Tag Archive for: warn

Auto dealers are prime targets for hackers, warn researchers

/in


Car dealerships are prime targets for hackers eager to exploit weak security and access a treasure trove of financial data and gain access to third-party vendor supply chains.

According to Tuesday report posted to AT&T Cybersecurity’s blog, cybercriminals are zeroing in on car dealerships considering them easy targets for a cyberattack. Attack vectors include, “outdated IT infrastructure and lacks sufficient processes in terms of protecting employee login details,” according the report.

Adding to the mix of security issues is the increasingly sophisticated number of computer-based diagnostic tools used in auto repair bays and computer systems in car dealer back offices. That has adversaries revving their hacker engines ready to attack, said Theresa Lanowitz, head of cybersecurity evangelism at AT&T Business.

“Employees in a car dealership may have lax security hygiene which means it’s even easier for adversaries to launch attacks. And car dealerships have repair bays with internet connected devices. These devices, if breached, also offer an adversary a way into the network to potentially execute nefarious activities,” Lanowitz said.

Those attack surface weak spots are low-hanging fruit for attackers to easily plant malware, eavesdrop on insecure Wi-Fi connections or exploit poor password hygiene.

No such thing as cybersecurity airbags

The danger is not theoretical for dealerships or vendors connected to dealerships who could also be put at greater risk. In a separate report out this week, researcher Eaton Zveare detailed a severe vulnerability he found in the web portal of Toyota’s global supplier management network.

“I hacked Toyota’s Global Supplier Preparation Information Management System,” Zveare wrote.” The system in question is “a web app used by Toyota employees and their suppliers to coordinate projects, parts, surveys, purchases, and other tasks related to the global Toyota supply chain.”

The research, conducted in 2022 and disclosed this week, allowed the researcher to access 14,000 corporate user accounts and confidential documents. The issue was responsibly disclosed to Toyota and the security hole was mitigated immediately.

FTC tackles dealership security and…

Source…

Viral ChatGPT poses propaganda and hacking risks, researchers warn

/in


Ever since OpenAI’s viral chatbot was unveiled late last year, detractors have lined up to flag potential misuse of ChatGPT by email scammers, bots, stalkers and hackers.

The latest warning is particularly eye-catching: It comes from OpenAI itself. Two of its policy researchers were among the six authors of a new report that investigates the threat of AI-enabled influence operations. (One of them has since left OpenAI.)

“Our bottom-line judgment is that language models will be useful for propagandists and will likely transform online influence operations,” according to a blog accompanying the report, which was published Wednesday morning.

Concerns about advanced chatbots don’t stop at influence operations. Cybersecurity experts warn that ChatGPT and similar AI models could lower the bar for hackers to write malicious code to target existing or newly discovered vulnerabilities. Check Point Software Technologies Ltd., an Israel-based cybersecurity company, said attackers were already musing on hacking forums how to re-create malware strains or dark web marketplaces using the chatbot.

Several cybersecurity experts stressed that any malicious code provided by the model is only as good as the user and the questions asked of it. Still, they said it could help less sophisticated hackers with such things as developing better lures or automating post-exploitation actions. Another concern is if hackers develop their own AI models.

WithSecure, a cybersecurity company based in Helsinki, contends in a new report also out Wednesday that bad actors will soon learn how to game ChatGPT by figuring out how to ask malicious prompts that could feed into phishing attempts, harassment and fake news.

“It’s now reasonable to assume any new communication you receive may have been written with the help of a robot,” Andy Patel, intelligence researcher at WithSecure, said in a statement.

A representative for OpenAI didn’t respond to a request for comment, nor did the researchers for OpenAI who worked on the report on influence operations. The FBI, National Security Agency and National Security Council declined to comment on the risks of such AI-generated models.

Kyle Hanslovan, who used to create…

Source…

Hackers Are Packing Malware Into VPN Apps For Android, Security Researchers Warn

/in


hackers packing malware vpn apps android news
Researchers at the cybersecurity firm ESET have discovered an active Android malware campaign that began in January 2022. The campaign in question distributes spyware injected into legitimate VPN apps. The researchers have tied this campaign to an advanced persistent threat (APT) group known as “Bahamut.”

Bahamut has been active since at least 2017, when it was first identified. The APT group conducts cyberespionage primarily in the Middle East and South Asia, working to steal sensitive information at the behest of paying clients. Bahamut has developed its own spyware, which it has packaged with fake applications in the past. However, the group has more recently been re-packaging legitimate apps with its spyware added to the code.

downloading malicious vpn app from website news
Downloading malicious VPN app from website (click to enlarge) (source: ESET)

ESET researchers have found Bahamut injecting its malware into the SoftVPN and OpenVPN apps, which are both legitimate VPN apps. The versions of these apps available on the Google Play Store are the legitimate, non-malicious versions of the apps. However, Bahamut has been running a fraudulent VPN website, where it distributes its own versions of these apps with its custom spyware included. While this website is no longer accessible at the domain name identified by the researchers, it contained a download button that visitors could click to download a malicious APK file.

free vpn web template used by threat actors news
Free web template used by the threat actors on the fraudulent VPN website (click to enlarge) (source: ESET)

The ESET researchers discovered that the APT group made use of a free VPN web template on its fraudulent website. Bahamut customized this template by borrowing the SoftVPN logo and combining it with the name of another legitimate VPN service, SecureVPN. The malicious APK file available for download on the website also bore this same name. The ESET researchers identified at least eight versions of the two malicious VPN apps pushed by Bahamut in this campaign, meaning the threat group has been actively updating its spyware over the course of this year. The researchers suspect that Bahamut switched from injecting its spyware into SoftVPN to doing the same to OpenVPN because the developers of SoftVPN…

Source…

Computer security experts warn against loopholes in Zoom app

/in


HYDERABAD: The Indian Computer Emergency Response Team (CERT-IN) said it had found multiple vulnerabilities on the online meeting platform Zoom. These vulnerabilities could allow a remote user to bypass security restrictions, CERT-IN said.

The attackers could join Zoom meetings without being visible to other participants, obtain audio and video feeds and even disrupt the meetings, CERT-IN said and advised users to upgrade to the latest versions.

CERT-In rated the severity of vulnerabilities as medium, and said the software supporting the Zoom On-Premise meeting connector MMR version could be affected due to the vulnerabilities. These vulnerabilities exist due to improper access control implementation, it said.

CERT-IN works under the Union Ministry of Electronics and Information Technology  and is the nodal agency to deal with cyber security threats like hacking and phishing.

Click on Deccan Chronicle Technology and Science for the latest news and reviews. Follow us on Facebook, Twitter

Source…