InfoSec News Nuggets 3/13/2024

VR headsets can be hacked with an Inception-style attack In the Christoper Nolan movie Inception, Leonardo DiCaprio’s character uses technology to enter his targets’ dreams to steal information and insert false details into their subconscious.  A new “inception attack” in virtual reality works in a similar way. Researchers at the University of Chicago exploited a security vulnerability in Meta’s Quest VR system that allows hackers to hijack users’ headsets, steal sensitive information, and—with the help of generative…
Read More

InfoSec News Nuggets 03/08/2023

New HiatusRAT Router Malware Covertly Spies On Victims Just nine months after discovering ZuoRAT – a novel malware targeting small office/home office (SOHO) routers – Lumen Black Lotus Labs® identified another, never-before-seen campaign involving compromised routers. This is a complex campaign we are calling “Hiatus”. It infects business-grade routers and deploys two malicious binaries, including a Remote Access Trojan (RAT) we’re calling HiatusRAT, and a variant of tcpdump that enables packet capture on the target device.…
Read More

InfoSec News Nuggets 10/15/2021

Microsoft to pull LinkedIn from Chinese market American technology giant Microsoft announced today that it will pull its professional social network LinkedIn from the Chinese market later this year. Microsoft purchased LinkedIn for more than $26 billion back in 2016. The news comes amidst a flurry of regulatory changes in the Asian nation, as well as rising tensions between the company and the country. Two weeks past, Microsoft came under heavy scrutiny for its decision to block the profiles…
Read More

InfoSec News Nuggets 03/22/2021

~4,300 publicly reachable servers are posing a new DDoS hazard to the Internet Criminals are upping the potency of distributed denial-of-service attacks with a technique that abuses a widely used Internet protocol that drastically increases the amount of junk traffic directed at targeted servers. DDoSes are attacks that flood a website or server with more data than it can handle. The result is a denial of service to people trying to connect to the service.…
Read More