Tag: issues | Page 3

Apple issues emergency patches on three new exploited zero-days

September 24, 2023/in Internet Security

Apple on Thursday moved to patch three zero-day vulnerabilities actively exploited in the wild that security researchers believe are the work of commercial spyware vendors.

This now means Apple has fixed 16 zero-days this year, which security researchers said demonstrates that the popularity of Apple products has made it an attractive target.

In advisories, Apple credited Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group for bringing the latest zero-days to their attention.

“A total of 16 zero-day vulnerabilities in a year is significant,” said Callie Guenther, senior manager, cyber threat research at Critical Start. “Zero-days, by definition, are previously unknown and unpatched vulnerabilities that can be exploited. This high number could suggest that Apple devices, given their popularity and extensive user base, are attractive targets for advanced threat actors.”

Guenther also noted the fact that many of these vulnerabilities were discovered by groups such as the Citizen Lab and Google’s Threat Analysis Group, which often focus on state-sponsored and high-level cyber-espionage campaigns, suggests that Apple devices are being targeted in sophisticated attacks against high-profile individuals.

For example, following a report Sept. 7 by Citizen Lab that an actively exploited zero-click vulnerability was used to deliver NSO Group’s Pegasus mercenary spyware on an Apple device, Apple quickly moved to issue two CVEs to rectify the issue.

The Pegasus spyware developed and distributed by the NSO Group has been widely used by both the private and government sectors across the globe for surveillance purposes against journalists, human and civil rights activists, politicians and other individuals.

The zero-days patched yesterday by Apple include the following:

CVE-2023-41993: WebKit browser vulnerabilities. Critical Start’s Guenther said given that WebKit powers Apple’s Safari browser and many iOS apps, a flaw allowing arbitrary code execution can be highly impactful. Malicious web pages can directly impact a broad range of users and potentially compromise sensitive data. NIST reported that this issue was…

Source…

Canada cyber centre issues alert after government DDoS attacks

September 17, 2023/in Internet Security

Distributed denial of service attacks against the websites of federal departments and several Canadian provinces and territories — including PEI, Yukon, Saskatchewan and Manitoba — have prompted the federal cyber agency to issue an IT alert.

Since September 13, the Canadian Centre for Cyber Security has responded to several DDoS campaigns targeting multiple levels within the Government of Canada, as well as the financial and transportation sectors, the alert says.

It doesn’t attribute the attacks, but suggests the cyber centre knows. Publicity is part of what the DDoS attackers seek, “and why we avoid referencing the malicious actor,” the alert says.

Open-source reporting links some of this activity to Russian state-sponsored cyber threat actors whose tactics, techniques, and procedures have been extensively documented, the centre says. In July 2022, the centre predicted Russian state-sponsored cyber threat actors would almost certainly continue to perform actions in support of the Russia’s attack on Ukraine. In Februrary centre reported DDoS attacks on countries that support Ukraine.

“There are relatively simple ways to protect against this kind of campaign,” says the centre. “In most cases, this activity can be managed by standard cyber defence tools. But organizations should consider help from third-party DDoS solutions to ward off significant and focused activity. And once the actors stop the malicious activity, websites go back to normal.”

A DDoS campaign uses a collection of infected computers operating as a botnet to flood a target website’s server with internet traffic and disrupt its ability to provide services.

In most cases, the centre says, this nuisance activity can be managed by on-premises solutions. “However, assistance from third-party DDoS solutions should be considered to prevent significant and focused malicious activity. Websites will commonly return to a normal state of operation once the actors have stopped the malicious activity.”

The centre recommends IT leaders

IT leaders should also review and implement the Cyber Centre’s Top 10 IT Security Actions, particularly recommendations to consolidate, monitor, and defend internet…

Source…

Embassy of China in Canada Issues a Statement on U.S Cyber Espionage Campaigns Against Japan

August 12, 2023/in Internet Security

I just came across to a statement issued by the Embassy of China in Canada on the U.S cyber espionage campaigns launched against Japan.

What’s so special about this statement? First it does quite Wikileaks which is a bit of an outdated approach including the actual source to shed more light into a bigger problem and issue for China that the press statement on the Web site of the Chinese Embassy in Canada mentions. In this specific case the statement implies the use of the so called “hunt-forward” missions which could really mean big trouble for China if the U.S somehow manages to secure a deal with a neighbouring country next to China which could really mean big trouble for China as the U.S will then attempt to establish the foundation for a successful cyber attacks and possibly information operations interception campaigns used managed and operated by China including its partners and allies where to ultimate goal would be to measure their true capabilities and set the foundation for a successful cyber situational awareness campaign in terms of cyber attacks and the true state of China’s true cyberspace operations and cyber attack capabilities including the capabilities of some of its neighbouring countries.

The so called Hunt Forward Operations also known as (HFOs) are an early warning system for cyber situational awareness that could improve the true state of the visibility of the actual country that’s doing these missions in this specific case the U.S could really learn a lot about new tactics and techniques courtesy of the attackers based in the specific country where it’s hosting its mission which could be really bad news for China in terms of having the U.S deploy hunt forward missions in its neighbouring countries where the U.S could really get a better picture of China’s understanding and actual applicability of basic cyber warfare principles and concepts in action including the “know-how” of its neighbouring countries.

Despite the fact that the U.S is willing to share its knowledge and understanding of cyber attacks “know-how” with the host country of a hunt forward mission it could also learn a lot about the cyber attacks that originate from the…

Source…

Edge computing security issues attract attention amid AI application development boom

July 25, 2023/in Computer Security

ChatGPT has taken the world by storm, bringing unprecedented AI experiences to numerous consumers. This highlights the continuous development of AI technology and its rapid proliferation in people’s daily lives. Meanwhile, with the vigorous development of technologies such as 5G, IoT, and cloud native computing, the concept of edge computing has also emerged to provide the best online experience for Internet users.

Traditional AI applications involve using the Internet to upload raw data to large cloud servers for analysis. However, with the increasing number of IoT devices, this often leads to issues such as raw data leakage, insufficient network bandwidth, and communication delays. Therefore, when cloud AI is deployed in smart manufacturing, smart transportation, and other scenarios, there may be a significant degradation in service quality as devices may not work together properly, potentially causing traffic accidents, industrial safety hazards, and other problems. For this reason, using edge computing servers to analyze data locally to mitigate such problems is a popular option in the market today. However, with the rapid proliferation of AI services, the issue of potential information security risks has also come to the fore. Hacker groups have begun launching attacks on AI applications such as ChatGPT to steal large amounts of sensitive data. Edge computing security has therefore become a major challenge that needs to be addressed in the development of AI services.

Dr. John K. Zao, the founder and chairman of FiduciaEdge Technologies, pointed out that existing information security solutions can be roughly divided into three categories. The first category includes the use of virtual private networks (VPNs), firewalls, and other mechanisms to protect data in transit. The second category deals with security mechanisms for websites and databases to ensure the security of data in storage. The third category aims to implement appropriate information isolation in the trusted edge computing environments to protect those data in use. Trusted edge computing is becoming increasingly important as more manufacturers are now running AI applications on their sites to…

Source…

Tag Archive for: issues