Sail Safe Online: #GhostSec Weekly Security Alerts

This week’s US-CERT Cyber Security high vulnerability alerts include Apple TV, CISCO products, Huawei Mobile Broadband, Lenovo SHAREit, Linux Kernel and PHP. For version information and the full list of high, medium and low vulnerability risks, click here.

Krebs on Security — Banks: Credit Card Breach at CiCi’s Pizza

CiCi’s Pizza, an American fast food business based in Coppell, Texas with more than 500 stores in 35 states, appears to be the latest restaurant chain to struggle with a credit card breach. The data available so far suggests that hackers obtained access to card data at affected restaurants by posing as technical support specialists for the company’s point-of-sale provider, and that multiple other retailers have been targeted by this same cybercrime gang…

Security News

How to steal encryption keys from the air through a PC’s noises

A group of Israeli researchers demonstrated how to steal RSA encryption keys through a PC’s noises during cryptographic operations.

If you think that air-gapped networks are totally secure you are wrong, in the past, many research teams have devised methods to steal data from computers disconnected from the Internet.

They demonstrated that it is possible to exfiltrate data through the analysis of sound waves and heat emissions, now a new research shows that it is possible to steal RSA encryption keys through a PC’s noises and an old AM radio from a few metres away…

Irongate — New Stuxnet-like Malware Targets Industrial Control Systems

Security researchers have discovered a sophisticated piece of malware that uses tricks from the Stuxnet sabotage malware and is specifically designed to target industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Researchers at the security firm FireEye Labs Advanced Reverse Engineering said on Thursday that the malware, dubbed “IRONGATE,” affects…

Has Your TeamViewer Account Been Hacked? Here’s What to Do Immediately

Do you have remote login software TeamViewer installed on your desktop? If Yes, then it could be possible that your system can be accessed by attackers to steal your personal details, including your bank and PayPal accounts, as several reports on Reddit and Twitter suggests. According to recent reports, the popular TeamViewer software that is used to remotely control PCs appears to have been…

GhostShell is back and leaked 36 million records

GhostShell is back and once again to warn us about the poor security posture of many services, this time, he announced to have leaked 36 million accounts/records.

The hacker is inviting experts to pay attention to the MEAN Stack, MEAN is a collection of JavaScript-based technologies (MongoDB, Express.js, AngularJS, and Node.js) used to develop web applications…

Less Than 10% Of IoT Products Secure, Say 47% Surveyed

IOActive poll highlights low consumer confidence in the built-in security of Internet of Things products…

Connected Cars: 6 Tips For Riding Safely With Onboard Devices

Carnegie Mellon researchers note that the cheaper the after market device, the easier it can be hacked…

Hybrid Warfare — The Killing of Mullah Akhtar Mansour

The nature of warfare is constantly evolving. The rise of ISIS with its sophisticated use of technology for propaganda has revolutionized the War on Terror. Today, disinformation and the use of cyber warfare is gaining momentum and showing how wars are likely to be fought in the future. On 21st May 2016, the world witnessed the death of Afghan Taliban leader Mullah Akhtar Mansour in a drone strike by the United States in Pakistan. The strike was the last resort due to Mansour’s refusal to come to the negotiating table in the Afghanistan peace talks. Pakistan, the US’s ally in the War on Terror called the drone strike a violation of its sovereignty and “against international law”; completely bypassing its complicity in sheltering him on Pakistani soil…

NTP Patches Flaws That Enable DDoS

The network time protocol was updated to ntp-4.2.8p8, patching a handful of vulnerabilities that can be leveraged in DDoS attacks…

Researchers Uncover Affiliate Network for Ransomware

Ransomware crime bosses are shopping for affiliates to help them infect victims…

This System can Trace Calls, Texts, Location of Every Single Mobile Phone

Ability’s Unlimited Interception System Can Trace Calls/Texts/Location of Every Single…

Malware Uses Clever Technique to Hide DNS Changes

Several pieces of malware and adware have been observed using a clever technique to hide the changes they make to the DNS settings of infected devices, ESET reported on Thursday…

Cerber Ransomware Morphing Every 15 Seconds

Malware authors are using various techniques to evade detection, and those operating the Cerber ransomware are now employing a server-side “malware factory”, researchers at Invincea reveal…

Latest Article by GhostSec’s @__Sneaker in Security Affairs:

Pro-ISIS Hackers Have Been Flexing Their Muscles — But Is There Any Real Cause For Concern?

Lion Caliphate, of Caliphate Cyber Army (CCA) and United Cyber Caliphate (UCC) notoriety, briefly left Facebook last week but returned with a new name– Lion Back. Site Intel Group, which tracks numerous hacker groups, has released several updates in regard to pro-ISIS hackers…

— — —

DEF CON 24 is August 4–7 at Paris & Bally’s in Las Vegas!

$240 USD for all four days! Cash only at the door, there is no pre-registration.


Click here for more information on DEF CON 24


Black Hat | USA is coming up:

July 30 — August 4, 2016 | Mandalay Bay | Las Vegas, NV

Trainings: July 30 — August 2

Sail Safe!

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.