jargon used by the NSA to indicate spyware has been successfully implanted on a computer".

Security researcher Matt Suiche said that the IP addresses that are next to the financial institutation in the documents do not line up with the real IP addresses of the machines at the institutions. The IP addresses that were listed were to machines at EastNets, which is the largest SWIFT branch in the Middle East, which manages all of the payments for financial clients. Suiche explains: "This is the equivalent of hacking all the banks in the region without having to hack them individually".

So, it looks like most of Apple's products are bugged by the CIA - if the latest claims from WikiLeaks are to be believed. The new "Dark Matter" release from "Vault 7" has documentation for "several CIA projects that infect Apple Mac firmware (meaning the infection persists even if the operating system is re-installed) developed by the CIA's Embedded Development Branch (EDB). These documents explain the techniques used by CIA to gain 'persistence' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware".

WikiLeaks has exposed the interestingly named "Sonic Screwdriver" project, something that CIA calls a "mechanism for executing code on peripheral devices while a Mac laptop or desktop is booting". This hack provides its attacker, so in this case the CIA, to deploy its attack software from a USB flash drive - and scarily "even when a firmware password is enabled".

The CIA's "Sonic Screwdriver" infector is reportedly stored on the modified firmware of an Apple Thunderbolt-to-Ethernet adapter, says WIkiLeaks.

Yahoo has confirmed that over 1 billion user accounts have been compromised, with the breach dating back to August 2013.

The stolen user data includes names, email addresses, phone numbers, dates of birth, hashed passwords, and even unencrypted security questions. Thankfully, financial information such as bank account and credit card data is held in a different server, with Yahoo saying that server was not affected - hopefully.

The company is now in the process of notifying all affected users, asking them to change their passwords - but as for the unencrypted security questions, Yahoo has invalidated them. It was only back in September that we reported over 500 million Yahoo account details were leaked in a breach in 2014, with forensic experts stating that the two hacks aren't related.

The US Navy has waited until Thanksgiving to announce news that one of their employees had their laptop "compromised", with personal data of 130,000 sailors being stolen, back on October 27.

Chief of Naval Personnel Vice Admiral Robert Burke said in the US Navy's press release: "The Navy takes this incident extremely seriously - this is a matter of trust for our Sailors. We are in the early stages of investigating and are working quickly to identify and take care of those affected by this breach".

The Navy continued in its press release: "For those affected by this incident, the Navy is working to provide further details on what happened, and is reviewing credit monitoring service options for affected Sailors".

Qualcomm announced they are launching a vulnerability rewards program (also known as a bounty) designed to expand their collaboration with invited white hat hackers. The company firmly believes that these type of hackers will help to improve the security of their Snapdragon family and LTE modems by finding the vulnerabilities and then reporting them to Qualcomm to fix.

The program is the first of its kind to be announced by a major silicon vendor. The program will be administered in collaboration with vulnerability coordination platform HackerOne. This also takes Qualcomm another step towards becoming one of the most secure silicon vendors in the industry.

Qualcomm says that they will offer up to $15,000 per vulnerability. By comparison, Google has numerous vulnerability bounties that range from $500 to $20,000. Apple, on the other hand offers up to $200,000 per vulnerability discovered on its devices.

Tens of millions of IP addresses were used to take down popular websites like Twitter, Spotify and Netflix on Friday by so far unknown sources. The DDoS attack on the DynDNS started on Friday morning, but the service was restored around 9:30 AM ET. However, around Friday noon, another attack began. Service was restored at approximately 1:00 PM ET same day, but many users had reported they had issues with certain websites.

Dyn reported there was an attempt of a third attack wave, but the were able to successfully mitigate it without customer impact.

Dyn issued a statement saying they are continuing their investigation.

Twitter, Spotify, Amazon, Netflix, Reddit, Etsy and many other popular websites went offline earlier today due to a massive cyber attack on the DynDNS, a world renowned Domain Name Servers (DNS) service provider.

Dyn issued a statement acknowledging the attack.

The Belgian Big Brother Awards 2016 yesterday unanimously granted the title of 'ultimate privacy villain of the year' to Facebook, as decided by the public and a professional jury.

"We nominated Facebook for the award because their default settings are noxious for privacy," explained Joe McNamee, Executive Director of European Digital Rights. He later remarked, "Facebook is a multi-billion dollar company that has one commodity - you!"

Digital rights and freedoms association EDRi describes Facebook as having "access to a wide range of personal data, and it tracks your movements across the web, whether you are logged in or not."

It shouldn't be surprising - but it really is, that Yahoo secretly build a custom software program to search through all of its users' incoming emails for information - all on behalf of the US intelligence sector. Yeah... Yahoo spied on your emails, before you had even read them, for the NSA, according to sources of Reuters.

Yahoo complied with classified US government demand, scanning hundreds of millions of Yahoo Mail accounts "at the behest of the National Security Agency or FBI, said three former employees and a fourth person apprised of the events", reports Reuters. The site continues: "Some surveillance experts said this represents the first case to surface of a U.S. Internet company agreeing to an intelligence agency's request by searching all arriving messages, as opposed to examining stored messages or scanning a small number of accounts in real-time".

Yahoo boss Marissa Mayer gave the order, which pissed some senior executives off to the point that in June 2015, Chief Information Security Officer Alex Stamos, left the company, joining Facebook. Yahoo said to Reuters: "Yahoo is a law abiding company, and complies with the laws of the United States". Yeah Yahoo, you sure are - a snitching little traitor (my words).

