Application Bugs Allowed to Open and Start Cars Hyundai, Genesis and Others

Experts from Yuga Labs discovered vulnerabilities in mobile applications for Hyundai and Genesis vehicles. In addition, the SiriusXM smart car platform, used in cars from other manufacturers (Acura, BMW, Honda, Infiniti, Jaguar, Land Rover, Lexus, Nissan, Subaru and Toyota), allowed to remotely unlock the car, start the engine and perform other actions. Let me remind… Continue reading Application Bugs Allowed to Open and Start Cars Hyundai, Genesis and Others

PCspoF Attack Could Disable Orion Spacecraft

A team of researchers from the University of Michigan, the University of Pennsylvania, and NASA have detailed a TTEthernet (Time-Triggered Ethernet) PCspoF attack that could disable the Orion spacecraft. Experts say vulnerabilities in this network technology, which is widely used in the space and aviation industries, could have catastrophic consequences for critical systems, including the… Continue reading PCspoF Attack Could Disable Orion Spacecraft

New PowerShell Backdoor Masquerades as a Windows Update

Cybersecurity experts from SafeBreach have found a new, previously undocumented and “undetectable” PowerShell backdoor, which hackers actively use and has been used to attack at least 69 targets. Let me remind you that we also wrote that Germans Interested in the Situation in Ukraine Are Attacked by the PowerShell RAT Malware. The backdoor spreads through… Continue reading New PowerShell Backdoor Masquerades as a Windows Update

Hundreds of Microsoft SQL Servers Infected with Maggie Backdoor

Security researchers have discovered a new malware that targets Microsoft SQL servers. The backdoor is dubbed Maggie, has already infected hundreds of machines around the world. The greatest distribution of malware is observed in South Korea, India, Vietnam, China, Russia, Thailand, Germany and the USA. Let me remind you that we also wrote that Fargo… Continue reading Hundreds of Microsoft SQL Servers Infected with Maggie Backdoor

Researcher Hacks Starlink Terminal With $25 Homemade Board

Lennert Wouters, a researcher at the Catholic University of Leuven, who previously discovered a bug that allowed to hijack Tesla in a couple of minutes, said that he hacked the Starlink terminal using a $25 mod chip. At the Black Hat 2022 conference, Wouters announced that he intends to make this tool available for copying.… Continue reading Researcher Hacks Starlink Terminal With $25 Homemade Board

Chinese Hackers Injected a Backdoor into the MiMi Messenger

SEKOIA and Trend Micro specialists published reports on the activity of the Chinese hack group APT27 (aka Emissary Panda, Iron Tiger, and LuckyMouse) and said that hackers introduced a backdoor into the MiMi messenger. The attackers have created a cross-platform malicious version of the Chinese messenger MiMi (秘密, “secret” in Chinese), and use it to… Continue reading Chinese Hackers Injected a Backdoor into the MiMi Messenger

ParseThru Vulnerability Threatens Go-Based Applications

Researchers have discovered a vulnerability called ParseThru — the bug affects Go-based products and can be abused to gain unauthorized access to cloud applications. Experts from the Israeli company Oxeye, which specializes in the security of cloud applications, noticed the problem. ParseThru is related to how URL parsing is implemented in some Go applications. The… Continue reading ParseThru Vulnerability Threatens Go-Based Applications

A Bug in the System Allows Adding a new NFC Key for a Tesla Car

Austrian researcher Martin Herfurt has demonstrated a new way to steal a Tesla – for this attacker can abuse the function of adding a new NFC key, doing it unnoticed by the car owner, in just 130 seconds. We love Tesla security news and have already covered that Information Security Specialist Showed How to Steal… Continue reading A Bug in the System Allows Adding a new NFC Key for a Tesla Car

Chinese Hacker Group Revealed after a Decade of Undetected Espionage

The New Chinese Spying Threat Actor Identified SentinelLabs, an American cybersecurity company, has reported about a Chinese hacking group Aoqin Dragon, which has managed to conduct successful spying activities against companies in Australia and South Asia for about ten years without being tracked. Different cybersecurity companies partially encountered the group’s actions in the past, but… Continue reading Chinese Hacker Group Revealed after a Decade of Undetected Espionage

Microsoft Experts Found Vulnerabilities in Pre-Installed Android Applications

Microsoft experts have found four serious vulnerabilities in pre-installed Android applications, namely in the framework used by Android applications of several major international mobile service providers. Vulnerabilities were discovered in the platform of mce Systems, an Israeli company that provides software for mobile operators. Let me remind you that we also wrote that About 8%… Continue reading Microsoft Experts Found Vulnerabilities in Pre-Installed Android Applications