A new vector of attack has the security field on edge, as a researcher showed in a proof of concept, its possible to solder a small 5mm by 5mm ATtiny85 chip off of an Arduino board, and utilize it to manipulate the firewall, allowing the attacker to gain entry.

      This is all quite disturbing, even if something was in place to detect this threat, it would almost be impossible to remove, short of disabling the serial port or removing the chip itself. 


      This is entirely newly proven vector of attack, one that is very hard to detect by yet-to-be-invented hardware detection authentication at the firmware level. 

      Original article can be found here.


              That was the news folks, have a good day, and stay safe out there.

       ---Mad-Architect 

                      Twitter is in a little bit of hot water when it was discovered that personal contact details of users were being used for advertising purposes. 

          Twitter had this to say: 

          "We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system. 
Tailored Audiences is a version of an industry-standard product that allows advertisers to target ads to customers based on the advertiser's own marketing lists (e.g., email addresses or phone numbers they have compiled). Partner Audiences allows advertisers to use the same Tailored Audiences features to target ads to audiences provided by third-party partners. When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologize.

We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware. No personal data was ever shared externally with our partners or any other third parties. As of September 17, we have addressed the issue that allowed this to occur and are no longer using phone numbers or email addresses collected for safety or security purposes for advertising. 
We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again. If you have any questions, you may contact Twitter's Office of Data Protection through this form."


           Twitter has assured all of its users that they have disabled this element, and user contact details are no longer involved with advertisers.


           Original article can be found here.


           That was the news folks, have a good day, and stay safe out there.

          ---Mad-Architect 

          

                               A sextortion campaign has been discovered to be spreading via phishing emails. These types of campaigns typically target women, by collecting sensitive photos or other bits of risky material and seek to use them against the person. 

              The campaign is being spread via a mass phishing campaign. It comes in the form of a email stating that the person's computer has been compromised, and may include photos or videos of the person's traffic going through adult websites, or video captures of them in a compromising situation. 

               All users are once again encouraged to ensure they are protected via a VPN or even a VM [virtual machine] to try and throw any trackers or attackers for a spin. 


             There are many ways. 


             Original article can be found here. 


             That was the news folks, have a good day, and stay safe out there. 


             ---Mad-Architect  


              

                                    A man by the name of Tobias Fromel, a German software developer, got his revenge on the gang that released the Muhstik ransomware, after he had his files encrypted by the malware, he had to pay the ransomware to regain access to his files. After he had done so, he went back through and examined the malware, from there he was able to understand how it worked, this eventually lead him to breach the gang's main server and retrieve the information necessary to provide decryption keys as well as a free decryptor. 


                 While what Tobias has done is illegal, it is expected that he won't be prosecuted given his actions and motive for doing so. But with that said, all entities are encouraged to work with authorities in order to resolve a situation. 


                  Original article can be found here.


                                        That was the news folks, have a good day, and stay safe out there.


                    ----Mad-Architect 

                 

  
                       Microsoft has issued a warning about a Iranian state sponsored hacking group called Phosphorous, that has employing mass targeting of high profile email accounts. It reported by Microsoft that their purpose is very well to gain access to sensitive information held by big businesses and/or government agencies. 

          It is also reported that this same group has been operating as far back as 2013, but their motive since than hasn't changed. 


           Microsoft has encouraged all users to enable two factor authentication in their emails, as well as other accounts elsewhere. 


           Original article can be found here.

             That was the news folks, have a good day, and stay safe out there.


             ---Mad-Architect 
                                                  

                     A former Yahoo employee by the name of Reyese Daniel Ruiz has pleaded guilty to breaching the accounts of 6000 users, this included their emails, and connected social media accounts as some are suspecting. The purpose of the breaching of these accounts was to search for and garner photos of young women, which he stored on hard drives at his personal home. 

          Ruiz was finally sought out by his superiors then the authorities after other Yahoo staff noticed suspicious activity on certain accounts. Ruiz has been guilty of computer intrusion as well as interception of a wireless communication, but because of the plea deal, he has only pleaded guilty of the former charge. He is still waiting sentencing, which will take place in early February 2020, but he could face up to a 250,000 fine, as well as up to five years in prison. 


          Original article can be found here.



            That was the news folks, have a good day, and stay safe out there.


            ---Mad-Architect 

          








                                   

                  A new group possibly based in China, as part of the Chinese cyber army, has been discovered by Palo Alto's Unit 42. Named PKPLUG, for seemingly utilizing PlugX malware hidden inside archive ZIP files, with the file format containing PK in its header. 

