Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
The disclosure comes more than two months after the GrapheneOS team revealed that forensic companies are exploiting firmware vulnerabilities that impact Google Pixel and Samsung Galaxy phones to steal data and spy on users when the device is not at rest.
-----
📷 Image Credit: The Independent
Cyber_Security_Channel
Authy vs Google Authenticator: Two-Factor Authenticator Comparison
Twilio’s Authy is a mobile two-factor authentication app that strengthens online security by sending a one-time password to your mobile or desktop device.
It directly syncs with websites and services to grant user access and is completely free.
Cyber_Security_Channel
What to Know About Protecting Your Car Data Privacy
Some car companies do allow consumers to adjust connectivity settings, and drivers can read about how in their car's privacy policy.
But opting out of all data sharing isn't always possible.
-----
📌 Want to ensure your digital safety?
Become HACKPROOF:
→ Learn how to beat fraudsters, prevent identity theft, and say goodbye to cybercrime!
-----
Cyber_Security_Channel
ℹ️ Timeline of the xz Open Source Attack
You have probably already heard about Malicious Code in XZ Utils for Linux Systems.
Over a period of over two years, an attacker using the name “Jia Tan” worked as a diligent, effective contributor to the xz compression library, eventually being granted commit access and maintainership.
Using that access, they installed a very subtle, carefully hidden backdoor into liblzma, a part of xz that also happens to be a dependency of OpenSSH sshd on:
- Ubuntu
- Debian
- Fedora
And other systemd-based Linux systems that patched sshd to link libsystemd.
That backdoor watches for the attacker sending hidden commands at the start of an SSH session, giving the attacker the ability to run an arbitrary command on the target system without logging in — leading to unauthenticated, targeted remote code execution.
You can find the timeline of this long-term story (2 years!) here.
-----
📷 Image Credit: Securing Society 5.0
@Cyber_Security_Channel
Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others
It chiefly entailed setting up a clever typosquat of the official PyPI domain known as "files.pythonhosted[.]org," giving it the name "files.pypihosted[.]org" and using it to host trojanized versions of well-known packages like colorama.
Cloudflare has since taken down the domain.
📷 Image Credit: SheCodes
Cyber_Security_Channel
3 Ways Businesses Can Overcome the Cybersecurity Skills Shortage
Also, there is a shortage of high-quality cybersecurity programs in schools and higher education institutions.
While there are good examples, many programs have limited course offerings and outdated curricula.
The result is a shallow pool of candidates who can identify, assess, and mitigate cyber threats such as phishing attacks.
Similarly, many current cybersecurity programs are not up to date with the latest cyber threats, leaving a gap between the skills taught and those required in real-time scenarios.
Cyber_Security_Channel
🎊 Today, Thursday, 4th of April, is Gumroad Day!
Gumroad first went live on April 4, 2011, and the platform is celebrating its 13th birthday by lowering fees from 10% to 0%.
That means for the full day of April 4, 2024 – according to your timezone, set within Gumroad settings – there will be no Gumroad fees.
This is a great opportunity to purchase some of your favorite digital products with beneficial discounts.
⭐️ Here are a few suggestions curated by Cyber Security News:
→ 2024 GDPR & Cyber Security Epic Bundle — click here.
→ The Essential Cyber Security Playbook — click here.
→ Internet Security Fundamentals — click here.
Happy shopping!
-----
📷 Image Credit: Gumroad & Kyle T Webster
@Cyber_Security_Channel
Deloitte Launches CyberSphere Platform to Simplify Cyber Operations for Clients
CyberSphere will offer clients the ability to leverage a curated set of modular capabilities supported by an ecosystem of third-party technology providers augmented by Deloitte services.
Modules initially powered by CyberSphere will include digital identity management, managed extended detection and response (MXDR), attack surface management (ASM), managed secure access services edge (MSASE) and incident response. Future iterations of CyberSphere will include additional modules.
Cyber_Security_Channel
Care Retailer of Belgian Health Insurance Provider Victim of Data Breach
Goed is a healthcare retailer with operations in Flanders and Brussels.
The healthcare retailer has pharmacies (about 90) and home care stores (about 35).
The store sells and rents health aid to support patients staying at home. It is also part of the Belgian health insurance provider CM.
Cyber_Security_Channel
WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
The development comes as the WordPress security company warned of a similar high-severity privilege escalation flaw in the RegistrationMagic plugin (CVE-2024-1991, CVSS score: 8.8) affecting all versions, including and prior to 5.3.0.0.
📷 Image Credit: Hostinger
Cyber_Security_Channel
Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice
The last phase involves decoding and executing Agent Tesla in memory, allowing the threat actors to stealthily exfiltrate sensitive data via SMTP using a compromised email account associated with a legitimate security system supplier in Turkey.
📷 Image Credit: Nottingham Trent University
-----
📌 Want to protect your online presence?
Become HACKPROOF:
→ Learn how to beat fraudsters, prevent identity theft, and say goodbye to cybercrime!
-----
Cyber_Security_Channel
PKI Mistakes That Were So Bad They Made Headlines
Public key infrastructure (PKI)-related lessons gleaned from public and private entities that got publicity for all the wrong reasons.
PKI Mistake #1: Poorly Managing Your PKI Certificates Leads to Outages & Downtime PKI Mistake #2: Poor Key Management Lets Bad Guys Steal Your Keys PKI Mistake #3: Publishing Your Keys Where Anyone Can Find Them
Businesses and other organizations must implement and adhere to strict certificate and key management best practices or face the consequences.
Cyber_Security_Channel
Tuta Becomes the First Quantum-resistant Email Service With New Hybrid Protocol
TutaCrypt comes to replace the classic asymmetric cryptography (RSA-2048) — a necessary piece of tech for emails to ensure a receiver can only know the public key of the sender but not the private key.
