UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the past. After having discovered the first UEFI rootkit in the wild, known as LoJax, ESET specialists set out to build a system that would enable them to explore the vast UEFI landscape in an efficient way while reliably spotting emerging and unknown UEFI threats. Finding malware like LoJax is rare – there are millions of UEFI executables in the wild, and only a tiny portion of them are malicious. We…
ISBuzz Team
Gaming giant EA announced yesterday that all users who enable Login Verification (EA’s internal name for two-factor authentication) for their accounts would get free access to Origin Access for a month. Here are EA’s conditions: Current Origin Access Basic members – if they turn on 2FA, they won’t be charged next month, which is November 2019. Current Origin Access Premier members – same offer, but they’ll get access to a free month of Premier access instead, also in November 2019. Current Origin Access Basic/Premier members – if they have 2FA already enabled, they will get a free month as well.…
Today, Gallagher, one of the world’s largest insurance broking, risk management and consulting services companies, publishes research based on FOI responses received from UK local authorities between August and September of this year, quantifying the scale of cyber threat faced by councils across the UK: Freedom of information (FOI) requests by Gallagher found that 101 UK councils had experienced an attempted cyber-attack on their IT systems since 2017. More than a third (37%) of these local authorities had experienced cyber-attacks in the first half of this year Responding councils experienced 263 million attacks in the first six months of 2019,…
It has been reported that attackers are exploiting a zero-day vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel models, a member of Google’s Project Zero research group said on Thursday night. There’s evidence the vulnerability is being actively exploited, either by exploit developer NSO Group or one of its customers, Project Zero member Maddie Stone said in a post. Exploits require little or no customisation to fully root vulnerable phones. The vulnerability can be exploited two ways: (1) when a target installs an untrusted app or (2)…
The Malwarebytes research team has linked the Cobalt and Group 4 cybercriminal teams with Magecart. Their findings show that Group 4 is conducting server-side attacks as well as client-side skimming: https://twitter.com/teoseller/status/1181128069223997441
Someone is auctioning on underground forums a database allegedly containing personal information of 92 million Brazilian citizens. They claim that every record is real and unique.The seller also advertises a search service focused on Brazilians, saying that they can dig up details about an individual starting from minimum initial data. https://twitter.com/RadarBreach/status/1177532157608071168
According to reports, the FBI has issued a warning advising organisations on how they should handle ransom demands. The FBI’s Internet Crime Complaint Centre has urged all organisations and individuals that are infected by a ransomware not to pay any money to hackers in exchange of a decryption key. Instead, they should report the incident to FBI officials as earliest as possible.
It has been reported that a new bug has been disclosed; one that allows an attacker to use a malicious GIF image file to open a vulnerability in WhatsApp and potentially access user content. The bug was identified and shared by “technologist and information security enthusiast” Awakened on Github, with a detailed explanation of how it works. Essentially, the bug relies on an attacker pushing the malicious GIF file to the victim’s device through any channel. That could be WhatsApp or email or any other messaging platform. With the GIF on the device, when the victim opens the gallery within WhatsApp to send any image—not necessarily…
It has been reported that Electronic Arts have come under fire for accidentally leaking the personal information of thousands of FIFA players, pros and streamers. This comes just a couple of days after the gaming giant announced that all users who enable Login Verification (EA’s internal name for two-factor authentication) for their accounts would get free access to Origin Access for a month. https://twitter.com/Kotaku/status/1179894839305003008
A series of sophisticated cyberattacks targeting Egyptian journalists, academics, lawyers, opposition politicians and human rights activists has been traced to Egyptian government offices, according to new research published today by Check Point Research. The attackers installed malware on the phones of the target people, enabling them to read victims’ files and emails, track their locations, identify who they contacted and when, according to Check Point. Two activists who were targeted by the cyberattack were arrested in a roundup of prominent opposition figures last month as part of Egypt’s crackdown on anti-government protests. Researchers found the central server used in the attacks was…