Cyber Round-up for 28th February
Welcome to the latest edition of the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
This week at the RSA conference, Cisco has unveiled SecureX, a new platform designed to improve visibility across all their cloud-based security products. This dashboard aims to integrate a customer’s array of security solutions to streamline the customer experience, as well as incorporating third party integration. SecureX introduces unified visibility, automation, managed threat hunting and many other features designed to improve the operational security experience and speed up time to detection and remediation. You can learn more about the upcoming platform on the Cisco website.
A facial recognition company known to work with high profile law-enforcement agencies has recently announced that their entire client list has been stolen by an intruder. The company, Clearview AI, revealed that the hacker managed to gain a list of customers, number of user accounts and number of searches made by customers; despite this, they confirmed that their network and servers were not compromised. Clearview said they have since patched the vulnerability and as usual with these incidents they claim, ‘security is their top priority’, which always seem to come after the fact.
A new SMS phishing campaign has been discovered that is targeting US mobile devices. The attackers have been seen stealing banking credentials and reportedly installing the Emotet malware onto compromised devices. The phishing SMS contains a warning saying the victim’s bank account has been locked and prompts them to click a link to reactivate it. This phishing attempt looks remarkably legitimate; check out the blog post which contains a list of indicators to help you know if a message is a scam.
A new version of the well-known Android banking trojan, Cerberus, is reportedly capable of stealing codes from the Google Authenticator app, therefore allowing access to 2FA-enabled accounts. Current versions of Cerberus are already remarkably advanced, possessing features usually exclusive to remote access trojans; the new versions, which are reportedly still being tested, have capabilities very rarely seen in malware strains. The features it possesses make it capable of bypassing all authentication on online banking accounts, making it extremely dangerous and profitable for the bad guys.
Vulnerabilities & Updates
A new bug, known as Kr00k, has been discovered that allows an attacker to intercept and decrypt WiFi network traffic. This vulnerability reportedly affects all WiFi devices that use Broadcom and Cypress WiFi chips; these are some of the most popular chipsets in the world and are used in the majority of devices, including smartphones laptops and even smart speakers. Patches should be available for most vulnerable devices but may require a firmware update; this article includes instructions on how to check your devices for a patch.
And that’s it for this week’s round-up, please don’t forget to tune in for new instalments every week.
Why not follow us on social media using the links provided on the right.
Edition #80 –28th February 2020
Ironshare – Security Simplified