Tens of thousands of cyber attacks occur every second, but it's hard to imagine and visualize the number of attacks. Norse, a company from California that provides intelligence to many different companies, has created an interactive map where users can watch the cyber attacks in real-time.

The attacks are shown with colored lines that connect the source and the target of the attack. Norse tracks these attacks with the help of more than 8 million sensors located in 47 different countries.

The map looks really impressive, but also worrisome considering how much of our personal information and financial records are stored online.

French digital security company Oberthur Technologies has developed a revolutionary new bank card that should make it very difficult for fraudsters to do any damage to your account. Called Motion Code, the technology sees that three digit PIN on the back of your card change every hour for three years, meaning anyone who steals your card or acquires the digits will have minimal time to spend your money.

Most fraud occurs hours or days after cards are stolen, but no doubt the criminals will catch on and spend the money quicker upon recognizing a Motion Code card.

The downside is added difficulty in using your card remotely: no longer will you be able to memorize the PIN and use it regardless of whether you have your card on you or not. But for most, it's likely well worth it.

Germany's privacy regulatory body has taken issue with Facebook collecting WhatsApp user data, ordering the company to delete the data and cease the practice, calling it "an infringement of national data protection law."

"It has to be [the user's] decision, whether they want to connect their account with Facebook," says Hamburg data protection commissioner Johnnes Caspar. "Therefore, Facebook has to ask for their permission in advance. This has not happened."

Germany -- which boasts 35 million WhatsApp users -- isn't the only European country to take issue with Facebook's approach: France and Britain have both done so, with the former stating it would monitor the situation "with great vigilance."

Does your PC or laptop have a front-facing webcam? Put tape over it immediately, and treat it like locking your doors or setting up an alarm system, says FBI boss James Comey.

During the Center for Strategic and International Studies conference, Comey said: "There's some sensible things you should be doing and that's one of them. You go into any government office and we all have the little camera things that sit on top of the screen. They all have a little lid that closes down on them. You do that so that people who don't have authority don't look at you. I think that's a good thing".

We shouldn't be surprised of this warning, as Facebook CEO and founder Mark Zuckerberg was pictured with the camera on his laptop taped over. Comey has also admitted that he uses tape on his webcam.

Edward Snowden has leaked out some new information about the NSA having a spy base in the UK that has been intercepting satellite and other wireless communications around the world.

The base is Snowden has revealed is the Menwith Hill Station (MHS) in North Yorkshire, a 545-acre base that fronts as the Royal Air Force facility that is capable of "rapid radio relay and conduct communications research". The base had seen protestors, journalists and even terrorists interested, and now Snowden's new leak details what is happening at the base.

In a report by The Intercept, the NSA has been intercepting international communications from the base in two ways: the first is FORNSAT. FORNSAT uses the huge golf ball-shaped domes with powerful antennae to intercept transmissions between foreign satellites. The second method is called OVERHEAD, which has US government satellites finding, and monitoring smartphone calls and Wi-Fi signals on the ground.

WhatsApp gets cozier with parent company Facebook today as it updates its privacy policy as part of a long-term plan. At some point in the months ahead, the company will begin sharing its user data with the social media giant for monetization and feature purposes. If you'd like to (mostly) opt out, follow these instructions.

Feature-wise, agreeing to the new terms will mean notifications from other services you use, like your bank when a fraudulent transaction comes up, or your airline when a flight is delayed. It also means better friend suggestions and more relevant advertising.

A hacker named Peace has their hands-on the login credentials of 200 million Yahoo accounts, throwing them onto a dark web marketplace 'The Real Deal' for just three Bitcoins, or around $1800 USD.

Yahoo said in a statement to Motherboard that they "are aware of a claim" that Yahoo login credentials were on The Real Deal, but Yahoo has said that while it's aware of the hack, it hasn't confirmed or denied its legitimacy. Motherboard got its hands-on a sampling of the data, which includes usernames, hashed passwords, birth dates and even some backup email addresses.

The data was reportedly stolen in 2012, with the hacker adding they have traded the data privately for a while, but only decided to put it on the market recently. Yahoo hasn't pushed out a mandatory password reset announcement, which is definitely strange.

The US government requested a new record of user data from Google in the second half of 2016, with 40,677 requests impacting as many as 81,311 user accounts, reports ZDNet.

From July through to December 2015, the US government requested the 40.677 requests, an 18% increase from the first half of the year. Most of the requests are coming from the US, with 12,523 data requests in the three-month period, with requests impacting 27,157 users or accounts.

Google says it has been reporting the number of user data requests in a 6-month period going back to the second half of 2009, while it has been detailing the users and accounts it has impacted in the first half of 2011. Google notes: "Usage of our services have increased every year, and so have the user data request numbers".

Privacy is a perpetual concern with Facebook and Facebook Messenger, but it gets a little less so today as the company rolls out its 'Secret Conversations' feature.

Secret Conversations means you can create a conversation with someone that can only be seen by you and on the device of the person you're talking to, as opposed to Facebook or any potential hackers. As well, you can set your messages to disappear within a set amount of time.

As for downsides, you have to take extra action to start such a conversation, you can't view the conversation on multiple devices like you can currently, and fancy features like GIFs, videos, payments aren't supported.