iOS - Simply visiting a compromised website can lead to your iPhone being hacked silently by some unknown party.

 Once  compromised encryption can be entirely undone.  The malware will have access to almost all of the personal information available on the device, which it will  able to upload, unencrypted, to the attacker's server."

The implant would also enable hackers to snoop on Gmail and Google Hangouts, contacts and photos. The hackers could also watch where users were going with a live GPS location tracker. And the malware stole the "keychain" where passwords, such as those for all remembered Wi-Fi points, are stored.


https://www.forbes.com/sites/thomasbrewster/2019/08/30/whatsapp-encryption-undone-and-location-leaked--why-the-latest-iphone-hack-is-terrifying/#454619bc6d2e

Hostinger STUNG by Hackers - August 23rd breach has put the records of up to 14 million Hostinger users at risk.

Hostinger does not currently offer its customer two-factor authentication as an additional layer of security

Data exposed in the security breach includes clients’ usernames, email addresses, hashed passwords, first names, and IP addresses.

https://www.grahamcluley.com/hostinger-resets-passwords-following-security-breach/

"find my iPhone app" helps only if you are smarter than the scammer. Hopefully this Blog should help you and there is some good advice at the end.

https://www.kaspersky.com/blog/how-they-stole-my-iphone-episode-2/27961

3rd Party RIsk? - Texas Holdem (for Ransom) -Texas officials say the 23 attacks are all connected and carried out by a single threat.

The threat actor deployed the ransomware through the software from the managed service provider (MSP) used by the administration for technical support.

MSPs have started to be a frequent target for ransomware operators as a successful compromise offers access to multiple clients.

https://www.bleepingcomputer.com/news/security/hackers-want-25-million-ransom-for-texas-ransomware-attacks/

Bad news Apple fans - In iOS 12.4 Apple "accidentally unpatched" an old vulnerability (CVE-2019-8605) patched previously in iOS 12.3.

Dubbed "unc0ver 3.5.0," the jailbreak works with the updated iPhones, iPads and iPod Touches by leveraging a vulnerability that Apple previously patched in iOS 12.3 but accidentally reintroduced in the latest iOS version 12.4.


An anonymous researcher who goes by the online alias "Pwn20wnd" has released a free jailbreak for iOS 12.4 on GitHub that exploits a use-after-free vulnerability in iOS kernel responsibly reported to Apple earlier this year by Ned Williamson, a researcher working with Google Project Zero.

The vulnerability, tracked as CVE-2019-8605, allows an application to execute arbitrary code with system privileges on a target Apple device, which can not only be used to jailbreak them but also leaves users vulnerable to hackers.

https://thehackernews.com/2019/08/ios-iphone-jailbreak.html

Free Password Checkup extension for Chrome

It automatically takes the encrypted login credentials that we enter and verifies if they may have been compromised by cross-checking from a central database.

The tool developed with the help of Stanford cryptography researchers is available through a Password checkup extension on Chrome Web Store and notifies users whenever it finds that the user has entered username or password that has been leaked before in a data breach.

https://www.hackread.com/dodging-bad-passwords-with-googles-new-tool/

KNOB (Key Negotiation Of Bluetooth) - Weakness in the Bluetooth wireless standard that could allow hackers to intercept keystrokes, address books, and other sensitive data

The attack forces two or more devices to choose an encryption key just a single byte in length before establishing a Bluetooth connection. Attackers within radio range can then use commodity hardware to quickly crack the key

KNOB doesn't require an attacker to have any previously shared secret material or to observe the pairing process of the targeted devices. The exploit is invisible to Bluetooth apps and the operating system they run on, making the attack almost impossible to detect without highly specialized equipment.

https://news.hitb.org/content/new-attack-exploiting-serious-bluetooth-weakness-can-intercept-sensitive-data

Malware watches Porn - I mean, it records screen activity while you are watching Porn

Its prime target is Windows-based computers where once the device is infected it steals login credentials, financial details, and recording screen activities while its victim “enjoys” x-rated content.
Question - How does it know that you are watching PORN?
and
I guess there will be a new version that adds another feature  that  records you while you are watching PORN so that you can be blackmailed later"

https://www.hackread.com/malware-records-screen-activity-victim-watches-porn/

This is a bad - 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows.

It  allow a low privileged application to read and write data to a higher privileged application.


If exploited, the weakness in CTF protocol could allow attackers to easily bypass User Interface Privilege Isolation (UIPI), letting even an unprivileged process to:

•    read sensitive text from any window of other applications, including passwords out of dialog boxes,
•     gain SYSTEM privileges,
•     take control of the UAC consent dialog,
•     send commands to the administrator's console session, or
•     escape IL/AppContainer sandboxes by sending input to unsandboxed windows.

