Are You Safe From the Research Vigilantes?

When I wrote my book, The China investor: Getting rich with the next Superpower in 2002, one of my stock picks was a Hong Kong-listed vegetable grower called Chaoda modern agriculture.“It has created its own Chaoda trademark, sells its branded produce in company-owned outlets and third-party supermarkets in the prosperous coastal provinces, boasts net profit margins of better than 60% and has started paying cash dividends,” I wrote.

Read more here 🙂


Cisco VoIP phone vulnerability allow eavesdropping remotely

A fifth year grad student from the Columbia University Intrusion Detection Systems Lab and co-founder of Red Balloon Security, has demonstrated an attack on common Cisco-branded Voice over IP (VoIP) phones that could easily eavesdrop on private conversations remotely.

The vulnerability that the student demonstrated was based on work he did over the last year on what he called ‘Project Gunman v2’, where a laser printer firmware update could be compromised to include additional, and potentially malicious, code.

more into it here

Samsung Exynos 4 Exploit Discovered

The vulnerability was discovered by an XDA member, and it gives access to all physical memory.

The devices compatible with ExynosAbuse include: Samsung Galaxy S2 GT-I9100, Samsung Galaxy S3 GT-I9300, Samsung Galaxy S3 LTE GT-I9305, Samsung Galaxy Note GT-N7000, Samsung Galaxy Note 2 GT-N7100, Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders), Samsung Galaxy Note 10.1 GT-N8000 and the Samsung Galaxy Note 10.1 GT-N8010.

Read more here.


New Trojan attempts SMS fraud on OS X users

The Russian security firm Dr. Web has uncovered another malware attempt on OS X systems that tries to exploit users with SMS fraud.

The new malware is a Trojan horse, dubbed “Trojan.SMSSend.3666,” and is part of a family of Trojan malware for Windows and other platforms that have affected Windows users for years.

As with all Trojans, these pose as legitimate programs that are made available for download from a number of underground Web sites, with this current one for OS X appearing to be an installer for a program called VKMusic 4, a utility whose legitimate version is used for communication between machines on a European social network called VK.


FBI hack yielded 12 million iPhone and iPad IDs, Anonymous claims

Hackers associated with Anonymous have published a million unique device identifiers from Apple devices, claiming they were taken from an FBI computer. The alleged hack was intended to publicise the existence of some kind of secret FBI tracking project.

Someone using the banner of AntiSec — a 14-month-old joint operation of Anonymous and LulzSec — posted a document to Pastebin on Monday that contained links to around a million Apple unique device identifiers (UDIDs). The anonymous poster said the release was intended to highlight the FBI’s alleged tracking of Apple customers.