Hyper-targeted attack against 13 iPhones dropped malicious apps via MDM

Enlarge / Messages like this one would have come up every time hackers pushed a modified app to their victims. But YOLO, apparently. (credit: Cisco Talos)

Cisco’s Talos, used the “BOptions” sideloading technique to modify versions of legitimate applications, including WhatsApp and Telegram. The initiative inserted additional libraries into the application packages, and the modified applications were then deployed to the 13 victim iPhones via the rogue mobile device management systems.

“The malicious code inserted into these apps is capable of collecting and exfiltrating information from the device, such as the phone number, serial number, location, contacts, user’s photos, SMS, and Telegram and WhatsApp chat messages,” wrote Talos researchers Warren Mercer, Paul Rascagneres, and Andrew Williams in a post on the attack. “Such information can be used to manipulate a victim or even use it for blackmail or bribery.”

Read 2 remaining paragraphs | Comments

Tech-support scammers know EVERYTHING about my computer, Dell customer says

Enlarge (credit: David Precious / Flickr)

owners of Windows computers from a variety of sellers for years.

A scam targeting Dell customers, by contrast, uses sensitive details tied to their specific PC purchase, including the PC model, service tag number, and the contact information the customers provided at the time they made the purchase. Armed with those details, the caller has a much better chance of tricking the person into thinking the call is legitimate and, from there, ceding control of the computer or coughing up hundreds of dollars in fraudulent support costs.

Read 6 remaining paragraphs | Comments

Year-old router bug exploited to steal sensitive DOD drone, tank documents

Enlarge / A US Air Force MQ-9 Reaper awaits maintenance December 8, 2016, at Creech Air Force Base, Nevada. Training materials for the Reaper Aircraft Maintenance Unit were stolen by a hacker exploiting a Netgear router. (credit: U.S. Air Force photo by Senior Airman Christian Clausen)

Recorded Future, an information security threat intelligence company, discovered them.

US Air Force/Recorded Future

Read 8 remaining paragraphs | Comments

DOD seeks classification “Clippy” to help classify data, control access

Enlarge (credit: Sean Gallagher)

former Secretary of State Hillary Clinton’s use of personal emails. Even people with a more clear understanding of sensitive data classification may have difficulty determining when information needs to be marked and restricted in circulation. So the Department of Defense is looking for some help from machine-learning systems.

The DOD has issued a request for information (RFI) from industry in a quest for technology that will prevent the mislabeling and accidental (or deliberate) access and sharing of sensitive documents and data. In an announcement posted in May by the Defense Information Systems Agency (DISA), the Pentagon stated that the DOD CIO’s office—part of the Office of the Secretary of Defense—is “investigating the use of commercial solutions for labeling and controlling access to sensitive information.”

Defense IT officials are seeking software that “must be able to make real-time decisions about the classification level of the information and an individual’s ability to access, change, delete, receive, or forward the information based on the credentials of the sending and/or receiving individual, facility, and system.”

Read 4 remaining paragraphs | Comments