Posts

How to Tell When Your Phone Will Stop Getting Security Updates

Image
Every smartphone has an expiration date. Here’s when yours will probably come. If  you`re shopping  for a smartphone, you're probably weighing how powerful it is, how good the cameras are, and of course how much you're going to have to pay for it—but it's also worth considering how long the handset is going to last you. A big part of that calculation comes down to the length of time that the phone will get updates. Apple just pushed out iOS 17, a software update that is heading to iPhones including the iPhone XR and the iPhone XS—handsets that launched in 2018. For five-year-old phones to be getting (mostly) the same software features as the brand new iPhone 15 is something Apple can be proud of and that its users can be grateful for, but this kind of future-proofing isn't standard. At the time of writing, Google promises Android updates for its Pixel phones for at least three years. For flagship Samsung Galaxy phones, the software update guarantee is for four years, an...

CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities

Image
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below - CVE-2023-42793  (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability CVE-2023-28229  (CVSS score: 7.0) - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability CVE-2023-42793 relates to a critical authentication bypass vulnerability that allows for remote code execution on TeamCity Server. Data gathered by GreyNoise has revealed exploitation attempts targeting the flaw from 74 unique IP addresses to date. On the other hand, CVE-2023-28229 is a high-severity flaw in the Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service that allows an attacker to gain specific limited SYS...

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

Image
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as  CVE-2023-20101  (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during development. "An attacker could exploit this vulnerability by using the account to log in to an affected system," Cisco said in an advisory. "A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user." The issue impacts Cisco Emergency Responder Release 12.5(1)SU4 and has been addressed in version 12.5(1)SU5. Other releases of the product are not impacted. The networking equipment major said it discovered the problem during internal security testing and that it's not aware of any malicious use of the vulne...

FBI warns of surge in 'phantom hacker' scams impacting elderly

Image
  The FBI issued a public service announcement warning of a significant increase in 'phantom hacker' scams targeting senior citizens across the United States. "This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institution, and government personas to enhance the trust victims place in the scammers and identify the most lucrative accounts to target," the FBI  said . "Victims often suffer the loss of entire banking, savings, retirement, or investment accounts under the guise of 'protecting' their assets." In such scams, multiple fraudsters masquerading as bank representatives are contacting unsuspecting victims, falsely alleging that their accounts have fallen victim to hacking attempts. Subsequently, these scammers employ various tactics to persuade their targets to grant access to their banking accounts, assessing whether they possess significant funds warranting further pursuit. Sho...

Why Is Cisco Buying Splunk?

Image
  Cisco Systems Inc (NASDAQ: CSCO)   announced a $28 billion all cash deal to buy cyber security company Splunk SPLK   -0.1%   last week, marking the networking major’s largest acquisition yet. Splunk is a market leader in security information and event management, analyzing log files, and other data, and using artificial intelligence to help companies minimize the risk of cybersecurity incidents. Interestingly, Cisco stock has had a Sharpe Ratio of  0.3  since early 2017, lower than  0.6  for the S&P 500 Index over the same period. This compares with the  Sharpe of 1.3  for the Trefis  Reinforced Value portfolio . Sharpe is a measure of return per unit of risk, and high-performance portfolios can provide the best of both worlds. As the world becomes more reliant on interconnected computer systems, cyber attacks can disrupt economic activity, sabotage critical infrastructure, and compromise countries’ security. There have been a...

Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability

Image
Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as  CVE-2023-5217 , the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia). Exploitation of such buffer overflow flaws can result in program crashes or execution of arbitrary code, impacting its availability and integrity. ClĂ©ment Lecigne of Google's Threat Analysis Group (TAG) has been credited with discovering and reporting the flaw on September 25, 2023, with fellow researcher Maddie Stone  noting  on X (formerly Twitter) that it has been abused by a commercial spyware vendor to target high-risk individuals. No additional details have been disclosed by the tech giant other than to acknowledge that it's "aware that an exploit for CVE-2023-5217 exists in the wild." The latest dis...

Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors

Image
A new threat actor known as  AtlasCross  has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a "high technical level and cautious attack attitude," adding that "the phishing attack activity captured this time is part of the attacker's targeted strike on specific targets and is its main means to achieve in-domain penetration." The attack chains start with a macro-laced Microsoft document that purports to be about a blood donation drive from the American Red Cross that, when launched, runs the malicious macro to set up persistence, exfiltrate system metadata to a remote server (data.vectorse[.]com) that's a sub-domain of a legitimate website belonging to a structural and engineering firm based in the U.S. It also extracts a file named KB4495667.pkg (codenamed DangerAds), which, subsequently acts as a loader to launch...