        There were also custom malware found to be utilized, HenBox, an Android app, and a Window's backdoor called Farseer. There have been  instances of these types of malware going back six years, which could mean they've been operating for a while, or have been using malware and tactics used by other groups. 


       The group appears to be targeting countries in Southeast Asia, mostly Myanmmar, Vietnam, Taiwan, and Indonesia. There is little go on beyond the trojan that has ended up singling them out; a particular trojan that is apparently being utilized to track individuals and garner information. 


       Despite the gaps in information on them, Unit 42 is confident that the group is acting along with the CCP's [Chinese Communist Part] Cyber Army. 

       Original article can be found here.


                That was the news folks, have a good day, and stay safe out there.


        ---Mad-Architect 

                       
                         Two forums belonging to Gizmodo, ITerian Forum and Comodo Forums, were breached by hackers when a recently disclosed  VBulletin vulnerability. Gizmodo has not made public which of the two forums actually breached, but what they have disclosed what data exposed: login usernames, name, email addresses, hashed passwords, last IP address, and some details related to user's social media accounts, but that only affected a limited number of users. 

                      
                                                      It is also apparent that Gizmodo failed to apply the patch that developers from vBulletin released, which in turn allowed hackers an easier breach. 





                          That was the news folks, have a good day, and stay safe out there.

                          ---Mad-Architect 

                    In a new agreement between social media platforms , Facebook and WhatsApp, and the British police, they will now be forced to hand over encrypted messages of anyone who may be suspected of a serious crime. A crime could included but may not be limited to, suspected terrorism, sexual exploitation of minors, extortion, etc. 

         This is apart of a new accord between the US and UK, according to multiple outlets. The accord is expected to be signed next month. A major problem with the nature of this agreement, besides the obvious, is that some industry leaders, like Mark Zuckerberg, are opposing this new agreement, stating that there regardless of the nature of one's business on the web, we all have and deserve the right to our privacy. 

         Onto the obvious problem at hand, is that the platforms will be forced to hand over "encrypted messages"; unless the federal agents can be placed directly into a chat where a person of interest is talking, being able to actually read the encrypted messages would be impossible. So, hence, a very similar idea was presented. 

         The article reads as thus: 

         "Last November, UK intelligence agency GCHQ suggested an approach in which service providers would “silently add a law enforcement participant to a group chat or call,” without notifying the other participants. “You end up with everything still being end-to-end encrypted, but there’s an extra ‘end’ on this particular communication,” the scheme outlined.
But in May, Apple, Google, Microsoft, and WhatsApp pushed back against the proposal to add a “ghost” user, claiming “it would introduce potential unintentional vulnerabilities, and increase risks that communications systems could be abused or misused.”
Facebook, for its part, has been repeatedly railing against the idea of building backdoors, stating it would fundamentally undermine the privacy of its users.
Although technology companies should rightfully assist intelligence agencies with specific investigations, compelling them to install backdoors to allow access to encrypted communications — as a solution to what’s widely known as the Going Dark problem — is akin to locking your doors and leaving the keys under the doormat.
It not only weakens the existing security infrastructure, but also puts the privacy and safety of millions of law-abiding citizens at risk."


                            

          It is unknown as how the public will view this new accord once it is signed, or if authorities will be responsible in how they operate once these new rules are put in place. Or, even if the companies will actually listen.

           Original article can be found here.

           That was the news folks, have a good week, and stay safe out there.


           ---Mad-Architect  


                                           

              German authorities on Friday, raided an old German military bunker, that was discovered to be housing an illegal server house which was being utilized to facilitate drug markets, arms deals, and even sexually explicit material on the darkweb. So far, seven people have been arrested with the addition of six more currently under investigation. On top of this, over 41 million in funds that had been garnered in this operation was also seized, along with over 200 servers. 

      The bunker was located in Traben-Trarbarch, along the Mosel river in Western Germany. Little information has been detailed about the bunker, only that it had been built in 1997. It had been abandoned and later bought by the individuals who would later set up the server house. 

      Not many names have been released in regards to those who were arrested, but two names, that have been corroborated by trusted sources: Herman Johan Xent, and Sven Kemphuis, two individuals who were suspected to be involved in the set up and ownership of illegal server houses in the past. 

      Original article can be found here.


             That was the news folks, have a good rest of the weekend, and stay safe out there.


      ---Mad-Architect