Skip to main content

Posts

Chinese State-Sponsored Hackers Using New Device Hacks to Spy On Muslims.

A Chinese hacking group has been found leveraging a new exploit chain in iOS devices to install a spyware implant targeting the Uyghur Muslim minority in China's autonomous region of Xinjiang. The findings, published by digital forensics firm Volexity, reveal that the exploit — named "Insomnia" — works against iOS versions 12.3, 12.3.1, and 12.3.2 using a flaw in WebKit that was patched by Apple with the release of iOS 12.4 in July 2019. Volexity said the attacks were carried out by a state-sponsored hacking group it calls Evil Eye, the same threat actor that it said was behind a series of attacks against the Uyghurs last September following a bombshell disclosure by Google's Project Zero team. Watering Holes Attacks Targeting Uyghur Websites The malware campaign previously exploited as many as 14 vulnerabilities spanning from iOS 10 all the way through iOS 12 over a period of at least two years via a small collection of malicious websites that were used as a ...

Judiciary Dying in Own Movie, As President Museveni Okays Extra Shillings 10 Billion Share, With Each MP Getting Shs 20 Million ($5300) To Fight Coronavirus.

The Ugandan Shillings 10 Billionwas yesterday 21-April-2020 finally sent to Members of Parliament bank accounts a few minutes to Midday, moments before the court order was issued stopping the Parliamentary Commission from dispensing it to Legislators. We have been reliably informed that, MPs with accounts at Cairo International Bank, Centenary Bank and ABSA have already gotten notifications that UGX 20M has been credited on their accounts. Yesterday morning, Ntungamo Municipality MP, Gerald Karuhanga and Erute South legislator Jonathan Odur petitioned court seeking to halt the Parliamentary Commission from paying Shs 10 billion to MPs to fight Covid-19 epidemic. Hours later, the Civil court in Kampala issued an injunction stopping the Parliamentary Commission from dispensing the UGX 10B to Legislators. Karuhanga and Odur’so celebrations did not last long after learning that their court order was useless, Parliament, Accountant General and BoU had beaten them on the thread of ti...

Warning For Apple Product Users: It is Possible to Hack iPhones Just by Sending Emails.

Watch out Apple users! The default mail app pre-installed on millions of iPhone and iPad has been found vulnerable to two critical flaws that could let remote hackers secretly take complete control over Apple devices just by sending an email to targeted individuals. According to cybersecurity researchers at ZecOps, the vulnerabilities in question are out-of-bounds write and remote heap overflow issues, one of them is a dangerous ' zero-click ' flaw that can be exploited without requiring any interaction from the targeted recipients. Both remote code execution flaws reside in the MIME library of the mail app that can get triggered while processing the email content. These flaws existed for the last 8 years since the release of iOS 6 and also affect the latest iOS 13. What's more worrisome is that multiple groups of attackers are already exploiting these flaws—for at least 2 years as zero-days in the wild—to target individuals from various industries and organizations, MSSPs ...

#CORONAVIRUS_AWARENESS. Amidst Excitement Amongst Some Ugandan MPs, The High Court Has Today Haulted The Release of Shs 10Bn For MPs, Pending Ruling on Petition.

#CORONAVIRUS_AWARENESS. The Civil Division of the High Court has ruled that the release of the controversial Shs 10bn to Members of Parliament be delayed until the hearing of the application challenging the allocation, scheduled for April 29. Two legislators – Gerald Karuhanga and Jonathan Odur – petitioned the Civil Division of the High Court seeking to block the Shs 10bn Parliament allocated itself from the Covid-19 supplementary budget. The legislators argue that Parliament was wrong and selfish to allocate money to themselves and that the Budget committee sneaked into the budget the allocation for Parliament. The legislators who are represented by A.F Mpanga and Company Advocates handed the petition to the High Court registrar Sarah Langa on Monday, April 20. Democratic Party leader Norbert Mao in a post on his facebook page said the MPs had earned themselves space on the wall of shame for their 10Bn ‘Cut’ off the Covid-19 Budget. Earlier, FDC’s Dr Kizza Besigye called out ...

Unpatchable Hardware Vulnerability 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers.

A newly discovered unpatchable hardware vulnerability in Xilinx programmable logic products could allow an attacker to break bitstream encryption, and clone intellectual property, change the functionality, and even implant hardware Trojans. The details of the attacks against Xilinx 7-Series and Virtex-6 Field Programmable Gate Arrays (FPGAs) have been covered in a paper titled "The Unpatchable Silicon: A Full Break of the Bitstream Encryption of Xilinx 7-Series FPGAs" by a group of academics from the Horst Goertz Institute for IT Security and Max Planck Institute for Cyber Security and Privacy. "We exploit a design flaw which piecewise leaks the decrypted bitstream," the researchers said. "In the attack, the FPGA is used as a decryption oracle, while only access to a configuration interface is needed. The attack does not require any sophisticated tools and, depending on the target system, can potentially be launched remotely." The findings will be ...

IN HER CONTINOUS EFFORTS TO COMBAT UNEMPLOYMENT AND POVERTY, MARACHA DISTRICT WOMAN MP INVENTED FISH FARMING PROJECTS FOR THE YOUTHS IN MARACHA.

Hon Ayaka Rose Atima, the Woman Member of Parliament for Maracha District, has in years now, been volunterily thriving auxiliary support for the Youths in terms of providing them with Basic Skills and Knowledge of how to make money. Fish Pond Project initiative, is one of the many other skills the Woman MP has been rendering for the People of Maracha to alleviate Poverty. During an interface we had in the beginning of March-2020 with the youth leaders of the pilot sites, we learnt that many groups are preparing their ponds to benefit from this venture with a lot of anxiety. Also on a Telephone Interview with One of the Fish Farmers in Maracha, it is disclosed that, each of the Fish Pond contains about 500 Immature Fish and if taken care properly for about Six Months, One mature Fish can weigh 3Kgs and above. Per the current Commodity Prices, One Kilogram of 🐟 Fish equals to 20,000 Shillings. To give a brief overview, 20,000 X 3 = 60,000 Shs (per fish). Then multiply Shillings ...

New COVID-Themed Malware Targeting Governments And Energy Sectors.

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware. A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans (RAT) capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word documents as droppers to deploy a previously unknown Python-based RAT dubbed "PoetRAT" due to various references to sonnets by English playwright William Shakespeare. "The RAT has all the standard features of this kind of malware, providing full control of the compromised system to the operation," said Cisco Talos in an analysis published last week. According to the researchers, the malware specifically targets supervisory control and data acquisition (SCADA) systems in the energy industry, such as wind turbine systems, whose identities are currently not known. The development is the latest in a s...