Cyber Round-up for 8th February
Welcome to the Ironshare Cyber Round-up where we look back at the events of that last week and cover some of the news, posts, views, and highlights from the world of Security.
In this week’s round-up:
- Metro Bank Falls Victim to SS7 Two-Factor Attack
- Mass Recall on Kids Smart Watch
- Time to Update your Android – Critical PNG Bug
- Google Translate Used to Hide Phishing Sites
- Take Five to Stop Fraud
Metro Bank Falls Victim to SS7 Two-Factor Attack
Motherboard have reported how the UK’s Metro Bank has fell victim to a two-factor authentication (2FA) attack that exploits the legacy Signalling System 7 (SS7) protocol, to intercept 2FA codes.
The SS7 protocol was originally developed in 1975, and in 1980 the ITU formerly approved it as the international standard for telephone signalling, call establishment and routing.
Flaws in SS7 are known to have been exploited for quite some, and successful attacks against the protocol are capable of tracking phones, as well as intercepting calls and text messages.
It has previously been believed that the ability to exploit SS7 has been firmly in the hands of intelligence agencies, but Motherboard confirmed that this is far more wide spread. Cyber criminals are using this to attack bank customers with the aim of clearing out their bank accounts.
Mass Recall on Kids Smart Watch
The European Commission has ordered the child smart watch provider ENOX to recall its Safe-KID-One product, after it was found the watch could be used by bad actors to send messages to the watch and use the inbuilt GPS to find the locations of their child users.
The Commissions rapid alert system, which is used to inform other European nations of dangerous products, states that these smart watches pose a ‘serious’ risk; potentially threatening the child’s safety.
Time to Update your Android – Critical PNG Bug
Google have released a new security update for their Android OS after it was disclosed that devices were vulnerable to a number of flaws that include three critical remote code execution vulns.
The Android Security Bulletin for Feb 2019 includes a total of 42 CVE’s; 11 vulns were classed as Critical, 30 High, and 1 moderate, spanning Framework, System, Kernel, NVIDIA graphics, and Qualcomm network components.
Google consider the three PNG based critical flaws to be the most severe included in this month’s bulletin, which impacts millions of devices worldwide running Android v7.0 to v9. A PNG is a common type of image file format similar to bitmap (BMP) and JPEG.
Google Translate Used to Hide Phishing Sites
A new phishing method has been witnessed this week, where attackers have hidden their phishing websites behind the Google translate service.
Like most phishing attacks the intent of the actors here is to scam you into providing personal information and login details, that they can steal and use for malicious purposes.
This particular attack focuses on attempts to steal your Google and Facebook account credentials.
It all typically starts with a fake security email notifying the user of a new device login and includes a link to verify that the login activity was you.
Take Five to Stop Fraud
To finish off this week we wanted to give a quick mention to a useful site called:
‘Take Five to Stop Fraud’.
This site is provided by Financial Fraud Action UK and is backed by Her Majesty’s Government, with a goal to provide easy to understand advice, so the public can be more prepared and protect themselves against the fraudulent activities of bad actors.
We have covered a lot of news reports over the last few months related to financial fraud, delivered through scams and phishing attacks, and they do not appear to be slowing down.
Take Five to Stop Fraud is a great resource for the general non-technical public, explaining the different scams in use and how to spot them. There are also a bunch of helpful educational videos that give examples and practical advice.
Head over to their website below and make sure you can identify fraud the next time you receive a dodgy call or email.
And that’s it for this week, please don’t forget to tune in for our next instalment.
To keep up to date with our news and posts why not join our mailing list by using the link to subscribe: http://bit.ly/IronMailList
You can also follow us using the social media links provided.
If your business needs to improve its security, kick-start your Cyber plans with our Free Cyber Assessment: http://bit.ly/IronFreeCyberReview
Ironshare – Security Simplified
Edition #28 – 8th February 2019