Researcher Hacks Starlink Terminal With $25 Homemade Board

Lennert Wouters, a researcher at the Catholic University of Leuven, who previously discovered a bug that allowed to hijack Tesla in a couple of minutes, said that he hacked the Starlink terminal using a $25 mod chip. At the Black Hat 2022 conference, Wouters announced that he intends to make this tool available for copying.… Continue reading Researcher Hacks Starlink Terminal With $25 Homemade Board

Chinese Hackers Injected a Backdoor into the MiMi Messenger

SEKOIA and Trend Micro specialists published reports on the activity of the Chinese hack group APT27 (aka Emissary Panda, Iron Tiger and LuckyMouse) and said that hackers introduced a backdoor into the MiMi messenger. The attackers have created a cross-platform malicious version of the Chinese messenger MiMi (秘密, “secret” in Chinese), and use it to… Continue reading Chinese Hackers Injected a Backdoor into the MiMi Messenger

ParseThru Vulnerability Threatens Go-Based Applications

Researchers have discovered a vulnerability called ParseThru — the bug affects Go-based products and can be abused to gain unauthorized access to cloud applications. Experts from the Israeli company Oxeye, which specializes in the security of cloud applications, noticed the problem. ParseThru is related to how URL parsing is implemented in some Go applications. The… Continue reading ParseThru Vulnerability Threatens Go-Based Applications

A Bug in the System Allows Adding a new NFC Key for a Tesla Car

Austrian researcher Martin Herfurt has demonstrated a new way to steal a Tesla – for this attacker can abuse the function of adding a new NFC key, doing it unnoticed by the car owner, in just 130 seconds. We love Tesla security news and have already covered that Information Security Specialist Showed How to Steal… Continue reading A Bug in the System Allows Adding a new NFC Key for a Tesla Car

Chinese Hacker Group Revealed after a Decade of Undetected Espionage

The New Chinese Spying Threat Actor Identified SentinelLabs, an American cybersecurity company, has reported about a Chinese hacking group Aoqin Dragon, which has managed to conduct successful spying activities against companies in Australia and South Asia for about ten years without being tracked. Different cybersecurity companies partially encountered the group’s actions in the past, but… Continue reading Chinese Hacker Group Revealed after a Decade of Undetected Espionage

Microsoft Experts Found Vulnerabilities in Pre-Installed Android Applications

Microsoft experts have found four serious vulnerabilities in pre-installed Android applications, namely in the framework used by Android applications of several major international mobile service providers. Vulnerabilities were discovered in the platform of mce Systems, an Israeli company that provides software for mobile operators. Let me remind you that we also wrote that About 8%… Continue reading Microsoft Experts Found Vulnerabilities in Pre-Installed Android Applications

GitHub removed ProxyLogon exploit and has been criticized

The administration of the GitHub service has removed a real working exploit for the ProxyLogon vulnerabilities in Microsoft Exchange, though information security specialists have sharply criticized GitHub. Yesterday we wrote that an independent information security researcher from Vietnam published on GitHub the first real PoC exploit for a serious set of ProxyLogon vulnerabilities recently discovered… Continue reading GitHub removed ProxyLogon exploit and has been criticized

Raindrop is another malware detected during the SolarWinds hack

Symantec specialists detected Raindrop malware, which was used during the attack on SolarWinds along with other malware. According to the researchers, Raindrop was used by cybercriminals in the last stages of the attack and was deployed only on the networks of a few selected targets (only four malware samples were found). Let me remind you… Continue reading Raindrop is another malware detected during the SolarWinds hack

Five Eyes Alliance, India and Japan Call for Backdoors in Software

Countries participating in the Five Eyes Alliance (which brings together intelligence agencies in Australia, Canada, New Zealand, the United States and the United Kingdom), as well as India and Japan, have once again urged tech companies to leave backdoors in their products so that law enforcement agencies have access to content in a readable and… Continue reading Five Eyes Alliance, India and Japan Call for Backdoors in Software

Octopus Scanner Malware Found On GitHub

GitHub developers have issued a warning about the appearance of the new Octopus Scanner malware, which is distributed ton the site through malicious Java projects. Octopus Scanner was discovered in projects managed with the Apache NetBeans IDE, a tool used to write and compile Java applications. After a tip received in March from information security… Continue reading Octopus Scanner Malware Found On GitHub