The researcher has also released a custom open-source "CTF Exploration Tool" on Github that he developed and used to discover many critical security issues in the Windows CTF protocol.



Ormandy responsibly reported his findings to Microsoft in mid-May this year and released the details to the public today after Microsoft failed to address the issue within 90 days of being notified.

https://thehackernews.com/2019/08/ctfmon-windows-vulnerabilities.html

We have quickly from "Technocracy" to "Techno-Crazy" and the price we are paying is that there is no such thing as "Anonymized Data" . 99.98% of Americans could be re-identified from an otherwise anonymized dataset, if it included 15 demographic attributes.

In a 2000 paper, Latanya Sweeney  estimated that 87% of US citizens could be identified using just three pieces of information: their 5-digit zip code, gender, and data of birth.
The removal of names is simply not enough to properly de-identify a person. We'll need to ensure that all personally identifiable information is anonymized in order to remove the risk of re-identification of individuals

https://www.darkreading.com/endpoint/privacy/companies-anonymized-data-may-violate-gdpr-privacy-regs/d/d-id/1335361

Found this on twitter , Cyber criminal's axiom - "Give a man a fish and he eats for a day, teach a man to phish and he’ll live like a king"

Some Ransomware authors are very clear about their objective. They not only are willing to provide evidence to prove that they have the decryption key they also clearly state that “The core of this criminal business is to give back your valuable data in the original form (for ransom of course).”

Sad but True - When Check Point researcher informed Microsoft of a flaw in its RDP client he was told his finding "is valid but does not meet our bar for servicing", so it didn't warrant a patch.

But, fixed it one they realized the same flaw could be used to target its Hyper-V virtualization software in Windows 10 and Azure.

The patch came after Itkin discovered an attacker could use the flaw in Microsoft's RDP client for a sandbox escape or a "guest-to-host" virtual machine (VM) escape in Microsoft's Hyper-V Manager


Microsoft security software engineer Dana Baril and Itkin detail the connection between the RDP client and Hyper-V in an aptly titled presentation at Black Hat on Wednesday, called 'He Said, She Said – Poisoned RDP Offense and Defense'.

https://www.zdnet.com/article/windows-10-security-microsoft-dismissed-rdp-flaw-until-it-saw-hyper-v-was-affected/

Need another good reason to apply 07/18 Windows Patches? - SWAPGS Vulnerability

It could allow attackers to steal any type of information that is stored in the memory, including chat messages, emails, login credentials, payment information, passwords, encryption keys, tokens, or access credentials.

What it comes down to, is that no information can be kept secret.

In order to increase performance in CPUs, a feature called speculative execution will execute instructions before it knows if they are needed or not. Vulnerabilities that target this feature are called side-channel attacks.

In a new side-channel attack discovered by Bitdefender, attackers "break the memory isolation provided by the CPU, allowing an unprivileged attacker to access privileged, kernel memory."


https://www.bleepingcomputer.com/news/security/swapgs-vulnerability-in-modern-cpus-fixed-in-windows-linux-chromeos/

Oh no! another Harwdare bug? - Flaw in Qualcomm chipsets called QualPwn allow hackers to compromise Android devices remotely simply by sending malicious packets over-the-air – no user interaction required.

The prerequisite for the attack is that both the attacker and targeted Android device must be active on the same shared Wi-Fi network.

One of the vulnerabilities allows attackers to compromise the WLAN and modem, over-the-air. The other allows attackers to compromise the Android kernel from the WLAN chip. The full exploit chain allows attackers to compromise the Android kernel over-the-air in some circumstances

https://threatpost.com/android-phones-qualpwn/146989/

Most common problem in IT Security are People ( phishing,misconfiguration) , 3rd party risk (too many, complex,visibility issues issues) and IoT. I thought IoT should be comparatively easier but, it seems we are still ignoring it.

Although things like smartphones and desktop computers are often top of mind when it comes to security, it’s often the printer, camera, or decoder that leaves a door open for a hacker to exploit.

In multiple cases, Microsoft saw Fancy Bear get access to targeted networks because the IoT devices were deployed with default passwords. In another case, the latest security update was not applied. Using those devices as a starting point, the hackers established a beachhead and looked for further access.

https://www.technologyreview.com/f/614062/russian-hackers-fancy-bear-strontium-infiltrate-iot-networks-microsoft-report/

Insider Threat - Money talks BS Walks - In this case - AT&T employees took bribes to unlock millions of smartphones, and to install malware and unauthorized hardware (rogue Wireless Access points) on the company's network.More than $1 million in bribes were paid to several AT&T employees.

