Tag Archive for: issued

Warning Issued For iPhone Users As iMessage 0-Click Attack Revealed


Researchers at the Russian cybersecurity giant Kaspersky have issued a warning concerning what they say is an ongoing attack campaign exploiting a zero-click, zero-day iMessage vulnerability. This previously unknown vulnerability enables code-execution, including, the researchers say, “additional exploits for privilege escalation.”

Operation Triangulation Attacks Ongoing

The campaign, which Kaspersky has named Operation Triangulation, requires no user interaction. As such, this falls into the most critical of attack methodologies. Just the act of sending the malicious iMessage, which includes an attachment containing the exploit, triggers the vulnerability.

Rather disconcertingly, Kaspersky researchers say they have traced the earliest example of the attack back to 2019. As of yesterday, they also confirm that attacks are still ongoing.

Discovery Of The Zero-Click Attack

The security researchers became aware of the suspicious activity while monitoring the corporate network “dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA).” This activity was originating from a number of iPhones.

The traces of compromise were confirmed after researchers created offline backups of the iPhones in question and inspected them with a mobile verification toolkit. This found that the final payload was downloaded from a “fully-featured” advanced persistent threat (APT) platform. It has yet to be confirmed, however, the precise nature of that payload.

We understand that it runs using root privileges and drops a set of commands that can be used to collect both system and user information. Posting on Twitter, Kaspersky founder Eugene Kaspersky said that the attack “transmits private information to remote servers: microphone recordings, photos from instant messengers, geolocation and data about a number of other activities.”

Russia Suggests Attacks Involve iPhone Backdoor For NSA Spies

While there is no firm evidence currently as to who is the target of this campaign, the Russian FSB security service has already claimed that thousands of…

Source…

Serious Warning Issued For Millions Of Apple iPhone Users


Last year saw the biggest hack in iPhone history, complete with individual horror stories from affected users. Now a haunting new discovery could make all iPhone attacks a lot worse. 

MORE FROM FORBESiPhone 13 Models Are Missing Audio Feature Found On All Other iPhones

It is called “NoReboot” and was discovered by (highly respected) mobile security specialists ZecOps. The company describes it as “the ultimate persistence bug” because it can stop iPhones affected by even temporary attacks from escaping their hacker. Moreover, it affects every iPhone model and every version of iOS and Apple cannot fix it. 

The concept behind NoReboot is simple, but this is also what makes it so dangerous: it tricks users into thinking they have switched off or restarted their iPhones. It works by hijacking the InCallService, SpringBoard and backboardd background processes which handle the reboot process on iPhones and shows them a fake shutdown or startup sequence instead when users try to initiate either process. In reality, the iPhone remains on at all times. 

Why is this dangerous? Because it is easier for hackers to access iPhones with ‘non-persistent’ attacks but — as the name implies — these are removed when a user shuts down or restarts their phone. But the damage these hacks can now do supersizes when combined with NoReboot code because the user cannot (by design or by accident) rid themselves of the hack. ZecOps illustrates this in the video below. 

The Unfixable iPhone Hack

But by far the scariest aspect to NoReboot is Apple cannot stop it. ZecOps explains that the software itself cannot be patched “because it’s not exploiting any persistence bugs at all — only playing tricks with the human mind.” 

In fact, the only way the researcher believes it could be countered is if Apple built new hardware into iPhones to indicate whether the display was truly on or off so users could tell whether the startup and shutdown process they see are real (tech savvy users may spot differences but most users would not). This hardware could only come on…

Source…

Warning issued to Sky customers amid hacking concerns


Sky customers have been warned that a recent security breach may have led to six million customers being spied on.

The worrying flaw in Sky’s routers was discovered by researcher Raf Fini from Pen Test Partners, reports The Mirror.

The findings revealed six million devices could have been susceptible to hacking.

Read more UK headlines here

It could be a common problem as people do not update the security on their router.

In May, the consumer watchdog Which? warned that a common flaw in people’s routers was a lack of security updates.

So was anyone affected and how can you check if the problem affected you?

What was the Sky breach?

Findings from Pen Test Partners have said that people affected were easily exploited.

People were drawn in easily by a phishing email, designed to link someone to a website with malicious software on it.

From there, everything could be easily accessed, including passwords for banking sites.

There is no evidence so far that people’s routers were actually exploited, but people are being encouraged to check.

Who was affected by the Sky hack?

A Sky spokesperson said in a brief statement after the report: “We take the safety and security of our customers very seriously.

“After being alerted to the risk, we began work on finding a remedy for the problem, and we can confirm that a fix has been delivered to all Sky manufactured products.”

The issue is reported to have taken up to 18 months to fix and around six million people were at risk.

“While the coronavirus pandemic put many internet service providers under pressure, as people moved to working from home, taking well over a year to fix an easily exploited security flaw simply isn’t acceptable,” Pen Test Partner’s Ken Munro told the BBC.

If you are one of the 1% of Sky’s customers who does not have a router made by Sky, you can have it replaced free of charge.

The models that were affected are as follows:

  • Sky Hub 3 (ER110)
  • Sky Hub 3.5 (ER115)
  • Booster 3 (EE120)
  • Sky Hub (SR101)
  • Sky Hub 4 (SR203)
  • Booster 4 (SE210)
  • Sign up to the StokeonTrentLive newsletter for all the latest news by clicking here.

    How do I check if my router was hacked?

    The vulnerability exploited by hackers that was found in the routers…

    Source…

    Cyemptive Technologies Announces Their Recently Issued Patent That, For the First Time in History, Provides the Key to Successfully Defend Against Ransomware, Malware and Steganography


    SNOHOMISH, Wash., September 22, 2021–(BUSINESS WIRE)–Cyemptive Technologies, Inc., a provider of pre-emptive cybersecurity products and technology and winner of the Department of Homeland Security’s national competition for most innovative border security-related solution in the market, today announced their recently issued patent that, for the first time in history, provides a patent-validated solution to prevent ransomware, malware and steganography assaults.

    According to industry research, companies are succumbing to increasingly sophisticated ransomware and malware attacks at a cost of more than $7.5 billion in 2019. Even prior to the COVID pandemic, ransomware attacks have been growing by more than 20% year over year.

    “Current processes such as big data analytics, machine learning, artificial intelligence, deep learning, checksum technology, known signatures, API monitoring, and human intervention are obviously not working against ever-evolving, zero day ransomware variations,” said Bryan Seely, Cyemptive’s Senior Security Architect and well-known cybersecurity author and expert.

    “This patent confirms the uniqueness of our solution and is a complete game-changer,” said Rob Pike, founder and CEO of Cyemptive Technologies. “This is a totally different methodology that actually identifies the fundamental structural design elements underlying any type of existing or new-variant ransomware attack and then pre-empts the attack from proceeding. We do not need or depend on AI, deep learning, signatures or other existing approaches that focus on post-intrusion analysis,” said Pike. “We detect the root characteristics of any type of ransomware attack and then pre-empt it.”

    “Cyemptive has now patented the ransomware answer that Cyemptive currently deploys in our Enterprise Scanner (CES),” said Seely. “The next step is incorporating this technology at the kernel level, at which time ransomware will be solved.”

    “Not only that,” said Jim DuBois, Cyemptive Chief Strategy Officer and former Chief Information Security Officer for Microsoft, “we provide financially-backed SLAs to support our pledge to preemptively detect and remediate problems, particularly when combining our…

    Source…