Cyber security news August 2019

This posting is here to collect cyber security news in August 2019.

I post links to security vulnerability news to comments of this article.

If you are interested in cyber security trends, read my Cyber security trends 2019 posting.

You are also free to post related links.

 

273 Comments

  1. Tomi Engdahl says:

    Eco-activists planning to shut down Heathrow Airport with drone flights
    https://www.eturbonews.com/263892/eco-activists-planning-to-shut-down-heathrow-airport-with-drone-flights/

    British eco-‘drone activists’ are planning to ground all flights at London’s Heathrow Airport next month.

    A drone activist group calling itself Heathrow Pause and described as a splinter of environmental group Extinction Rebellion has warned that on September 13 its members will be flying drones around Heathrow, forcing the grounding of flights as part of a protest at the planned expansion of the airport.

    Reply
  2. Tomi Engdahl says:

    https://techcrunch.com/2019/08/06/warshipping-hackers-ship-exploits-mail-room/amp/

    Reply
  3. Tomi Engdahl says:

    https://gizmodo.com/buttplug-hacker-talks-security-consent-and-why-he-hac-1837252628/amp

    Reply
  4. Tomi Engdahl says:

    Twitter CEO Jack Dorsey’s Twitter account was hacked to send out racist tweets with the n-word and phrases like ‘Hitler is innocent’
    https://www.businessinsider.com/twitter-ceo-jack-dorsey-account-hacked-n-word-hitler-innocent-2019-8

    “The hacked tweets were apparently sent using an SMS messaging service called Cloudhopper. Twitter acquired Cloudhopper in 2010 but the service is no longer available to the public. However, Dorsey apparently used a version of the service earlier this year, though most of his tweets are sent from an iPhone.”

    Reply
  5. Tomi Engdahl says:

    https://www.cisecurity.org/advisory/a-vulnerability-in-google-chrome-could-allow-for-arbitrary-code-execution_2019-086/?_ga=2.17681274.254015540.1567198628-1643685459.1564759901

    Reply
  6. Tomi Engdahl says:

    US official confirms that Trump tweeted out a picture from a classified intelligence briefing
    https://www.businessinsider.com/trump-tweeted-classified-intelligence-briefing-photo-2019-8?IR=T

    A US official told CNBC that a photo of an Iranian launchpad that President Donald Trump tweeted Friday afternoon came from an intelligence briefing Trump received earlier that day.

    Reply
  7. Tomi Engdahl says:

    https://gizmodo.com/jack-dorseys-twitter-account-appears-to-have-been-hacke-1837753063?fbclid=IwAR2-kbzJpiRhXUDBlmVD_MIJpLMrhyVF2rNgN-DrVT6YnRLctOnBvLqsSaA

    Reply
  8. Tomi Engdahl says:

    Secret U.S. Cyber Mission Devastated Iran’s Attack Capabilities, Officials Say
    https://www.forbes.com/sites/zakdoffman/2019/08/29/secret-cyber-mission-devastated-irans-attack-capabilities-us-officials-say/?utm_source=FACEBOOK&utm_medium=social&utm_term=Jennie/#6a656e6e696

    The cyber conflict between Iran and the U.S. is now a constant—it doesn’t diminish simply because the headlines go away. And it’s a constant that alternates between computer networks and the media. Now, unnamed U.S. officials have told the U.S. media that covert attacks on Iranian intelligence systems in June had such a devastating impact, that the country has yet to recover its capabilities.

    Reply
  9. Tomi Engdahl says:

    So, the Trump administration is going ahead, directly contrary to established social media platform policies, and creating fake accounts for surveillance purposes? And that’s legal?

    US says it plans to create fake social media accounts to monitor immigrants
    https://www.foxnews.com/politics/us-government-to-use-fake-social-media-accounts-to-monitor-immigrants-seeking-visas-citizenship

    U.S. Citizenship and Immigration Services (USCIS) officers can now use fake social media accounts to monitor immigrants seeking visas, green cards and citizenship.

    Reply
  10. Tomi Engdahl says:

    Man Used Internet Registry To Track Down And Beat Up Pedophiles And Sex Offenders
    https://trendings.net/man-used-internet-registry-to-track-down-and-beat-up-pedophiles-and-sex-offenders

    Reply
  11. Tomi Engdahl says:

    iPhones have been having ‘monitoring implants’ installed for years, Google researchers warn
    https://www.independent.co.uk/life-style/gadgets-and-tech/news/iphone-apple-google-hack-monitoring-implant-website-a9085031.html

    Just visiting an affected website would be enough to be spied on

    Hackers have been installing “monitoring implants” in people’s phones without their knowledge for years, Google experts have warned.

