Channel address:
Categories:
Cryptocurrencies
Language: English
Subscribers:
3.56K
Description from channel
Latest news of INFOSEC (EN)
1. Latest Vulnerability.
2. Latest Patch.
3. Privacy Breach.
4. Security Breach.
5. InfoSec News.
German Version 🇩🇪
@cRyPtHoN_INFOSEC_DE
France Version 🇫🇷
@cRyPtHoN_INFOSEC_FR
Italian Version 🇮🇹
@cRyPtHoN_INFOSEC_IT
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
1
4 stars
0
3 stars
1
2 stars
0
1 stars
0
The latest Messages 238
2021-05-11 03:45:21
Apple Execs Chose to Keep a Hack of 128 Million iPhones Quiet.
Emails from the Epic Games lawsuit show Apple brass discussing how to handle a 2015 iOS hack. The company never directly notified affected users.
In September 2015, Apple managers had a dilemma on their hands: Should or should they not notify 128 million iPhone users of what remains the worst mass iOS compromise on record? Ultimately, all evidence shows, they chose to keep quiet.
The mass hack first came to light when researchers uncovered 40 malicious App Store apps, a number that mushroomed to 4,000 as more researchers poked around. The apps contained code that made iPhones and iPads part of a botnet that stole potentially sensitive user information.
https://www.wired.com/story/apple-execs-chose-to-keep-hack-of-128-million-iphones-quiet/
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
181 views00:45
2021-05-11 03:41:03
Ransomware attack on healthcare admin company CaptureRx exposes multiple providers across United States.
Faxton St. Luke’s Healthcare in New York, Randolph, VT-based Gifford Health Care and Thrifty Drug Stores are just a few of the victims.
Multiple healthcare providers across the United States are reporting being impacted by a ransomware attack on CaptureRx, a San Antonio-based company providing drug-related administrative services
At least three healthcare-related institutions -- including UPMC Cole and UPMC Wellsboro in Pennsylvania, Lourdes Hospital and Faxton St. Luke's Healthcare in New York, Gifford Health Care in Randolph, Vermont and a number of Thrifty Drug Stores -- have reportedly had the health information of customers or patients exposed and stolen in the breach.
https://www.zdnet.com/article/ransomware-attack-on-healthcare-admin-company-capturerx-exposes-multiple-providers-across-united-states/
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
152 views00:41
2021-05-11 03:32:57
As another vendor promises 3 years of Android updates, we ask: How long should mobile devices receive support?
Really, three years should be the bare minimum at this point
Analysis Almost seven months after the brand splashed down in the UK market, mobile maker Vivo is making some bold promises about the longevity of its upcoming phones.
The Chinese company is promising at least three years of software and security updates for selected premium devices introduced after July.
And? It's underwhelming. When it comes to software updates, most smartphone vendors fare dismally. Three years is a decent figure, on par with the Android One programme, although slightly below what Samsung has provided newer Galaxy devices.
https://www.theregister.com/2021/05/10/vivo_android_support/
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
923 views00:32
2021-05-11 03:30:09
Security researcher successfully jailbreaks an Apple AirTag.
Successful jailbreak increases existing AirTag security and privacy concerns.
This weekend, German security researcher stacksmashing declared success at breaking into, dumping, and reflashing the microcontroller of Apple's new AirTag object-location product.
Breaking into the microcontroller essentially meant being able both to research how the devices function (by analyzing the dumped firmware) and to reprogram them to do unexpected things. Stacksmashing demonstrated this by reprogramming an AirTag to pass a non-Apple URL while in Lost Mode.
https://arstechnica.com/information-technology/2021/05/security-researcher-successfully-jailbreaks-an-apple-airtag/
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
145 views00:30
2021-05-11 03:23:12
The old Google Pay is dead — long live the new Google Pay.
You'll need to install the new app to send and receive money
Google Pay was refreshed late last year with an all-new interface and a reworked direction. In addition to mobile payments, the app has expanded to support food orders, online shopping with exclusive discounts, and budget tracking. It's a big switch for users, and while many have likely adjusted to the new experience by now, others have stayed on the older, simplified UI. Unfortunately, time has run out for anyone procrastinating on downloading the new app, as Google has put one final nail in the coffin of the legacy version of Pay.
https://www.androidpolice.com/2021/05/10/the-old-google-pay-is-dead-long-live-the-new-google-pay/
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
144 views00:23
2021-05-11 03:15:18
Pipeline Hackers Say They’re ‘Apolitical,’ Will Choose Targets More Carefully Next Time.
“Our goal is to make money, and not creating problems for society,” the statement continues.
The criminal hacking group suspected of being behind the ransomware attack on the Colonial Pipeline, which was shut down as a precaution in response, has published a new statement on its dark web site saying it is "apolitical."
"We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives," the statement from the DarkSide ransomware group reads.
https://www.vice.com/en/article/bvzzez/colonial-pipeline-hackers-statement-darkside
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
148 views00:15
2021-05-11 03:09:12
DDoS attacks in Q1 2021.
Q1 2021 saw the appearance of two new botnets. News broke in January of the FreakOut malware, which attacks Linux devices. Cybercriminals exploited several critical vulnerabilities in programs installed on victim devices, including the newly discovered CVE-2021-3007. Botnet operators use infected devices to carry out DDoS attacks or mine cryptocurrency.
Another active bot focused on Android devices with the ADB (Android Debug Bridge) debug interface. The botnet was dubbed Matryosh (from the Russian word matryoshka — nesting doll) due to the multi-step process for obtaining the C&C address. It is not the first bot to attack mobile devices through a debug interface. This loophole was previously exploited by ADB.Miner, Ares, IPStorm, Fbot, Trinity, and other malware.
https://securelist.com/ddos-attacks-in-q1-2021/102166/
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
161 views00:09
2021-05-11 02:42:42
Kubecon 2021: A largely dry and corporate affair where the best bits involved a spot of Kubernetes-hacking roleplay.
But we heard the message loud and clear – it's pretty much the standard runtime platform now
Kubecon A session on how to hack into a Kubernetes cluster was among the highlights of a Kubecon where the main events were generally bland and corporate affairs, perhaps indicative of the technology now being a de facto infrastructure standard among enterprises.
Kubecon Europe took place online last week with more than 27,000 attendees, according to Chris Aniszczyk, CTO of the Cloud Native Computing Foundation (CNCF), which hosts the Kubernetes project among many others.
https://www.theregister.com/2021/05/10/kubecon_2021_highlights/
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
@NoGoolag
155 views23:42
C
