Tuesday, August 18, 2015

More and more Telecom Corps use super-cookies to monitor their customers

They are indestructible. Although we press the button "clear cookies" they're still there. The target of the super-cookies is to monitor our browsing, glorifying the custom advertisement and more and more telecom companies install them to their costumers. We'll also talk today about a dangerous hole in OSX, ransomware, and how to detect they've infected our BIOS. Let's go.

When was known that Verizon and AT&T monitored their mobile phone customers with super-cookies, one year ago, the scandal emerged and these companies promised to allow their deactivation. But six months later, its use hasn't been racionalized but exploited instead. According to a study, there's already 9 telecom companies which use super-cookies: Verizon, AT&T, Bell Canada, Bharti Airtel, Cricker, Telefónica de España, Viettel Perú S.a.c., Vodafone NL and Vodafone Spain.

A hole without patch

Whereas, in Italy, Luca Todesco, 18, has discovered a failure in the newest OSX version and before, till the 10.9.5. The kid didn't know anything about "responsible disclosure"and he simply published the failure in his blog, warning Apple about the problem. The result: there's no patch for the hole, quite dangerous because it allows the access as an admin with privileges to an attacker who, for example, sends an e-mail with malware.

Free Ransomware 

The same danger, even bigger because it affects a lot of people, supposes what has done the Turkish Utku Sen: he has published for first time the source code of a ransomware, so anybody could download or modify it. The ransomware is called Hidden Tear and uses AES encryption for its misdeeds. If we remember what happened when the code of the bank trojan Zeus was free and how the world was full of similar trojans, we could start to frighten about something resembling.

Is my BIOS infected?

We finish with an interesting text from the cybersecurity expert David Barroso: Is my BIOS/UEFI infected? If we talked about any topic this summer it was the directed attacks to firmware, a dark zone without antivirus. As we have seen in different security conferences, more and more attacks of this kind are about to come. It's good to be informed.

With this we finish the daily news summary. We recommend our readers that, if they want more, they can visit our Twitter where they' can see, from a password lesson by the Marx Brothers, till the celebration of the 20th anniversary of the film "Hackers".  


Post a Comment