Introduction
In this week's edition of our security news review, we'll review articles that are about the following:
- Malware
- Social engineering
- Vulnerabilities
- Internet security
Let's get started.
Found: 280 Android apps that use OCR to steal cryptocurrency credentials
Malware can infect your devices for many reasons. Mostly, it's financially motivated, ransomware a classical example. That's a big example, so we can classify this one as a "small" example. Nonetheless, it's still about money.
For this attack, the lesson I want to teach myself and you is this: don't keep any personal information that's linked to your financial accounts on your phone. Yes, including cryptocurrencies!
Here is an excerpt from the article that details how the attack occurred:
The apps masquerade as official ones from banks, government services, TV streaming services, and utilities. In fact, they scour infected phones for text messages, contacts, and all stored images and surreptitiously send them to remote servers controlled by the app developers. The apps are available from malicious sites and are distributed in phishing messages sent to targets.
For security, stop picking up the phone
While reading the article's title, you might think that it's a joke. However, it's not. In today's world, it's a piece of advice that can save you face and lots of money. That doesn't mean that you shouldn't use your phone, but it does not hurt if you verify the identity of the person that you're talking to. I repeat: IT DOESN'T HURT.
Are you thinking that I am exaggerating? Think again and read the excerpt below.
Earlier in July, a Ferrari executive was flooded with a barrage of WhatsApp messages that appeared to come from his boss
Suspicious of the flurry of messages from the unknown number, the Ferrari executive still took a call with the person
"Sorry, Benedetto, but I need to identify you," the executive said. And then the call abruptly ended, and a potentially colossal fraud was avoided
Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes
No technical details are available at the time of writing, which is a good thing. But an article like this is why I might switch to security research and bug bounty full-time in the future. I mean, so many bugs and an operating system like Windows should have someone pen-testing it 24/7/365 to detect any bugs. Who knows, I can be that person one day.
The following is a glimpse of the bug:
The Windows flaw, tagged as CVE-2024-43491 and marked as actively exploited, is rated critical and carries a CVSS severity score of 9.8/10.
Microsoft did not provide any information on public exploitation or release IOCs (indicators of compromise)
Google Introduces ‘Air-Gapped’ Backup Vault to Thwart Ransomware
The case of ransomware gangs and defenders is not funny. Now, that this feature exists, do not be surprised if you're reading a future edition of this review and there is news that a ransomware gang bypassed it. I am just saying.
Here is how it works:
When creating a backup vault, you can specify that vaulted backups must be strongly secured against modification and deletion until the administrator-specified minimum enforced retention timeframe has elapsed.
This layered protection enables you to deliver on backup immutability (security against data modification) and indelibility (security against data deletion) objectives, which are often driven by security initiatives or by regulatory compliance requirements
Rogue WHOIS server gives researcher superpowers no one should ever have
Trust me. The article's title is not clickbait. It's a power that no one should have. The researcher even stopped at one point due to ethical reasons. I mean he might be thinking: This is a line that I definitely don't want to cross.
I am not giving an excerpt for this one. Take time and read it. You'll be glad that you did.
Credits
Cover photo by Debby Hudson on Unsplash.
That's it for this week, and I'll see you next time.