-
Richard Mu wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 5 months ago
It was recently discovered that new Android Trojan variants, dubbed as “Naver Defender,” were being distributed as a fake anti-virus application. Uncovered by security researchers at Cisco Talos, them malware […]
-
Richard Mu commented on the post, Week 11 Update, on the site 6 years, 5 months ago
Intel announced that they are no longer going to be patching older CPUs in regards to the Spectre vulnerability.
It was previously announced that Intel “would patch Bloomfield (45nm, Core i7), Clarksfield (45nm mobile Core i7), Jasper Forest (45nm Xeon), Penryn (45nm mobile Core 2 Duo), Yorkfield (45nm Core 2 Quad), and Wolfdale (45nm desktop…[Read more]
-
Richard Mu wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 6 months ago
Developers of Drupal recently patched two critical vulnerabilities this week in its content management system platform. The first critical vulnerability is a comment reply form bug in Drupal version 8 that granted […]
-
Richard Mu wrote a new post on the site MIS 5212-Advanced Penetration Testing 6 years, 7 months ago
The Sacramento Bee, a newspaper that is published in Sacramento, was recently hit with a ransomeware in two of its databases that were on a third -party server. It was first discovered by an employee followed by a […]
-
Hi Richard,
The one good thing that the company did I feel was to immediately inform the users about the leak. However, I am not quite sure how protected the 3rd party database were. I feel organizations should have their in-house database for most of the critical transactions and customer information, rather than outsourcing it to 3rd party server for cost saving purposes. This is primarily the reason the above incident has happened.
-
-
Richard Mu commented on the post, Here’s the NSA employee who kept top secret documents at home, on the site 6 years, 9 months ago
It is definitely an interesting read. I wonder what was the motivation of the NSA employee to take the classified documents.
-
Richard Mu commented on the post, The Challenges Autonomous Cars Pose to Future of Cybersecurity, on the site 6 years, 9 months ago
It is a very concerning topic with the rise and growth of autonomous vehicles. If a vehicle was ever to be compromised by an attacker, there could be massive damage done to multiple people, organizations, and the surrounding environment. I’m really curious on how much of the security side is being considered as the technology grows.
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 9 months ago
It was recently discovered that a popular Captch WordPress plugin that was sold to an undisclosed buyer, has been modified and had a backdoor installed. The backdoor allows the plugin author to remotely gain […]
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 9 months ago
In a recently online leaked database, it has been discovered that the popular keyboard app, Ai.type, has been collecting a large amount of sensitive details on users. The information that has been collected was […]
-
Part of the problem is that app developers know that very few users understand/read the ToS when they accept “Share my information” on these sorts of apps. I have been trying to educate my friends and family to take a more skeptical view of these kinds of things. That great maxim “If you are not paying for it, you’re not the customer; you’re the product being sold” is a good place to start.
-
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 9 months ago
Recently discovered by Google Play Protect, a machine learning and app usage analysis, helped researchers at Google identify an Android spyware that was stealing information on users. The targeted devices were […]
-
Richard – That’s really shocking to know. Spyware has become so common and these attacks question our security practices. It’s surprising that Android Spyware could actually do this. I doubt if the spyware can also have access to mobile’s internal data and contact information? If yes, then I believe many users would be subjected to this attack.
-
Richard,
Thank you for the article. My question at this point will be; why there use this methods only in African countries?The answer to this question is very simple, there are no regulations or law that protect people in those countries. Which means they can be good targets for so many cyber attackers.
-
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 10 months ago
It was discovered that all OnePlus devices that are running OxygenOS have a backdoor that allows anyone to gain root access. The application left available to be accessed is known as EngineerMode. A diagnostic […]
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 10 months ago
Security researchers have found weakness “in the Institute of Electrical and Electronics Engineers (IEEE) P1735 cryptography standard that can be exploited to unlock, modify or steal encrypted system-on-chip […]
-
Richard,
I think this kind of leak is very normal, the Institute of Electrical and Electronics Engineers (IEEE) has to update the software on the encrypted system-on-ship with a new version that can be stronger. I am not too sure how much recent this technology, but it will be a big issue if it has been in the IT world for a long time. I like your article and I think it shows how much so many organizations don’t keep patching their products to prevent attackers from reaching their goals.
-
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 11 months ago
Don’t use hard-coded keys (DUHK), a new cryptographic vulnerability that allows attackers to recover encryption keys from VPN sessions and web browsers, has been reported from KRACK Wi-Fi attack. The vulnerability […]
-
Richard,
Thanks for sharing your views on this article. Hard Coding keys has been a threat for a long time now, not only with respect to VPN, but also with Online Banking, Payment systems, and Credit Cards. With the new cryptographic vulnerability of the DUHK, it would be interesting to see how much can this be prevented in the shortest time possible. These attacks can be extremely dangerous as you mentioned because they can cause man-in-the-middle attacks to leak current session state of users who are connected to the VPN network.
-
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 11 months ago
Finspy, a spyware that was being sold to government agencies, has been found infecting targets using an Adobe Flash zero-day exploit through Microsoft Office documents that was started by BackOasis. Security […]
-
Richard – Your response raises attention to the most important and widely used enterprise and personal software i.e. Adobe Flash and Microsoft Office. Both these are widely used and in fact more than 55% of consumers worldwide use them for their everyday use. Most of these malwares are embedded in Office documents, which people do not realize and unknowingly open it. They manifest themselves and attach them to the computer systems, slowly extracting and learning data communications and critical information. It is time that we have secure systems to protect people from Flash malware.