The new quantum-safe hybrid encryption protocol combines a post-quantum Key Encapsulation Mechanism (CRYSTALS-Kyber) and an elliptic-curve Diffie Hellmann key exchange (x25519).
-----
📌 Want us to publish an article about your company/product?
→ Contact: @cybersecadmin (open 24/7)
-----
Cyber_Security_Channel
Apple Stingy With Details About Latest iOS Update
"For the protection of our customers, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are generally available," Apple Support said about the latest update.
Cyber_Security_Channel
How Dangerous are Deepfakes and Other AI-Powered Fraud?
With the right prompt fine-tuning, everyone can create seemingly real images or make the voices of prominent political or economic figures and entertainers say anything they want.
While creating a deepfake is not a criminal offense on its own, many governments are nevertheless moving towards stronger regulation when using artificial intelligence to prevent harm to the parties involved.
Cyber_Security_Channel
AI's Dual Role in SMB Brand Spoofing
However, AI is not just a tool in the attacker arsenal. Security architects are fighting back by designing security tools that use AI to detect and block impersonation attacks.
This gives organizations, especially SMBs with limited budgets and resources, a boost in their abilities to fight back.
Cyber_Security_Channel
Bethel School District Data Breach Causes Stress, Financial Issues for Community
“The computer system was down at Bethel and the phone systems were down at Bethel and I’m thinking that’s what it was at that time but they didn’t tell anybody that this was going on,” said the parent who talked with KOMO.
Cyber_Security_Channel
YouTube Video Game ‘Hacks’ Contain Malware Links
Many of the games used as lures were deliberately chosen because they are popular among children, Proofpoint said, indicating that the threat actors are trying to trick those less likely to follow online safety best practices.
Cyber_Security_Channel
Beware of Encrypted PDFs as the Latest Trick to Deliver Malware to You
The attack itself is pretty simple. As previously mentioned, attackers will send an encrypted PDF and then a malware-loaded “encryption tool” once the victims respond.
That “encryption tool” will even display a fake PDF document to really sell the ruse.
However, it’s really backdooring a piece of malware called Spica into your device.
Cyber_Security_Channel
New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns
Initially, victims are directed via email attachments or QR codes to a page featuring a Cloudflare Turnstile challenge designed to thwart unwanted traffic.
Upon successful completion, users encounter a fake Microsoft authentication page, where their credentials are harvested.
Cyber_Security_Channel
Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working
n 2023, Google said its teams monitored 97 zero-day vulnerabilities exploited in-the-wild in 2023, a 50 percent jump over the 62 bugs exploited the year before.
Crunching the numbers, the researchers found that attackers have shifted focus to third-party components and libraries that provide broad access to multiple targets of choice.
Cyber_Security_Channel
Air Europa Alerts Customers to Possible Data Breach After Cyber Attack
This disclosure comes after Air Europa experienced a cyber attack on its online payment system last October, resulting in some customers’ credit card details being exposed.
At the time, the airline assured that no other information was compromised, although it did not specify the number of affected customers.
Cyber_Security_Channel
You've probably already heard about Malicious Code in XZ Utils for Linux Systems.
Here is the timeline of this long-term story (2 (two) years!).
It’s a very interesting read!📖
White House, EPA Warn Water Sector of Cybersecurity Threats
The letter pointed to the China-sponsored hacking group Volt Typhoon’s targeting of critical infrastructure sectors like drinking water in the U.S. as an example of the threat.
National security officials have been sounding the alarm that Volt Typhoon’s intrusion suggests that China is pre-positioning itself to carry out disruptive attacks in the event of a conflict over Taiwan.
Cyber_Security_Channel
New Zealand Media Company: Hackers Directly Targeting Individuals After Alleged Data Breach
MediaWorks has confirmed the database held “name, date of birth, gender, address, post code and mobile number” information, as well as in some cases images or videos uploaded as part of people’s entries to the competition.
Cyber_Security_Channel
What is Fully Homomorphic Encryption and How Will it Change Blockchain?
Fully homomorphic encryption (FHE) offers a potential solution by enabling the processing of encrypted data without needing to decrypt it first, thus preserving confidentiality.
This advancement not only enhances data security and privacy, but also extends the potential for secure data analysis and decentralized services.
Cyber_Security_Channel
ChatGPT Spills Secrets in Novel PoC Attack
The research showcases how adversaries can extract supposedly hidden data from an LLM-enabled chat bot so they can duplicate or steal its functionality entirely.
The attack — described in a technical report released this week — is one of several over the past year that have highlighted weaknesses that makers of AI tools still need to address in their technologies even as adoption of their products soar.
Cyber_Security_Channel
Three-Quarters of Cyber Incident Victims Are Small Businesses
Additionally, ransomware operators are building malware to target macOS and Linux operating systems.
Sophos researchers have observed leaked versions of LockBit ransomware targeting macOS on Apple’s own processor and Linux on multiple hardware platforms.
@Cyber_Security_Channel
Alabama Websites Recovering From DDoS Cyberattack
The attack comes several years after Gov. Kay Ivey in 2018 announced the opening of Alabama’s first cybersecurity operations center, which is designed to prevent and respond to cyberattacks.
The center was designed to provide a single location to manage the cybersecurity of the state’s 146 agencies and minimize system downtime.
Cyber_Security_Channel
Chrome’s Standard Safe Browsing Now Has Real-Time URL Protection
By keeping the list server-side, Safe Browsing also avoids scenarios where devices do not have the necessary resources to store the full list, which grows at a rapid pace, or apply updates in a timely manner.
Cyber_Security_Channel