CyberSecure Specialist

19 May

Guerrilla malware is preinfected on 8.9 million Android devices, Trend Micro says

Data Breaches, Malware, Social Engineering

Cybercrime gang Lemon Group has managed to get malware known as Guerrilla preinstalled on about 8.9 million Android-based smartphones, watches, TVs, and TV boxes globally, according to Trend Micro.  The Guerilla malware can load additional payloads, intercept one-time passwords (OTPs) from SMS texts, set up a reverse proxy from the infected device, and infiltrate WhatsApp sessions.  “The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages, social media and online…

Read More
19 May

Cisco Releases Security Advisory for Small Business Series Switches

Attacks, Insights, Malware

Cisco released a security advisory to address multiple vulnerabilities affecting the web-based user interface of certain Cisco Small Business Series Switches. A remote attacker could exploit these vulnerabilities to cause a denial-of-service condition or execute arbitrary code with root privileges on an affected device. CISA encourages users and administrators to review the following advisory and apply the necessary updates: •    Cisco Small Business Series Switches Buffer Overflow Vulnerabilities For updates addressing lower severity vulnerabilities, see…

Read More
19 May

Accessibility should be a cybersecurity priority, says UK NCSC

Data Breaches, Malware, Social Engineering

The UK National Cyber Security Centre (NCSC) has urged businesses and security leaders to make accessibility a cybersecurity priority to help make systems more secure and human errors/workarounds less likely. It can also aid in meeting legal requirements, delivering better operational outcomes, and attracting and retaining more diverse talent, according to the NCSC. However, there are various examples of cybersecurity being presented in a way that is inaccessible for a lot of people, particularly for…

Read More
19 May

IOTW: Location data of two million customers exposed in Toyota data breach

Attacks, Data Breaches

A cloud misconfiguration in car manufacturer Toyota’s servers may have leaked sensitive information belonging to more than two million customers. The cloud misconfiguration meant that sensitive information for those who subscribed to Toyota services T-Connect, G-Link, G-Link Lite and/or G-BOOK between January 2, 2012 to April 17, 2023 was accessible to unauthorized parties from November 6, 2013 to April 17, 2023. The data includes location information for impacted vehicles andthe time the vehicle was at…

Read More
19 May

What TikTok knows about you – and what you should know about TikTok

Information

As TikTok CEO attempts to placate U.S. lawmakers, it’s time for us all to think about the wealth of personal information that TikTok and other social media giants collect about us TikTok CEO Shou Zi Chew has appeared before the U.S. Congress to give his take on the app’s data security and privacy practices and possible links to the Chinese government amid a nationwide discussion about a blanket ban on TikTok in the US. The…

Read More
19 May

5 useful search engines for internet‑connected devices and services

Information

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet Internet security is a constant concern for technology and cybersecurity professionals. With the ever-increasing number of online devices and services, it is important to have a clear and accurate view of the online presence of these devices and services in order to protect them and data against online threats. Some…

Read More
19 May

S3 Ep135: Sysadmin by day, extortionist by night

Information

by Paul Ducklin AN INSIDER ATTACK (WHERE THE PERP GOT CAUGHT) No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS feed into your favourite podcatcher. READ THE TRANSCRIPT DOUG.  Inside jobs, facial recognition, and the “S”…

Read More
19 May

Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!

Information

by Paul Ducklin Remember that zipped-lipped but super-fast update that Apple pushed out three weeks ago, on 2023-05-01? That update was the very first in Apple’s newfangled Rapid Security Response process, whereby the company can push out critical patches for key system components without going through a full-size operating system update that takes you to a new version number. As we pondered in the Naked Securirty podcast that week: Apple have just introduced “Rapid Security…

Read More
18 May

Critical remote code execution flaws patched in Cisco small business switches

Data Breaches, Malware, Social Engineering

Cisco patched several vulnerabilities this week that affect multiple models of its small business switches and could allow attackers to take full control of the devices remotely. The flaws are all located in the web-based management interface of the devices and can be exploited without authentication. While the company didn’t disclose which specific components of the web interface the flaws are located in, it noted in its advisory that the vulnerabilities are not dependent on…

Read More
18 May

OX Security adds ChatGPT plugin for AppSec

Data Breaches, Malware, Social Engineering

OX Security, an application security vendor, now has a plugin for ChatGPT, allowing users to leverage the power of the headline-making generative AI assistant to protect the software supply chain, generate personalized security recommendations and remedy security issues quickly. The Israel-based company, in a press release issued yesterday, said that generative AI has already altered the security landscape, and not for the better. AI models, according to OX, have been used to seek out new…

Read More