Tag Archive for: Exploited

Alert: Pixel Phones’ Exploited Android Zero-Day Flaw Patched

/in


In the realm of smartphone security, the recent spotlight has fallen on Google Pixel devices, where two zero-day vulnerabilities have been unearthed and promptly addressed by Google. As per recent reports, the Android zero-day flaw, and others like it, were exploited by forensic firms, shedding light on the intricacies of smartphone security and the measures taken to safeguard user data and protect against these mobile security risks.

 

Exploited Vulnerabilities, Unique Fixes


Google Pixel phones, although running on the Android operating system, operate under a distinct update mechanism. Unlike other Android devices, Pixels receive tailored updates owing to their specialized hardware platform directly managed by Google. This bespoke approach ensures that Pixel users benefit from exclusive features and heightened security measures.

 

In the latest security bulletin for April 2024, while the broader Android ecosystem didn’t face significant threats, Pixel devices faced active exploitation of two vulnerabilities: CVE-2024-29745 and CVE-2024-29748. These vulnerabilities posed risks of vulnerability disclosure and elevation of privilege, respectively, highlighting the intricate nature of smartphone security.


A Peek into the Android Zero-Day Flaw


Forensic companies, adept at navigating device vulnerabilities, seized upon these flaws to unlock Pixel phones and access their stored data without the need for PIN authentication. GrapheneOS, a renowned name in privacy-focused Android distributions, uncovered these exploits, shedding light on the clandestine world of smartphone security breaches.

 

CVE-2024-29745, identified as a high-severity information disclosure flaw in the Pixel’s bootloader, and CVE-2024-29748, characterized as an elevation of privilege bug in the Pixel firmware, were the focal points of exploitation. These Zero-day exploits enabled unauthorized access to device memory, raising concerns regarding data integrity and user privacy.


Patching the Android Zero-Day Flaw in Pixel Phones


Responding swiftly to the looming threat, Google deployed fixes aimed at patching vulnerabilities. By implementing measures such as zeroing memory during booting and restricting USB…

Source…

Exploited TP-Link Vulnerability Spawns Botnet Threats

/in


Endpoint Security
,
Governance & Risk Management
,
Internet of Things Security

Attackers Exploit Old Flaw, Hijack TP-Link Archer Routers

Prajeet Nair (@prajeetspeaks) •
April 17, 2024    

Exploited TP-Link Vulnerability Spawns Botnet Threats
Botnet are searching for unpatched TP-Link Archer AX21 routers. (Image: Shutterstock)

Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks.

See Also: Cyber Hygiene and Asset Management Perception vs. Reality

Chinese router manufacture TP-Link in June patched a command injection vulnerability in its Archer AX21 router, a residential model that retails for less than $100. Consumer-grade routers are notorious for uneven patching, either because manufacturers are slow to develop patches or consumers don’t apply them. “Once they’re connected to the internet, they don’t care anymore about the router,” one industry CISO told Oxford University academics researching a 2023 paper.

The vulnerability, tracked as CVE-2023-1389, allows attackers to insert malicious commands by calling the “locale” API on the web management interface. Attackers use set_country to insert remote code since the unpatched routers don’t sanitize that input.

Researchers at Fortinet said Tuesday they’ve observed multiple attacks over the past month focused on exploiting the vulnerability – including botnets Moobot, Miori, the Golang-based agent “AGoent,” a Gafgyt variant and an unnamed variant of the infamous Mirai…

Source…

Google Confirms Massive Increase In Zero-Day Vulnerabilities Exploited In Attacks Due To Spyware Vendors

/in


Google has published a new report that speaks about the significant rise in zero-day vulnerabilities that continue to be exploited in attacks from 2023.

Both its Threat Analysis Group, as well as the company’s subsidiary firm Mandiant, mentioned how the figures continue to grow as we speak and a lot of that has to do with spyware vendors.

The figures reached 97 zero-days and that stood for more than a 50% rise when you compare it to the past which was just 62. But despite such an increase, the numbers are still much lower than the rise of 106 seen back in the year 2021.

Both entities collectively witnessed 29 out of the 97 vulnerabilities. They even spoke about 61 impacted end users who made use of Google’s products and services such as mobile phones, browsers, and social media apps.

Furthermore, the rest of them were utilized to attack tech like security software and a host of other leading devices in this regard. As far as the enterprise side is concerned, there’s a mega array of vendors as well as products under target and we’re seeing more specific tech getting impacted as a result of this.

Let’s not forget how they’ve seen that as the years pass by, the faster they’re discovering the patch featuring bugs from attackers and this means shorter lifespans arising due to the exploit in question.

In 2023, plenty of threat actors made use of zero-day vulnerabilities that went up to Figure 10. And interestingly, it was China that was highlighted as being behind most of the attacks that had support from the government. Some of those entailed espionage groups from the country which was a trend moving upward.

In 2023, it was all thanks to commercial surveillance that seemed to be the culprit of these attacks that kept on targeting both Android as well as Google devices.

They include up to 75% of all those zero-day exploitations that kept on hitting the platforms. In addition to that, there were vendors

Other than that, most of the 37 zero-day vulnerabilities found on browsers as well as devices that were exploited in 2023 had Google linking close to 60% of all CSVs that keep on selling spyware to clients in the government.

Way back in February, Google revealed how so many…

Source…

Sexually explicit deepfakes: women are more likely to be exploited

/in



Abuse of artificial intelligence tools leads to sexually explicit material of real people, according to a survey for a cyber firm. It collected data from over 2000 Brits and found that half were worried about becoming a victim of deepfake pornography, and near one in ten, 9 per cent, reported either being a victim of it, knowing a victim, or both.

The anti-virus and internet security product company ESET points to the rising problem of deepfake pornography, as recently highlighted by explicit deepfakes of the US singer Taylor Swift being viewed millions of times. The firm reports a new form of image-based sexual abuse in the UK, quoting at least 60pc of all revenge pornography victims being women (according to the UK Council for Internet Safety). In the rcently-passed Online Safety Act, creating or inciting the creation of deepfake pornography became a criminal offence. However, the survey suggests that this has not done much to alleviate fears around the tech, as most, 61pc of women were reporting concern about being a victim of it, in comparison to less than half (45pc) of men.

Near two in five (39pc) of those surveyed by Censuswide believe that deepfake pornography is a significant risk of sending intimate content, yet about a third (34pc) of adults have still sent them. Of those that do, the research suggests that a majority, 58pc regret sharing them, whether they say ‘Yes, I would never send an intimate photo or video again’ or ‘Yes, but I would send an intimate photo or video again’.

The percentage of people sending intimate images or videos drops to 12pc in the under-18s, perhaps due to the fact that a majority, 57pc of teenagers surveyed are concerned about being a victim of deepfake pornography.

Despite interest in deepfakes soaring, people are still taking risks, the firm suggests, as just under one third (31pc) admitted to sharing intimate images with their faces visible. The research found that the average age at which someone receives their first sexual image is 14.

Jake Moore, Global Cybersecurity Advisor, ESET said: “These figures are deeply worrying as they show that people’s online habits haven’t adjusted to deepfakes yet. Digital images…

Source…