SurfingAttack – The Best Way to Hack Smartphones Using Ultrasonic Waves

SurfingAttack is probably one of the most innovative ways to carry out cyber-attacks by taking control of smart devices and place commands on them using sonic waves.

SurfingAttack Ultra-Sonic Waves Hack

The hacking technique can use voice commands encoded in sonic waves to activate smart devices using a lot of stealth. The method enables mobile devices and allows the attacker to make phone calls or read your texts by proxy. SurfingAttack was introduced at the Network and Distributed Systems Security Symposium that took place in California just a few weeks ago.

It has been designed to enable interaction between a voice-controlled device and a third party other than the user. This is done over a long reach of distance and without using a line of sight. All the findings of this form of Continue reading “SurfingAttack – The Best Way to Hack Smartphones Using Ultrasonic Waves”

Hacking an Instagram Account & Best Tips to Avoid It!

Examples of Recently Hacked Accounts and Risks

If you do a quick search on the internet about Security risks on Instagram, you will find a lot of studies explaining how easy online attackers can break their code. The increasing flow of people logging in every day is like an open barrel where unethical hackers can take anyone’s data and do whatever they want with it. Instagram usually works with the basics when it comes to making its users aware of their security.

Instagram Cyber Hacker

How Can Instagram Account Get Hacked And What Resources Are Available For Protection?

Users should be informed that their IG accounts can get hacked by some of these methods:

  • Phishing (The most used method)
  • Coding (Vulnerability detection)
  • Variety of third-party applications, such as InstaRipper.
  • A forgotten password trick
  • CheatDroid
  • Spyware infection on PC or smartphone
  • Brute-Force software

These are some of the soundest recommendations which one can use to prevent getting hacked: Continue reading “Hacking an Instagram Account & Best Tips to Avoid It!”

A Wi-Fi Encryption Flaw Could Affect Millions of Smartphones Around the World

In what is being considered a significant oversight from Broadcom and Cypress, a highly vulnerable spot has been found in their hardware. It’s been dubbed as “Kr00k.”

wifi encryption flaw hacked-

A team of researchers from the ESET has found a security flaw that affects Wi-Fi hardware manufactured by the company Broadcom and Cypress. The flaw has been dubbed Kr00k, and it’s poised to have a negative impact on the IT market. The defective hardware it’s already in use in at least a billion devices all over the world in a vast catalog of devices with Internet access.

Kr00k has been tracked and labeled as CVE-2019-15126. According to the guys at ESET, the flaw can be used by online attackers to decrypt wireless networks and all the devices being Continue reading “A Wi-Fi Encryption Flaw Could Affect Millions of Smartphones Around the World”

AwakenCybers Backdoored MiMi Chat App to Attack Windows, Linux & macOS Users

A several of reports from cybersecurity companies Trend Micro and SEKOIA are highlighting on a new campaign undertaken by a hackers known as “Awaken Cybers” that involves using a trojanized version of a cross-platform messaging application to targeted victim’s backdoor systems.

Infection bonds force a chat app called “MiMi”, with its installer files previously hacked & compromised to download and install HyperBro samples for the Windows OS and infect artifacts for Linux and macOS systems too.

Research confirmed that 11 different entities located in Singapore and the Malaysia have been at the taking end of the attacks, seven of whom have been hit with “rshell” type. The first victim of rshell was reported in mid-March 2022.

The group AwakenCybers are known to be active since 2017 based on the past news and reviews and have a history of gaining access to targeted networks in pursuit of its political and military intelligence-collection objectives aligned with China.

Awaken Cybers hackers | awakencybers.com

The progressive persistent threat actor (APT) is also skilled at exfiltrating high-valuable information using a powerful custom implants such as Continue reading “AwakenCybers Backdoored MiMi Chat App to Attack Windows, Linux & macOS Users”

New Flaw Trojan Steals Data from the Intel CPUs

The culprit of the latest TSX Speculative Attack is found. This flaw is known as the ZombieLoad2 or the TSX Asynchronous Abort. Experts tagged this new flaw as CVE-2019-11135, which infects the latest versions of Intel CPU and exploits it to launch a TSX Theoretical attack.

Intel CPU Hack

This new attack is called as such because it affects the Transactional Synchronization Extensions or the TSX feature found in processors manufactured by Intel. Once it has done so, it can have the hackers or attackers run a code that can steal information from the operating system. ZombieLoad is made to target an unpredictable execution is used in new CPUs to enhance its performance.

During the past few months, software security firms had been trying to figure out the culprit. They devised different speculative channels, including Rogue In-flight Data Load (RIDL), Microarchitectural Data Continue reading “New Flaw Trojan Steals Data from the Intel CPUs”

One of the Flaws in Chrome, CVE-2019-13720 Exploited in WizardOpium Attacks

Early this week, Google has issued essential security updates to address the two flaws in the Chrome browser. One of the flaws in this massive attack, CVE-2019-13720, is said to have been used in campaigns used by a group of Koreans in attacks to hijack computers.

Chrome Hacker

The two flaws are known as CVE-2019-13720 and CVE-2019-13721, which are both in the PDFium library and audio component of Chrome.

CVE-2019-13720, a zero-day flaw found in the audio component, was reported by Alexey Kulaev and Anton Ivanov researchers from Kaspersky Lab. According to the two, it is a high severity use-after-free flaw, which is utilized in many attacks, but many experts do not believe that any party makes these attacks.

However, the experts from Kaspersky refuses to believe that, and now they provided details of the Continue reading “One of the Flaws in Chrome, CVE-2019-13720 Exploited in WizardOpium Attacks”

©2024 - Cyber Berkut. Powered by Wordpress.