Tag Archive for: major

New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands

/in


Dec 08, 2023NewsroomVulnerability / Mobile Network

5G Modems Flaws

A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS.

Of the 14 flaws – collectively called 5Ghoul (a combination of “5G” and “Ghoul”) – 10 affect 5G modems from the two companies, out of which three have been classified as high-severity vulnerabilities.

“5Ghoul vulnerabilities may be exploited to continuously launch attacks to drop the connections, freeze the connection that involve manual reboot or downgrade the 5G connectivity to 4G,” the researchers said in a study published today.

As many as 714 smartphones from 24 brands are impacted, including those from Vivo, Xiaomi, OPPO, Samsung, Honor, Motorola, realme, OnePlus, Huawei, ZTE, Asus, Sony, Meizu, Nokia, Apple, and Google.

UPCOMING WEBINAR

Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology

Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.

Join Now

The vulnerabilities were disclosed by a team of researchers from the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), who also previously uncovered BrakTooth in September 2021 and SweynTooth in February 2020.

The attacks, in a nutshell, attempt to deceive a smartphone or a 5G-enabled device to connect a rogue base station (gNB), resulting in unintended consequences.

“The attacker does not need to be aware of any secret information of the target UE e.g., UE’s SIM card details, to complete the NAS network registration,” the researchers explained. “The attacker only needs to impersonate the legitimate gNB using the known Cell Tower connection parameters.”

5G Modems Flaws

A threat actor can accomplish this by using apps like Cellular-Pro to determine the Relative Signal Strength Indicator (RSSI) readings and trick the user equipment to connect to the adversarial station (i.e., a software-defined radio) as well as an inexpensive mini…

Source…

US Space Force Major urges Defense Department to adopt Bitcoin as an ‘offset strategy’

/in


U.S. Space Force Major Jason Lowery has brought a novel perspective on Bitcoin to light, extending its significance far beyond finance and into national defense and cybersecurity.

In a detailed letter to the Defense of Defense’s (DoD) Innovation Board, Lowery argued that Bitcoin and similar proof-of-work (PoW) protocols hold substantial strategic importance, urging the government to delve deeper into their potential applications.

Macrochip

The major’s letter contextualized Bitcoin within the military strategy of an offset approach. The concept historically involves leveraging technological advancements to counterbalance adversaries’ strengths.

Lowery suggested that Bitcoin and its underlying technology could serve as contemporary tools in this regard, potentially redefining the landscape of cyber warfare and defense.

Lowery described Bitcoin as a pioneering “macrochip,” a concept that transforms the global electric power grid into a vast, resource-intensive computer. This innovative approach, he argued, introduces physical costs into the digital domain, offering a new method of securing a wide array of data across the internet.

According to Lowery, this strategy challenges the conventional paradigms of cybersecurity and could mark a significant shift in protecting national interests in the digital age.

Lowery also addressed the ongoing challenges in cybersecurity, highlighting the inadequacies of existing software-based solutions. He proposed that the proof-of-work protocol, as exemplified by Bitcoin, represents a significant innovation in this field.

By introducing the notion of real-world physical costs as deterrents in cyberspace, this approach could revolutionize the way digital security is enforced.

Recommendations to DoD

The letter further explored the implications of this technology for cyber warfare and defense strategies. Lowery emphasized the need for the United States to recognize and quickly adapt to Bitcoin’s potential as a strategic offset in cybersecurity.

He warned that failure to do so could impact the global balance of power, especially in an era where digital and interconnected systems are increasingly vulnerable to security breaches.

In his role as the U.S….

Source…

Cyberthreats reached a new high this year, with AI playing a major role

/in


Historically, summer is the time of year when hacks and malware scams drop in volume and intensity, mostly because people are on holiday and not as active online as the rest of the year. 

However 2023 seems to have bucked this trend, with adware, malvertising, spyware, and other forms of malicious activity spiking in the months from July to August, according to a report from Avast, which reported that during this period, its tools blocked more than a billion attacks every month, which is a new record. 

Source…

Ransomware attack on Boeing leads to major data leak by LockBit

/in


LockBit, a notorious ransomware group, has reportedly released all data stolen from Boeing in a recent ransomware attack. This follows Boeing’s apparent refusal to meet the ransomware group’s demands. The leaked data, amounting to approximately 50GB, was made public early Friday, consisting of compressed archives and backup files related to various systems.

Nature of the stolen data

Prior to this full release, LockBit had uploaded files allegedly linked to Boeing’s financial and marketing activities, as well as supplier details. The exposed data also includes Citrix logs, raising speculation that the ransomware group exploited the Citrix Bleed vulnerability to infiltrate Boeing’s systems. Boeing, however, has not confirmed the initial entry point used in the attack.

Independent verification of the data dump’s authenticity is pending, as reported by The Register. Boeing has remained tight-lipped about the specifics of the stolen files. In a statement, a Boeing spokesperson acknowledged a cybersecurity incident affecting the parts and distribution business. They emphasized ongoing investigations in collaboration with law enforcement and regulatory authorities, asserting that the incident poses no threat to aircraft or flight safety.

Security researcher Dominic Alvieri noted that the files include corporate emails, which could be particularly useful for malicious actors. “I haven’t gone over the whole data set but Boeing emails and a few others stand out as useful for those with malicious intent,” Alvieri told The Register.

Timeline of the cyberattack

LockBit first listed Boeing on its dark-web site on Oct. 28. Boeing confirmed an IT intrusion affecting its parts and distribution business to The Register on Nov. 2. Initially, Boeing was removed from LockBit’s leaks site amid purported negotiations, but it appears these discussions either failed or didn’t occur, leading to Boeing’s reappearance on the LockBit extortion website.

In a related development, China’s largest bank, ICBC, also fell victim to ransomware attacks this week, disrupting its financial services. LockBit claimed responsibility for this attack as well.

Source…