The bribery scheme lasted from at least April 2012 until September 2017

Fahd bribed AT&T employees to install malware on AT&T's network at the Bothell call center.

In November 2014, as Fahd began having problems controlling this malware, the DOJ said he also bribed AT&T employees to install rogue wireless access points inside AT&T's Bothell call center. These devices helped Fahd with gaining access to AT&T internal apps and network, and continue the rogue phone unlocking scheme.

The DOJ claims Fahd and Jiwani paid more than $1 million in bribes to AT&T employees, and successfully unlocked more than two million devices, most of which were expensive iPhones. One AT&T employee received more than $428,500 in bribes over a five year period,

https://www.zdnet.com/article/at-t-employees-took-bribes-to-plant-malware-on-the-companys-network/

“The Equifax settlement is laughable,” Senator Ron Wyden - - “With just $31 million to be divided up by all the Americans who filed to receive their $125 check, Americans have the choice of receiving pennies for having their credit details spilled out online, or receiving virtually worthless credit monitoring,”

As part of the $575 million settlement, up to $425 million was set aside to compensate those who could clearly prove they were victims of identity theft as a result of the breach.

For those unable to prove clear financial harm (most of us), the settlement offered users either free credit reporting for ten years, or a $125 one time cash payout. But because the FTC only set aside $31 million to pay for these payouts, it quickly ran out of cash and is now falsely telling consumers the free credit reporting is a “much better value.”

https://www.vice.com/en_us/article/d3agv7/the-equifax-settlement-is-a-cruel-joke

Unexpected freebie from Google that you might NOT like - A secret (hidden) microphone in home alarm product. Google says it goofed by keeping the microphone secret

    “The on-device microphone was never intended to be a secret and should have been listed in the tech specs. That was an error on our part.”

It went on to explain to Business Insider that it’s not unusual for security systems to have built-in microphones:

    “The microphone has never been on and is only activated when users specifically enable the option.”

https://hotforsecurity.bitdefender.com/blog/google-in-hot-water-after-not-revealing-it-had-hidden-a-secret-microphone-in-home-alarm-product-20863.html

Capital One needed a Skilled engineer for 100M hack, Honda only needed a dumb admin to expose 134M rows of sensitive data

 The data was on an unsecured Elasticsearch database that was freely accessible to anyone who came across it, and contained in-depth information about the company’s security systems and network.

This includes technical details of each individual computer, including IP addresses, operating systems, unique network identifiers and security solutions and patches.


As a result, the data would provide any malicious actors with an exhaustive map of the company’s systems, including all the soft spots that would provide easy access to the network. Any skilled – or even relatively unskilled – hacker could use this information to perform a successful and potentially devastating cyberattack on Honda, such as highly targeted attacks on high value employees

https://www.verdict.co.uk/honda-database-exposure/

Apple iPhone/iPad users - Upgrade you iOS to 12.4 - Apple has fully patched five of six critical flaws including CVE-2019-8624 and CVE-2019-8646, which allow an attacker to read files off an iOS device remotely, without any interaction from the victim. The code to exploit these vulnerabilities is publicly available.

Only 9.6 percent of devices have been updated to iOS 12.4, as of August 1 – 10 days after the patch was released on July 22 and three days after the vulnerability was disclosed to the public on July 29.

“The exploit initiates a dump of the victim’s iMessage database and compromises the iOS sandbox, putting files on the device at risk,” explained Cuddeford, in a post on Thursday. “This vulnerability calls into question the integrity of iOS sandboxing, which is one of the most significant fundamentals of the entire iOS security model. This iMessage exploit has similar implications to a jailbreak in that the weakness in iMessage exposes the file space on the device.”


https://threatpost.com/90-enterprise-iphone-users-imessage-spy-attack/146899/

Capital One, 100M customer info stolen - All it took was a misconfigured firewall and an experienced software engineer.

Misconfiguration is something that  in any security system/application because Vulnerabilities are easier to find compared to misconfiguration.

Approximately 100 million of the affected customers are in the US, with the remaining six million in Canada

The Capital One breach was discovered on 19 July 2019. The hack took place on 22 and 23 March.

On Monday, the FBI arrested the person allegedly responsible: Paige Thompson, a 33-year-old former systems engineer

https://www.verdict.co.uk/capital-one-breach/