A new version of North Korea’s AppleJeus malware has been spotted, one more effective than the last version.
Security
Texas Sees Surge in Iranian Cyber Attacks
Texas officials say they’ve seen an increase in Iranian cyber attacks. Over the past two days as many as “10,000 probes…per minute” came from the country.
Speaking after a meeting of the Texas Domestic Terrorism Task Force, of which she’s a member, Crawford of the state information resources agency said as far as she knows, none of the attempted cyberattacks on state government networks originating in Iran have been successful.
Here’s What Data is Accessible With Cloud Forensics
When a company like Cellebrite or GrayKey use their devices to break into your iPhone, it’s not just your local data that can be accessed. Using various types of “cloud forensics” or cloud extraction technology, they can get your data in the cloud as well. It’s a long read but worth it.
Cellebrite’s UFED Cloud Analyzer, for example, uses login credentials that can be extracted from the device to then pull a history of searches, visited pages, voice search recording and translations from Google web history and view text searches conducted with Chrome and Safari on iOS devices backed-up iCloud.
Travelex Infected With Sodinokibi Ransomware, Attacker Wants $3M
A cyber attack infected international foreign currency exchange Travelex with Sodinokibi ransomware. The attackers are demanding US$3 million.
The attack occurred on December 31 and affected some Travelex services. This prompted the company to take offline all its computer systems, a precaution meant “to protect data and prevent the spread of the virus.”
We were told that they deleted the backup files and that the ransom demanded was $3 million; if not paid in seven days (countdown likely started on December 31), the attackers said they will publish the data they stole.
FBI Wants Apple’s Help to Unlock iPhones Again
The FBI is again asking Apple’s help to unlock iPhones. This time it’s part of an investigation into the shooting at the Naval Air Station in Pensacola, Florida.
macOS: How to Display All Previously Installed Security Updates
macOS maintains a listing of all software updates. That list contains a list of all previously applied security updates. John shows how to display those entries.
Wyze Leaks Data of 2.4 Million Security Camera Customers
Wyze makes cheap security cameras for people, cheap in terms of price and now apparently security (ironically). A database of its user data was found exposed on the internet, unsecured.
This included a staggering array of personal information including email addresses, a list of cameras in the house, WiFi SSIDs and even health information including height, weight, gender, bone density and more.
“We are confirming that some Wyze user data was not properly secured and left exposed from December 4th to December 26th,” the company said. It denied that it had leaked bone density information, for example, but confirmed it had leaked “body metrics” for a small number of beta testers.
I’m still trying to figure out why a security camera company would have health information.
Apps To Delete, Year Of Security – TMO Daily Observations 2019-12-27
Bryan Chaffin and Andrew Orr join host Kelly Guimont to discuss apps you should remove from your devices, and making 2020 more secure.
Twitter Android Bug Matched 17M Phone Numbers to Accounts
By exploiting a bug in the Twitter Android app, security researcher Ibrahim Balic matched 17 million phone numbers to Twitter accounts.
Spotify Encourages Journalists to Plug in Random USB Drives
As part of a promotion for a podcast, Spotify sent USB drives to journalists. But the move was criticized by computer security researchers.
But anyone with basic security training under their hat — which here at TechCrunch we do — will know to never plug in a USB drive without taking some precautions first.
Plugging in random USB drives is a bigger problem than you might think. Elie Bursztein, a Google security researcher, found in his own research that about half of all people will plug into their computer random USB drives.
I doubt anyone at Spotify was clueless about the security risk. But negative publicity is still publicity.
Mac Apps Have to be Notarized by February 2020
Apple says that Mac apps distributed outside of the Mac App Store have to be notarized by February 3, 2020, an attempt to increase security.
267 Million Facebook IDs, Phone Numbers Exposed
A database that contained over 267 million Facebook user IDs, phone numbers, and IDs was discovered on the web. It wasn’t password-protected.
Comparitech partnered with security researcher Bob Diachenko to uncover the Elasticsearch cluster. Diachenko believes the trove of data is most likely the result of an illegal scraping operation or Facebook API abuse by criminals in Vietnam, according to the evidence.
Diachenko immediately notified the internet service provider managing the IP address of the server so that access could be removed. However, Diachenko says the data was also posted to a hacker forum as a download.
