TSEC NEWS: 06.05.21 Cron-Job Fehlerhaft nach PHP Update + PWA mobile + Desktop / 04.05.21 - Android App von TSECURITY 28.04.21 - NEUER SERVER // 26.04.21 ++ Download the Electron-App für tsecurity.de // Über 550 Feed-Quellen


❈ Is Your Peloton Spinning Up Malware?

IT Security Nachrichten mcafee.com

Connected Fitness

[Disclaimer: The McAfee ATR team disclosed this vulnerability to Peloton and promptly started working together to responsibly develop and issue a patch within the disclosure window. The patch was tested and confirmed effective on June 4, 2021.] Picture this: A hacker enters a gym or fitness center with a Peloton Bike+. They insert a tiny USB key with a boot […]

The post Is Your Peloton Spinning Up Malware? appeared first on McAfee Blogs.

...


Kompletten Artikel lesen (externe Quelle: https://www.mcafee.com/blogs/consumer/mobile-and-iot-security/is-your-peloton-spinning-up-malware/)

Zur Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 233.93 Punkte
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ

vom 233.93 Punkte
The backgroundThe bash Shellshock vulnerability (link) is still proven to be one of the fastest way to spread ELF malware infection to NIX boxes in internet, along with Linux systems which are still having the vulnerable version. This fact that is not kno

Peloton's Leaky API Let Anyone Grab Riders' Private Account Data

vom 226.99 Punkte
Zack Whittaker, reporting for TechCrunch: Halfway through my Monday afternoon workout last week, I got a message from a security researcher with a screenshot of my Peloton account data. My Peloton profile is set to private and my friend's list is deliberately

Get smart about preparing your app for OAuth verification

vom 212.65 Punkte
Posted by Nafis Zebarjadi, Product Manager and Adam Dawes, Senior Product Manager Project Strobe was started to help users have control over their data while giving developers more explicit rules of the road to ensure everyone is confident that their data is secure. One result of this effort has been to expand our app verification program to cover

How Peloton Bricked the Screens On Flywheel's Stationary Bikes

vom 211.38 Punkte
DevNull127 writes: Let me get this straight. Peloton's main product is a stationary bicycle costing over $2,000 with a built-in touchscreen for streaming exercise classes. ("A front facing camera and microphone mean you can interact with friends and encourage

'Project Magnum': Flywheel's Alleged Plot To Steal Peloton's Technology

vom 174.61 Punkte
em1ly writes: Spin bike maker Flywheel lost a patent lawsuit to rival company Peloton, announcing yesterday that it's shutting down. Motherboard uncovered some wild corporate espionage in the court documents: "At some point before the launch of FLY Anywhere,

Celebrating International Women’s Day with 21 tech trailblazers

vom 173.82 Punkte
Posted by The Google Developers Team Today we are celebrating International Women’s Day by highlighting a series of 21 tech trailblazers who are making significant strides in the developer community. Many of the women we interviewed are directly involved with our educational outreach and inclusivity programs like Google Developer Groups and Women Techmakers while others are Google Developers

MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module

vom 162.68 Punkte
Background Apparently Linux ELF malware is becoming an interesting attraction from several actors from People Republic of China(in short: PRC). This post is one good example about it. It explains also why myself, from my team (MMD), put many effort t

MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module

vom 162.68 Punkte
Background Apparently Linux ELF malware is becoming an interesting attraction from several actors from People Republic of China(in short: PRC). This post is one good example about it. It explains also why myself, from my team (MMD), put many effort t

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

vom 152.02 Punkte
Original release date: October 27, 2020SummaryThis advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity

AA21-048A: AppleJeus: Analysis of North Korea’s Cryptocurrency Malware

vom 150.17 Punkte
Original release date: February 17, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. This joint advisory is the result o

Is Your Peloton Spinning Up Malware?

vom 146.43 Punkte
[Disclaimer: The McAfee ATR team disclosed this vulnerability to Peloton and promptly started working together to responsibly develop and issue a patch within the disclosure window. The patch was tested and confirmed effective on June 4, 2021.] Picture this: A hacker

Team Security Diskussion über Is Your Peloton Spinning Up Malware?