All about Cybersecurity and Technology news

               What if just receiving a video call on WhatsApp could hack your smartphone? This sounds filmy, but Google Project Zero security researcher Natalie silvanovich found  a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app. The vulnerability is a memory heap overflow issue which is triggered when a user receives a specially crafted malformed RTP packet via a video call request, which results in the corruption error and crashing the WhatsApp mobile app. Since the vulnerability affect RTP (Real-time Transport Protocol) implementation of Whatsapp, the flaw affects Android and iOS apps, but not WhatsApp Web that relies on WebRTC for video calls. Silvanovich also published a proof-of-concept exploit, along with the instructions for reproducing the WhatsApp attack. Although the proof of concept  published by Silvanovich only triggers memory

CHEETAH MOBILE:  a prominent chinese app company ,known for its most popular serving apps like clean master and battery Doctor and one of its subsidiary Kika Tech have been found guilty and been caught up in Android Ad-fraud scheme that stole millions of dollars from advertisers. According to report of app analysis from app analytics firm kochava, having total of 2 billion downloads comprises of 7 Android apps developed by cheetah mobile and 1 from kika tech have been caught up for falsely claiming the credits (rewards) for making users to download a new application for which they claim a reward bounty. In spite many of mobile application legally promotes to download new application and claim their reward legally with bounty which ranges from $0.50 to $3.00. The process behind understanding of newly installed application that through which application and ad it was promoted,is very simple .It just 'lookback' to the last click which user have clicked to install t

LUMINOSITYLINK HACKING TOOL AUTHOR GETS 30-MONTHS PRISON SENTENCE A 21-year-old Kentucky man who previously pleaded guilty to developing, marketing, and selling an infamous remote access trojan (RAT) called LuminosityLink has now been sentenced to 30 months in prison. According to a press release published Monday by U.S. Attorney’s Office, Colton Grubbs, who used online moniker 'KFC Watermelon,' was pleaded guilty for three counts--unlawfully accessing computers in furtherance of a criminal act, money laundering, and illegal removal of property to prevent its lawful seizure. First surfaced in April 2015, the LuminosityLink RAT (Remote Access Trojan), also known as Luminosity, was a hacking tool that was sold for $40, marketing itself as a legitimate tool for Windows administrators to "manage a large number of computers concurrently." However, in reality, LuminosityLink was designed to be a dangerous, remote access trojan that among other malicious features, all

  WINDOWS 10 BUG LET UWP APPS ACCESS ALL FILES WITHOUT USER'S CONSENT Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent  Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft Store apps with extensive file system permission to access all files on users' computers without their consent. With Windows 10, Microsoft introduced a common platform, called Universal Windows Platform (UWP), that allows apps to run on any device running Windows 10, including desktop PC, Xbox, IoT, Surface Hub, and Mixed-reality headset. UWP apps have the ability to access certain API, files like pictures, music, or devices like camera and microphone, by declaring required permissions in their package manifest (configuration) file. By default, UWP apps have access to directories, where the app is installed on the users’ system and where the app can store data (local, roaming and temporary folder

NEW IPHONE PASSCODE BYPASS FOUND HOURS AFTER RELEASES IOS 12.1 It's only been a few hours since Apple releases  iOS 12.1  and an iPhone enthusiast has managed to find a passcode bypass hack, once again, that could allow anyone to see all contacts' private information on a locked iPhone. Jose Rodriguez , a Spanish security researcher, contacted The Hacker News and confirmed that he discovered an iPhone passcode bypass bug in the latest version of its iOS mobile operating system, iOS 12.1, released by Apple today. To demonstrate the bug, Rodriguez shared a video with The Hacker News, as shown below, describing how the new iPhone hack works, which is relatively simple to perform than his previous passcode bypass findings.  Instead, the issue resides in a new feature, called  Group FaceTime , introduced by Apple with iOS 12.1, which makes it easy for users to video chat with more people than ever before—maximum 32 people. How D