FBI Shares 7 Tech Tips to Keep You Safe
The FBI’s Oregon office shared seven tech tips to keep people safe over the holidays, like not letting devices auto-connect to free Wi-Fi. It’s well worth the read.
The kids are getting out of school this week and you are packing your bags for the big trip to the in-laws. Now is not the time you want to talk about cyber security, but we do have a few travel tips to keep you safe while you are on the go.
Home Automation Standards, Ring "Security" Measures – TMO Daily Observations 2019-12-18
Bryan Chaffin and Andrew Orr join host Kelly Guimont to discuss Apple joining a standards group for smart home devices, and Ring’s security.
VICE Tests Amazon Ring’s Security, and it’s Not Good
Journalists at VICE tested the security of Amazon Ring security cameras, and they call it “awful.”
Ring is not offering basic security precautions, such as double-checking whether someone logging in from an unknown IP address is the legitimate user, or providing a way to see how many users are currently logged in—entirely common security measures across a wealth of online services.
Cellebrite Now Uses iOS Exploit Checkm8
Checkm8 is an iPhone flaw in the bootrom that can lead to a jailbreak. It can’t be patched via software, and it affects the iPhone 4s through iPhone X. But attackers need physical access to your device, and the jailbreak can only be tethered, meaning that if the iPhone is restarted it disappears.
The Cellebrite UFED team is working quickly to provide users with support for the above-mentioned scenario. This will be included with the launch of our iOS extraction agent in an upcoming release. The team is committed to providing a comprehensive, forensically-sound solution that adheres to Cellebrite’s high standards, is fully tested, and is admissible in court.
Speaking about recent rumors, if Apple did remove the Lightning port from future iPhones, I wonder if it would defeat companies like Cellebrite. I’m not sure if they could still extract data via the wireless charger.
iOS 13.3 Fixed the ‘AirDoS’ Bug That Could Make Devices Unusable
Apple fixed a bug referred to as “AirDoS” that let people spam surrounding iOS devices with AirDrop pop ups.
Defense Department: We Need That Encryption You Want to Break
Everyone from the Department of Justice, the FBI, and politicians like Senator Lindsey Graham are attacking encryption, calling for backdoors for the “public good.” But people who understand security are cautioning against such a move. This week Representative Ro Khanna forwarded a letter to Lindsay Graham from the Defense Department’s Chief Information Officer Dana Deasy.
As the use of mobile devices continues to expand, it is imperative that innovative security techniques, such as advanced encryption algorithms, are constantly maintained and improved to protect DoD information and resources. The Department believes maintaining a domestic climate for state of the art security and encryption is critical to the protection of our national security.
Encryption on iOS, Apple's Fan Allergy – TMO Daily Observations 2019-12-12
John Martellaro and Charlotte Henry join host Kelly Guimont to discuss an iOS security kerfuffle, and Apple’s known allergy to computer fans.
Senator Lindsey Graham to ‘Impose His Will’ on Encryption Backdoors
Apple and Facebook representatives met with lawmakers today where senators pushed for the companies to compromise their users’ security by including encryption backdoors. In particular, Sen. Lindsey Graham said:
My advice to you is to get on with it. Because this time next year, if we haven’t found a way that you can live with, we will impose our will on you.
“Encryption backdoors for thee, but not for me.”
Yubico Authenticator iOS App Now Supports NFC
While Yubico has a security key that plugs into your iPhone via Lightning, the app also supports NFC YubiKeys now.
Instead of storing the time-based one-time passcodes on a mobile phone or computer, Yubico Authenticator generates and stores one-time codes on the YubiKey. A user must present their physical key in order to receive the code for login. This not only eliminates security vulnerabilities associated with a multi-purpose computing device, but also offers an added layer of convenience for users that work between various machines.
US Among Top 5 Worst Countries for Biometrics Privacy
The United States is one of the worst countries in the world when it comes to the privacy of citizens’ biometrics data.
While there is a handful of state laws that protect state residents’ biometrics (as can be seen in our state privacy study), this does leave many US citizens’ biometrics exposed as there is no federal law in place.
Dutch Politician Faces Prison for iCloud Hacking
Dutch politician Mitchel van der Krogt., who also moonlighted as a hacker, is believed to have participated in 2014’s Celebgate.
Apple Collects Location Data Even if You Say No
Security researcher Brian Krebs discovered something about his iPhone 11 Pro. It continued to collect location data even when disabled.