255
A media report today revealed details of a significant supply chain attack which appears to be one of the largest corporate espionage and hardware hacking programs from a nation-state.

According to a lengthy report published today by Bloomberg, a tiny surveillance chip, not much bigger than a grain of rice, has been found hidden in the servers used by nearly 30 American companies, including


255
Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities.

In code reuse attacks, attackers exploit memory corruption bugs (buffer overflows, type confusion, or integer overflows) to take over code pointers stored


255
Late last month Facebook announced its worst-ever security breach that allowed an unknown group of hackers to steal secret access tokens for millions of accounts by taking advantage of a flaw in the 'View As' feature.

At the time of the initial disclosure, Facebook estimated that the number of users affected by the breach could have been around 50 million, though a new update published today by


255
Yes, it is official. The massively popular battle royale video game from Epic Games, Fortnite: Battle Royale is finally available for Android devices.

Epic announced Thursday that the Android version of Fortnite is now available for everyone to download for free, so you no longer require an invite to play the most popular battle royale game on your phone.

Epic Games have provided a list of


255

[Dave Richards and Ron Miscavige, after the Eagles Super Bowl win in February]

We were saddened to learn from Ron Miscavige and Becky Bigelow last night that Dave Richards died unexpectedly yesterday at his home in Phoenix. He was 69.

Dave Richards was one of the most congenial of the longtime former Scientology executives to [...]

255
When Facebook last weekend disclosed a massive data breach—that compromised access tokens for more than 50 million accounts—many feared that the stolen tokens could have been used to access other third-party services, including Instagram and Tinder, through Facebook login.

Good news is that Facebook found no evidence "so far" that proves such claims.

In a blog post published Tuesday,


254
Google has made several new announcements for its Chrome Web Store that aims at making Chrome extensions more secure and transparent to its users.

Over a couple of years, we have seen a significant rise in malicious extensions that appear to offer useful functionalities, while running hidden malicious scripts in the background without the user's knowledge.

However, the best part is that


254

  Jeffrey Augustine continues his look into the history of Scientology’s private cruise ship, the Freewinds…

As covered in our previous article, the Church of Scientology proclaimed the imminent release of the highest auditing level on the Bridge, OT 8, in 1971. “Imminent,” however, turned out to be another 14 years of waiting before [...]

254

[The fabulous Kate Bornstein]

  One of our favorite stories at the Village Voice was the chance we got to write about Kate Bornstein’s unique journey in Scientology and later as a well-known New York transgender performance artist, captured in the 2012 memoir, A Queer and Pleasant Danger. Kate has had an amazing year with [...]

254
In an effort to secure users' data while maintaining privacy, Google has announced a new security measure for Android Backup Service that now encrypts all your backup data stored on its cloud servers in a way that even the company can't read it.

Google allows Android users to automatically backup their essential app data and settings to their Google account, allowing them to simply restore it


254
When you search for free movie download or watch free movies online, search engines serve you a long list of best free movie websites.

But you need to beware, as most free movies files and free movie site could end you up into downloading links to nasty computer viruses. They could infect or, at worst case, take control over your computer.

One more thing I have learned in these years is that


253

[Jesse Prince at the 2015 Toronto conference]

You’ve seen the excerpt and read our review of Jesse Prince’s book, The Expert Witness. Now it’s Jeffrey Augustine’s turn to get in on the fun, with his podcast interview with Jesse.

Says Jeffrey: “Jesse Prince describes the events in RTC surrounding the death of L. Ron [...]

253

[The Birmingham Ideal Org]

We were super fortunate to have reports come in this weekend from two of our great correspondents. In England, Graham updated us on the Birmingham org, and in California, Erin Hodges Plumb had another of her upstart adventures. We hope you enjoy them both…

It was nearly a year ago, on [...]

253

[David Miscavige in Stuttgart last month]

Scientology never gives up. We have pointed this out to you countless times, and now more than ever we can demonstrate how true it is.

Sure, the press for Scientology is as miserable as ever, and we see plenty of signs that the organization is still shrinking, is having [...]

253
A few hours ago the company announced its "non-shocking" plans to shut down Google+ social media network following a "shocking" data breach incident.

Now to prevent abuse and potential leakage of sensitive data to third-party app developers, Google has made several significant changes giving users more control over what type of data they choose to share with each app.

The changes are part of


253
A dark web drugs kingpin who was arrested last year when he arrived in the United States to compete in the World Beard and Mustache Championships has now been sentenced to 20 years in prison.

On Tuesday, U.S. District Judge Robert N. Scola sentenced 36-year-old French national Gal Vallerius, aka "OxyMonster," after pleading guilty to conspiracy to possess with the intent to distribute


253

Weak Passwords Banned In California From 2020

logicfish Security headline password All https://packetstormsecurity.com   Discuss    Share
253

  Once again we had a correspondent on the scene at last night’s event on L. Ron Hubbard Way in Los Angeles as Scientology celebrated the premiere of its second “season” of propaganda airing at Scientology TV. Here’s their report…

LRH Way is entirely blocked off, from Fountain to Sunset, for the event. It’s [...]

253

  The stage is set for Scientology’s Ideal Org grand opening in Detroit today at 1 pm. We hope to have live reports from a couple of correspondents on the scene.

This is the first Ideal Org opening in the US since Orlando in May. Scientology was very secretive about that shindig, but it [...]

253

  Pete Griffiths brought our attention to something interesting yesterday. He noted that Scientology, as usual, posted numerous pretty photos from its most recent big event at its various websites. In this case, we’re talking about the annual gala for the International Association of Scientologists (IAS) held in a giant tent at Saint Hill [...]

253

World's Largest CCTV Maker Leaves At Least 9 Million Cameras Open To Public Viewing

logicfish Security headline privacy china flaw All https://packetstormsecurity.com   Discuss    Share
253

[Our man in Hungary, Péter Bonyai]

This week in our Scientology book series, we have a bonus for you — not one, but two excerpts from Péter Bonyai’s book about his life in the Sea Org, Money, Power, Servitude: Adventures in the Wonderland of Scientology. In the first, he gives us a glimpse about what [...]

252
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought.

A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year.

The vulnerability, identified as CVE-2018-14847, was initially rated


252

[Ready for your trophy?]

We learned recently that Scientologists can not only become “patrons” and “laureates” and “meritorious” based on how much money they give to the IAS (Scientology’s main slush fund), but they can also become “ambassadors” and “luminaries” if they help pay for book dissemination campaigns.

There are so many ways Scientologists [...]

252

[Heather Ruggeri at 22]

In April, Heather Ruggeri celebrated ten years free of Scientology. But a decade isn’t enough to erase the things that she went through as a child growing up in Scientology and working in the Sea Org. She’s put portions of her story on the Internet before, but this is her first [...]

252
What if just receiving a video call on WhatsApp could hack your smartphone?

This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app.

The vulnerability is a memory heap overflow issue


252
Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers.

According to the tech giant, a security vulnerability in one of Google+'s People APIs allowed third-party developers to access data for more than 500,000 users, including their


252

Desperate North Korea Turns To APT Hack Attacks For Cash

logicfish Security headline government malware bank fraud cyberwar korea All https://packetstormsecurity.com   Discuss    Share
252
Looking for a hack to bypass the passcode or screen lock on iPhones?

Jose Rodriguez, an iPhone enthusiast, has discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that potentially allows an attacker to access photos and contacts, including phone numbers and emails, on a locked iPhone XS and other recent iPhone models.

Rodriguez, who also discovered iPhone lock screen


252
The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra.

Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and has previously launched attacks against a number of media organizations,


251
Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials.

Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by


251
Adobe has released its monthly security updates to address a total of 11 vulnerabilities in Adobe Digital Editions, Framemaker, and Technical Communications Suite, of which four are rated critical and rest 7 are important in severity.

Adobe has also released updated versions for Flash Player, but surprisingly this month the software received no security patch update.

Also, none of the


What is Plikli?

Plikli is an open source content management system that lets you easily create your own user-powered website.

BMC logoBuy me a coffee
Latest Comments
Statistics