A high-severity vulnerability has been discovered in 4G-based wireless 4GEE Mini modem sold by mobile operator EE. The vulnerability can be exploited by a low privileged user account to escalate privileges on any Windows computer that had once connected to the EE Mini modem via USB. This, in turn, would allow an attacker to gain…

Malware campaign misusing stolen valid digital certificates from Taiwanese tech-companies to sign their malware and making them look like legitimate applications. Digital certificates issued by a trusted certificate authority are used to cryptographically sign computer applications and software and are trusted by your computer for execution of those programs without any warning messages. The Stuxnet…

Mobile security researchers have discovered unprotected Firebase databases of thousands of iOS and Android mobile applications exposed over 100 million data records. Google's Firebase service does not secure user data by default, requiring developers to explicitly implement user authentication on all database rows and tables to protect their databases from unauthorized access. Researchers scanned over…

Marcus Hutchins, the British malware analyst who helped stop global Wannacry menace, is now facing four new charges related to malware he allegedly created and promoted it online to steal financial information. The 24-year-old, known as MalwareTech, was arrested by the FBI last year as he was headed home to England from the DefCon conference…

ALTEr attack exploits the fact that LTE user data is encrypted in counter mode (AES-CTR) but not integrity protected, which allows us to modify the message payload. The current 5G specification does not require this security feature as mandatory, but leaves it as an optional configuration parameter. The attack is dangerous, but it is difficult…

A new research paper details 10 new cyber attacks against the 4G LTE wireless data communications technology for mobile devices and data terminals. The attacks exploit design weaknesses in three key protocol procedures of the network known as attach, detach, and paging. The vulnerabilities are most worrying that once again raise concerns about the security…

Hotspot Shield is a VPN service available for free on Google Play Store and Apple Mac App Store with an estimated 500 million users around the world. The service promises to hide users' IP addresses and their identities and protect them from tracking by transferring their internet and browsing traffic through its encrypted channel. An…