#DoS cyber-attacks are not just for websites, may also be for aircraft ILS

https://www.theregister.co.uk/2019/05/16/airplane_landing_security/quote:Aircraft instrument landing systems (ILS) are susceptible to radio signal spoofing using off-the-shelf equipment, boffins have found, calling into question the adequacy of aviation cybersecurity. In a research paper titled “Wireless Attacks on Aircraft Instrument Landing Systems,” scheduled to be presented at the 28th #USENIX Security Symposium in August, computer scientists Harshad Sathaye, Domien Schepers, […]

Carriers selling user location data continued long after they pledged to stop

The scandal of #US mobile carriers selling user location data was exposed earlier this year. The data was sold to a wide range of customers, ranging from banks wanting to reduce card fraud to bounty hunters tracking wanted criminals. But the most worrying aspect of all was that carriers and bounty hunters alike were selling […]

#Verizon’s #5G Network Is Now Hitting Gigabit Download Speeds

A month ago, #Verizon’s #5G coverage in #Chicago was exceedingly difficult to find and the speeds were only noticeably faster than #LTE. Now, Chris Welch from The Verge says the company “has ramped things up.” While coverage “remains extremely limited” and “varies widely block by block,” the speed is lightning fast. From the report: I […]

16-30 April 2019 Cyber Attacks Timeline

The second timeline of April is finally here, confirming the sustained level of activity that we have seen in the last months. In this fortnight I have collected 73 events. Undoubtedly, #ransomware, in its new targeted shape, is… Source: 16-30 April 2019 Cyber Attacks Timeline

Banhammer Republic: Trump declares national emergency, starts ball rolling to boot Huawei out of ALL US networks

President Donald J. Trump today declared yet another national emergency in the #US – this one over the threat of unidentified foreign adversaries exploiting vulnerabilities in IT and telecom systems and services. Short on specifics, the freshly signed executive order authorizes the Secretary of Commerce “to prohibit transactions posing an unacceptable risk to the national […]

Microsoft Releases Patches For A Critical “Wormable Flaw” and 78 Other Issues

It’s Patch Tuesday—the day when #Microsoft releases monthly security updates for its software. Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users’ interaction. Out of 79 vulnerabilities, 18 […]

New secret-spilling flaw affects almost every Intel chip since 2011

Security researchers have found a new class of vulnerabilities in #Intel chips which, if exploited, can be used to steal sensitive information directly from the processor., The bugs are reminiscent of #Meltdown and #Spectre, which exploited a weakness in speculative execution, an important part of how modern processors work. Speculative execution helps processors predict to […]

Flaw Affecting Millions of Cisco Devices Let Attackers Implant Persistent Backdoor

Researchers have discovered a severe vulnerability in #Cisco products that could allow attackers to implant persistent backdoor on wide range devices used in enterprises and government networks, including routers, switches, and firewalls. Dubbed #Thrangrycat or 😾😾😾, the vulnerability, discovered by researchers from the security firm #RedBalloon and identified as CVE-2019-1649, affects Source: Flaw Affecting Millions […]

Boost Mobile Says Hackers Broke into Customer Accounts

#Boost Mobile is informing customers of a data breach nearly 2 months after it happened. “Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” said the notification. “The Boost Mobile fraud team discovered the incident and was able to implement a […]

Update WhatsApp now to avoid spyware installation from a single missed call

A vulnerability discovered in #Facebook’s #WhatsApp messaging app is being exploited to inject commercial #spyware onto #Android and #iOS phones by simply calling the target report The Financial Times. The spyware, developed by Israel’s secretive NSO group, can be installed without a trace and without the target answering the call, according to security researchers and […]