-
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 11 months ago
Security researcher, Will Strafach had found that the Uber app has been selectively allowed to use its screen recording API on Apple Watch in order to improve its performance. The screen recording API that has […]
-
What a scary security flaw – as a mobile user with different apps on the phone, I’m always weary about which one is accessing my personal info when it’s not in use. I’m glad Uber decided to investigate it and fix it before they were compromised. But now it makes one worried about what other apps are doing this.
-
Richard,
I am not really a big fun of UBER company, I don’t believe that they operate their business ethically, your post makes me don’t like this company even more. However, there are so many companies track our lives just because we use their apps. It is very scary as Neil said to give someone the permission using your own fingure to have access your life and know exactly your daily activities that can be very private especially if you exchange sensitive information with other people using your phone.
This company has a very bad history regarding her operations and I think your post will help to show how much this company doesn’t trait its customer fairly.
Thank you for the article Richard.
-
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 11 months ago
Cyber security resarchers at CyberArk created an attack which they call Illusion Attack. In developing their own custom SMB server, they were able to trick Windows Defender into scanning a benign file and […]
-
Richard Mu commented on the post, Discussion Week 4, on the site 6 years, 11 months ago
I believe that it depends on the organization. Whitelisting every websites opens a lot of risks to the organization, while blacklisting may affect availability in the C-I-A triad. From a security perspective, it is much safer to blacklist every website and only whitelist specific websites. It still limits availability, however, mitigates potential…[Read more]
-
Richard Mu changed their profile picture 6 years, 12 months ago
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 6 years, 12 months ago
Similar to the Viacom leaked that happened earlier this week, Kromtech Security Center discovered a misconfigured Amazon Web Server (AWS) S3 cloud storage that was left accessible to the public. The AWS contained […]
-
Rich,
A data hack exposing social engineering type information…
It would be a great thing to know if an “Influencer” (Someone who is admired by several people) was going to be somewhere and when. This could lead to a crazy stalker, potential blackmail information, or disastrous terror attacks on high profile people who use the SVR service.
Here is what we should have learned… AWS is easy to use (configure) and cost effective solution, but… the ease of use and number of users makes it a prime target for criminals. The platform’s vulnerabilities are known and searched for by criminals. Many times the data they find is not very valuable, but they may get lucky when a small company stores more valuable data on a server, poorly configured by a friend, relative, or inexperienced IT person.
-
Richard,
Thank you for such article. This type of information leakage is worst that losing some other sensitive information such as Full names and addresses, I am saying this because the attackers who were able to get this important information that is including logs of all these vehicles stops would be able to know the daily activities and stops of more Than 540,000 people who use this service. This is very dangerous since they can be able to determine where these people go physically everyday. I feel these people can be under the risk to be attacked physically by thieves.
In the other hand, technically, the locations of these 450,000 vehicles which are registered under these accounts can be defined and stolen easily with the ability to delete all these logs as well as deactivating the tracking devices.
-
-
Fraser G and Richard Mu are now friends 7 years ago
-
Richard Mu wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 7 years ago
CCleaner, a popular maintenance and file clean-up software, was found to have been compromised with a backdoor application. Piriform, the developers of CCleaner, announced on September 18 that CCleaner version […]
-
Richard-
Interesting article, and one of concern for me because I used CCleaner in the past. If I read these articles right one of their hosts was compromised… I wonder what sort of vetting process is used to make sure your host is legit, and has good security of their own. Thanks for posting this!
Fraser
-
I just posted the Time article about this before I saw your post. It caught my eye because I also use CCleaner and will be updating it today. I’m curious to know what broke down in their internal controls to allow the modified version to be the one released to the public. They should have had multiple levels of testing and approval prior to release. I wonder if it was modified in the short time between the final go-live approval and release, or if it happened during that testing/approval process and wasn’t caught then.
-
Although this wasn’t necessarily the case, my first instinct looking at this is that it was likely the act of an insider, or was done with the assistance of an insider. This is a great example of why detailed logs and documentation are so important. It will likely be a lengthy and meticulous process, but a detailed investigation of the logs may be the only way to determine how this happened and who is responsible for it.
-
Definitely an really interesting and clear example of a Supply Chain attack. Like Matt said, if it wasn’t an insider, there is a serious compromise in Avest’s SDLC. It’s good only one version was affected, so downgrading or upgrading will fix the issue, but with 2.27 Million version downloads since august, this malware is still very widespread.
It is pretty impressive. -
Richard,
I did read an article that is related to your post and talks about CCleaner. According to that article CCleaner comes with two different version, a version you have to purchase and a free one. After this security problem, the company was able to develop an update by exclusively for the pay version. This is a big problem for the people who use the free version which don’t know that their data is under risk. I am just wondering why there is no update for the free version.
Anyway, thank for posting this article that covers a different area of this software (CCleaner) security issue.
-
- Load More
Great Post! Very Interesting.
his is absolutely incredible. I wonder how many users have already used the fake antivirus application and how many systems have already been attacked with this. North Korea’s involvement is even more shocking considering that it is already cornered by most countries for its economic decisions.