Tag

Remote Access

All articles tagged with #remote access

RedHook variant weaponizes Wireless ADB to gain shell control on Android
technology-security1 day ago

RedHook variant weaponizes Wireless ADB to gain shell control on Android

A new RedHook Android malware variant abuses Wireless ADB to obtain shell-level privileges without a PC by tricking victims into granting Accessibility permissions and using Shizuku to run privileged commands. It effectively turns the phone into its own ADB client (via 127.0.0.1), enabling 53 commands including screen streaming, input simulation, app install/uninstall, data theft, overlays, and even camera access, all without device rooting. The malware uses multiple persistence methods (silent audio, WakeLocks, dual services, watchdog, boot autostart, and oom_score_adj) and is distributed via social engineering that impersonates government or financial institutions to push fake Google Play sites. Users are advised to only install from Google Play, scrutinize permissions, and keep Play Protect enabled.

Codex Gains Locked-Screen Mac Access with Safeguards
technology1 month ago

Codex Gains Locked-Screen Mac Access with Safeguards

OpenAI's Codex can now run on a Mac while the screen is locked via a new Locked use feature and an Apple authorization plug-in. Codex can be controlled from a phone to operate Mac apps even when the display is off, but it isn’t a general unlock path; safeguards include a short‑lived authorization window, Codex-only access, and coverage across all connected displays, plus it won’t work if the MacBook lid is closed.

Hacked from Across the Globe: Yarbo Robotic Mowers Reveal Widespread Security Flaws
technology2 months ago

Hacked from Across the Globe: Yarbo Robotic Mowers Reveal Widespread Security Flaws

A security researcher demonstrates that Yarbo’s all-in-one robot lawn mowers can be hijacked remotely due to universal hardcoded root passwords and a built-in backdoor, giving access to owners’ GPS data, Wi‑Fi credentials, and camera/video feeds across thousands of devices worldwide. The demo shows remote control over mowers, potential spying on homes, and even the risk of turning devices into botnets. Yarbo says it’s working on fixes, stronger access controls, and a possible bug‑bounty program, while acknowledging security concerns and ongoing investigations.

Beware of GhostTouch: The New Remote Smartphone Hacking Method
cybersecurity3 years ago

Beware of GhostTouch: The New Remote Smartphone Hacking Method

Cybercriminals are using a new technique called GhostTouch to remotely hack certain smartphones by using electromagnetic signals to simulate primary touch events like taps and swipes on targeted locations of the touchscreen. The hackers aim to take remote control of the smartphone to manipulate it in potentially dangerous ways, such as accessing the device’s data and passwords, accessing unsafe services or installing malware. The attack works from a distance of up to 40 mm, and the hardware could be placed under the table and used to access the smartphone. The best way to protect your information against GhostTouch is to make sure your smartphone has a security mechanism, either a PIN code, a swipe pattern or biometrics.

Azure Serial Console Exploited by Hackers for VM Access and SIM Swapping Attacks
cybersecurity3 years ago

Azure Serial Console Exploited by Hackers for VM Access and SIM Swapping Attacks

A financially motivated cybergang known as UNC3944 is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines. They abuse the Azure Serial Console to install remote management software for persistence and use Azure Extensions for stealthy surveillance. UNC3944 aims to steal data from victim organizations using Microsoft's cloud computing service. The attack demonstrates the group's deep understanding of the Azure environment and how they can leverage built-in tools to evade detection.

Smart Garage Door Opener Vulnerability Allows Remote Hacking
cybersecurity3 years ago

Smart Garage Door Opener Vulnerability Allows Remote Hacking

Security researcher Sam Sabetan has discovered a major security hole in the mobile app for Nexx's smart garage door controller, which allows hackers to remotely open connected doors. The vulnerability is due to a shared universal password that applies across all devices and leaks via Nexx's API and firmware. Sabetan also uncovered four other related vulnerabilities that can involve hijacking Nexx's smart plugs and smart alarm products. Despite attempts to contact the company, Nexx has been silent on fixing the issue. Sabetan estimates that over 40,000 devices are impacted and recommends disconnecting the devices and contacting Nexx for remediation steps.