    Thousands of people could have been hit each week and would not even know they had been hit by the exploit, according to security research Ian Beer, from Google’s Project Zero.

    Reply
  12. Tomi Engdahl says:

    Apple still has work to do on privacy
    https://techcrunch.com/2019/08/31/apple-still-has-work-to-do-on-privacy/?tpcc=ECFB2019&fbclid=IwAR3a4Shwm4-4pRKegN3tLd9__DuabQI–gno5yvw-j5I0IKxuAao5cG9rsU

    There is no doubt that Apple’s self-polished reputation for privacy and security has taken a bit of a battering recently.

    On the security front, Google researchers just disclosed a major flaw in the iPhone, finding a number of malicious websites that could hack into a victim’s device by exploiting a set of previously undisclosed software bugs. When visited, the sites infected iPhones with an implant designed to harvest personal data — such as location, contacts and messages.

    Malicious websites were used to secretly hack into iPhones for years, says Google
    https://techcrunch.com/2019/08/29/google-iphone-secretly-hacked/

    Reply
  13. Tomi Engdahl says:

    Ian Beer / Project Zero:
    An in-depth look at five iOS exploit chains that were used in hacked websites for carrying out watering hole attacks against devices running iOS 10 through 12 — Project Zero’s mission is to make 0-day hard. We often work with other companies to find and report security vulnerabilities …

    A very deep dive into iOS Exploit chains found in the wild
    https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html

    Project Zero’s mission is to make 0-day hard.

    Earlier this year Google’s Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day.

    There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week.

    TAG was able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12. This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years.

    Reply
  14. Tomi Engdahl says:

    iOS update: iPhone owners urged to download new software to fix strange and potentially disastrous problem
    https://www.independent.co.uk/life-style/gadgets-and-tech/news/ios-update-download-12-problems-4-issues-iphone-new-features-a9080546.html?utm_medium=Social&utm_source=Facebook#Echobox=1566917626

    Apple has finally released a new update, numbered 12.4.1, which fixes a major security issue in iPhones.

    Reply
  15. Tomi Engdahl says:

    How To Make $1 Million From Hacking: Meet Six Hacker Millionaires
    http://on.forbes.com/6189EfWsZ

    Reply
  16. Tomi Engdahl says:

    https://map.hashplane.com/

    Reply
  17. Tomi Engdahl says:

    Google to pay security researchers who find Android apps and Chrome extensions misusing user data

    https://techcrunch.com/2019/08/29/google-data-abuse-android-chrome-bug-bounty/

    Reply
  18. Tomi Engdahl says:

    Emmanuel Nwude Carried Out The Biggest Scam In Nigeria
    http://www.ladbible.com/community/interesting-emmanuel-nwude-carried-out-the-biggest-scam-in-nigeria-20180825?c=1535235507222

    Emmanuel Nwude committed the largest fraud in Nigeria after he sold a non-existent airport

    And not for some throwaway amount of money that someone would have chanced being done over. Oh no, this was $242 million (£188m).

    It happened between 1995 and 1998 and the victim was an unsuspecting Brazilian, Nelson Sakaguchi, who was director of a bank.

    Reply
  19. Tomi Engdahl says:

    Hacker Releases First Public Jailbreak for Up-to-Date iPhones in Years
    https://www.vice.com/en_ca/article/qvgp77/hacker-releases-first-public-iphone-jailbreak-in-years

    Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers.

    Reply
  20. Tomi Engdahl says:

    Router Network Isolation Broken By Covert Data Exfiltration
    https://www.bleepingcomputer.com/news/security/router-network-isolation-broken-by-covert-data-exfiltration/

    Reply
  21. Tomi Engdahl says:

    Google wants to reduce lifespan for HTTPS certificates to one year
    A Google proposal would cut lifespan of SSL certificates from 825 days to 397 days.
    https://www.zdnet.com/article/google-wants-to-reduce-lifespan-for-https-certificates-to-one-year/

    https://www.venafi.com/blog/jury-out-whether-reducing-certificate-lifetimes-would-improve-security

    Reply
  22. Tomi Engdahl says:

    A Porn Company Bought, Promptly Incinerated a Website That Doxxed Performers
    https://futurism.com/the-byte/porn-incinerated-website-server-pornwikileaks

    Reply
  23. khawarrasheed1996 says:

    hi i am new here any one help me to know the rules

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*