Afternoon Dessert – 2022-12-01


Welcome to another Afternoon Dessert breakout:

Hyundai app bugs allowed hackers to remotely unlock, start cars
Vulnerabilities in mobile apps exposed Hyundai and Genesis car models after 2012 to remote attacks that allowed unlocking and even starting the vehicles. […]
Read more….

Hackers Leak Another Set of Medibank Customer Data on the Dark Web
Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom.
“We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole,” the Australian health insurer said.
“While our investigation continues there
Read more….

Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, and Windows Zero-Days
A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018.
“Their Heliconia framework exploits n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender, and provides all the tools necessary to
Read more….

Serious Security: MD5 considered harmful – to the tune of $600,000
It’s not just the hashing, by the way. It’s the salting and the stretching, too!
Read more….

New DuckLogs malware service claims having thousands of ‘customers’
A new malware-as-a-service (MaaS) operation named ‘DuckLogs’ has emerged, giving low-skilled attackers easy access to multiple modules to steal information, log key strokes, access clipboard data, and remote access to the compromised host. […]
Read more….

Microsoft: KB5020044 makes Task Manager partially unreadable
Microsoft says that parts of the Task Manager might become unreadable for some customers after installing this month’s KB5020044 preview update for Windows 11 22H2 systems. […]
Read more….

Brave starts showing “privacy-preserving” ads in search results
Brave Software announced that, as part of a global beta program, it is now displaying “privacy-preserving ads” in-between results shown by its web search engine to select users. […]
Read more….

The CHRISTMA EXEC network worm – 35 years and counting!
“Uh-oh, this viruses-and-worms scene could turn out quite troublesome.” If only we’d been wrong…
Read more….

S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]
Latest episode – listen now (or read if you prefer)…
Read more….

Follow for more…


Create a website or blog at

%d bloggers like this: