- Smart Intel Briefing
- Posts
- The Cybersecurity Crucible - Forging Hard Targets – 09 October 2023 | KD Sec & Tech Secure
The Cybersecurity Crucible - Forging Hard Targets – 09 October 2023 | KD Sec & Tech Secure
Empowering Users with Essential Cybersecurity Insights and Tips
Introduction
Hello, Hard Targets!
Welcome back, Hard Targets! We're thrilled to have you with us for another issue packed with crucial information designed to keep you safe and informed in the digital realm. In this issue, we delve deep into the pressing matters of cybersecurity, providing you with the latest news, tips, and insights in the tech world.
Exciting News from Last Week's Giveaway! Last week we conducted a giveaway for TryHackMe.com. A hearty congratulations to Shawn Darius, the lucky winner! Shawn now has the opportunity to either commence or continue his cybersecurity journey, equipped with the latest information and tools available through his voucher. A big shoutout to Marcus Foy for sponsoring this giveaway, and a round of applause for Shawn once again! Stay tuned, as we plan to host at least one giveaway per month going forward.
Take a moment to appreciate the artwork featured in this issue, meticulously crafted to visually represent the themes and topics we'll explore together. For those joining us for the first time, don't miss out on our future releases - Subscribe here to stay in the loop!
Why is this newsletter indispensable for you? As Hard Targets, you understand the importance of staying ahead in the cybersecurity game. Our newsletter is a treasure trove of valuable insights, expert analyses, and actionable tips to fortify your defenses against the ever-evolving threats in cyberspace.
We're committed to bringing you fresh, relevant content semi-weekly, every Monday and Friday, ensuring you start and end your week with a wealth of knowledge at your fingertips. This issue covers a range of topics, including the latest vulnerabilities and news in the Apple, Samsung & Android, and Microsoft & Windows ecosystems. We also spotlight the scams currently making rounds, arming you with the awareness to steer clear of their traps.
Dive in, explore, and empower yourself with the information curated meticulously for our Hard Targets community. Together, let's build a safer, more secure digital environment for all!
Cybersecurity Pop Quiz
Test Your Cybersecurity Knowledge With Our Quick Quiz: Are You a True Hard Target?
Question 1: What is the main purpose of using a Virtual Private Network (VPN) in cybersecurity?
a) To create strong passwords
b) To bypass regional content restrictions
c) To encrypt data transmitted over the network
d) To increase internet speed
Question 2: What does the term “Ransomware” refer to in the context of cybersecurity?
a) A type of phishing attack
b) Software that demands payment after encrypting the user’s files
c) A security protocol to protect online transactions
d) A firewall that protects against unauthorized access
Question 3: Which of the following is NOT a common type of cybersecurity attack?
a) SQL Injection
b) Man-in-the-Middle Attack
c) Phishing Attack
d) Quantum Attack
Answers:
c) To encrypt data transmitted over the network
b) Software that demands payment after encrypting the user’s files
d) Quantum Attack
Cybersecurity News and Emerging Technology
Lawsuit Filed Over False Arrest Due to Facial Recognition Misuse
Source: ABC News
Summary: A man in New Jersey has filed a lawsuit claiming he was wrongfully arrested due to the misuse of facial recognition technology. The plaintiff, Nijeer Parks, spent ten days in jail after being falsely identified as a shoplifting suspect. This case highlights ongoing concerns about the reliability and potential biases of facial recognition systems, prompting calls for better regulation and oversight of this technology.
What’s the importance of this article? The article underscores the critical issues of accuracy and bias in facial recognition technology, raising awareness about the potential risks and consequences for innocent individuals. It also emphasizes the need for improved regulation and oversight to prevent miscarriages of justice due to technological errors.
How could this affect me? If facial recognition technology is not accurately regulated and monitored, innocent individuals could be at risk of false identification and wrongful arrest, leading to legal and personal complications.
Pixel 8 Pro Introduces FDA-Approved Temperature Sensor
Source: The Verge
Summary: Google's Pixel 8 Pro now features an FDA-approved temperature sensor, marking a significant step in the integration of health tech in smartphones. This novel feature allows users to monitor their body temperature, providing a valuable tool for personal health management. The temperature sensor is easy to use, with readings available on the phone's lock screen and notification panel.
What’s the importance of this article? The introduction of an FDA-approved temperature sensor in the Pixel 8 Pro represents a convergence of health technology and smartphones. This feature enhances the phone's utility as a health monitoring device, potentially aiding users in tracking and managing their health more effectively.
How could this affect me? For Pixel 8 Pro users, the temperature sensor provides a convenient way to monitor body temperature, which can be crucial for early detection of fever or illness. This feature adds value to the device, making it a helpful companion for health-conscious individuals.
US-China Tech War: RISC-V Chip Technology Emerges as New Battleground
Source: Reuters
Summary: The ongoing tech war between the US and China has found a new focal point: RISC-V chip technology. As an open-source hardware instruction set architecture, RISC-V is gaining traction as an alternative to proprietary options from companies like Intel and ARM. Both nations are investing heavily in this technology, recognizing its potential to reshape the global semiconductor landscape.
What’s the importance of this article? The article sheds light on the strategic importance of RISC-V technology in the global tech landscape, highlighting its role as a new battleground in the US-China tech war. Understanding this dynamic is crucial for anyone interested in the future of technology, international relations, and global economic power structures.
How could this affect me? The development and adoption of RISC-V technology will influence the semiconductor industry and the broader tech sector, potentially impacting the devices and technologies available to consumers in the future. Being aware of these shifts can help you navigate the changing tech landscape more effectively.
Best Early Deals for October Prime Day 2023
Source: Engadget
Summary: Engadget has compiled a list of the best early deals available for Amazon's October Prime Day 2023. The article highlights various tech products, including laptops, headphones, and smart home devices, that are available at discounted prices. Brands featured in the deals include Apple, Bose, and Samsung. The article also provides tips on how to make the most out of Prime Day deals, advising readers to prepare in advance and consider Amazon's credit card for additional savings.
What’s the importance of this article? For tech enthusiasts and consumers looking to purchase electronic devices, this article provides valuable information on the best deals available, helping them make informed purchasing decisions and save money during Amazon's Prime Day event.
How could this affect me? If you are planning to buy tech products, this article can guide you to the best deals, helping you purchase desired items at lower prices. Being aware of these deals allows you to strategically plan your purchases and maximize savings during the sales event.
Here are some of the best early deals for October Prime Day 2023 as listed in the Engadget article:
Tech Products:
Apple AirPods Pro (USB-C): Now with USB-C charging, improved dust resistance, and lossless audio support. On sale for $199, saving you $50.
Amazon Echo Dot + Kasa Smart Plug Mini Bundle: Available at 67% off, costing only $24.
Amazon Echo Show 5: Amazon's smallest smart display is at its lowest price ever, available for $40.
Amazon Echo Show 15: With a large 15.6-inch display, it's available for $185, a 33% discount.
EarFun Air Pro 3 Noise-Canceling Earphones: Available for $60 with a $20 on-page coupon.
Amazon Echo Buds (2023): Exclusive to Prime members, available for $35, a $15 discount.
Samsung Galaxy Watch 6 Classic: Available for $369, an 8% discount.
Samsung Galaxy Z Fold 5: With a $300 discount, available for $1,500.
Amazon Kindle Scribe: Available for $265, a 22% discount.
Amazon Fire TV Stick Lite: Supports HD content and comes with a basic Alexa voice remote, available for $18.
Home Devices:
Blink 4th-gen Outdoor Cameras: A three-pack is available for half off at $135.
Google Nest Cam (Battery): Available for $120, a significant discount from its list price of $180.
Ring Video Doorbells: Various models and bundles are available starting from $35.
iRobot Roomba j7+ Combo: The top robot vacuum and mop combo is available for $799, a $300 discount.
Eero Pro 6E Mesh Wi-Fi System: A three-pack is available for $400, providing up to 6,000 square feet of coverage.
Others:
JBL Charge 5 Speaker: Available for $130, a $50 discount.
Anker 332 USB-C Hub: A five-port hub available for $18, a 49% discount.
Amazon Smart Thermostat: Available for $56.
Samsung Pro Plus MicroSD Card with USB Reader: Available for $23.
Amazon Fire Omni QLED Series TVs: Various sizes are available with significant discounts, starting from $380.
Cybersecurity General Tip of the Issue
Understanding Geotagging Concerns
Summary: Geotagging is a feature that embeds location data within photos, videos, and social media posts. While it can be useful for organizing and sharing content, it also raises privacy concerns. Geotagging can inadvertently disclose your whereabouts, routines, and habits to strangers, making you vulnerable to stalking, burglary, and other security risks.
Why is this important? Awareness of geotagging is crucial for maintaining your privacy and safety online. The embedded location data can be exploited by malicious actors to track your movements, learn about your lifestyle, and even determine when you're not at home. This information can be used for various malicious purposes, including harassment, theft, or other forms of exploitation.
How to Implement: To mitigate geotagging risks, consider disabling the geotagging feature on your devices, especially when taking photos or sharing posts online. Review the privacy settings on your social media accounts and camera apps to control who can access your location data. Additionally, be cautious when sharing images and content online, and consider using tools or apps that can remove geotags from your photos before posting them.
The Apple Ecosystem
iOS 17 Review: Notable New Features and Streamlined Touches
Source: Engadget
Summary: The Engadget review provides a comprehensive look at iOS 17, highlighting its new features and improvements. The update introduces a refreshed look with new icons and a more intuitive interface. Users will benefit from enhanced privacy features, including a new notification system that informs when apps are accessing the device's camera or microphone. Additionally, iOS 17 debuts the Live Text feature, allowing users to interact with text within photos and images.
Refreshed Look and Interface: iOS 17 unveils a refreshed look with new icons, offering users a more intuitive and user-friendly interface.
Enhanced Privacy Features: The update enhances user privacy with new notifications that alert users when apps access the device's camera or microphone, providing greater control and security over personal data.
Live Text Feature: The innovative Live Text feature allows users to interact with text within photos and images, enhancing the user experience with media on Apple devices.
What’s the importance of this article? Understanding the new features and improvements of iOS 17 is crucial for Apple device users to fully utilize and enjoy their devices. The article provides valuable insights into the enhanced privacy features, offering users greater control and security over their data.
How could this affect me? If you use an Apple device, the new features in iOS 17 will impact your daily usage. The update offers a more intuitive interface, enhanced privacy controls, and innovative features like Live Text, all designed to improve your experience with Apple devices.
Forget The MacBook Pro, Apple Has Something Much Better
Source: Forbes
Summary: Apple is planning to release new MacBook Pro models with mniLED backlighting displays, which are more efficient. These displays can increase brightness by ten percent more than current displays. Alternatively, Apple could maintain the brightness level and enjoy increased battery life as a primary benefit. The new MacBooks, expected to launch by the end of the year, will feature M3 technology based on 3nm fabrications, similar to the current A17 Pro chipsets in iPhone 15 Pro and 15 Pro Max. The new professional laptops, including 14-inch and 16-inch MacBook Pro models, will likely arrive in the first half of 2024, offering significant updates with Apple Silicon, design, and display.
What’s the importance of this article? The article provides insights into Apple's upcoming MacBook Pro models, highlighting the introduction of efficient mniLED backlighting displays and the anticipated M3 technology. For potential buyers and tech enthusiasts, this information is crucial in understanding the new features and improvements to expect in the next generation of MacBook Pro laptops.
How could this affect me? If you are planning to purchase a new MacBook Pro, this information is vital to make an informed decision. The introduction of mniLED displays and M3 technology in the upcoming models will offer enhanced brightness and efficiency, which could be significant factors in your buying decision. If you are looking for improved display quality and efficiency in a MacBook Pro, it might be worth waiting for the new models to be released.
Apple Emergency Update Fixes New Zero-Day Used to Hack iPhones
Source: BleepingComputer
Summary: Apple has released emergency security updates to patch two new zero-day vulnerabilities that have been exploited in attacks. The first zero-day, CVE-2023-42824, is a weakness in the XNU kernel allowing local attackers to escalate privileges on unpatched iPhones and iPads. The second vulnerability, CVE-2023-5217, is a heap buffer overflow in the open-source libvpx video codec library, allowing arbitrary code execution. Apple has addressed these vulnerabilities in the iOS 17.0.3 and iPadOS 17.0.3 updates.
What’s the importance of this article? This article is crucial as it informs Apple users about the immediate need to update their devices due to two new zero-day vulnerabilities that have been actively exploited. Awareness and prompt action are necessary to prevent potential security breaches and protect user data.
How could this affect me? If you are using an Apple device, these vulnerabilities could put your data at risk if not addressed immediately. Updating your device to iOS 17.0.3 or iPadOS 17.0.3 is essential to safeguard your information and prevent unauthorized access and control by attackers.
The Apple Ecosystem Security Tip of the Issue
Disabling Geotagging on Apple Devices
Summary: Geotagging embeds the geographical location where photos and videos are taken into the files themselves. While this feature can be useful for organizing and recalling memories, it also poses privacy risks as it reveals the exact location where the media was captured.
Why is this important? Disabling geotagging on your Apple devices is crucial for protecting your privacy. When you share photos and videos online, the embedded location data can be accessed by others, potentially revealing sensitive information about your whereabouts and activities.
How to Implement:
On iOS and iPadOS Devices:
Open the 'Settings' app.
Scroll down and tap on 'Privacy.'
Select 'Location Services.'
Scroll down and tap on 'Camera.'
Under 'Allow Location Access,' select 'Never.'
On macOS:
Open 'System Preferences.'
Click on 'Security & Privacy.'
Go to the 'Privacy' tab.
Select 'Camera' from the left sidebar and uncheck the box next to 'Camera' to disable location services for the camera.
Samsung & Android
Best Tech Releases of 2023
Source: Gear Patrol
Summary: The article provides an overview of the most exciting tech releases of 2023, showcasing a variety of products from leading brands. Some notable releases include the Leica Sofort 2, Google Pixel 8, Google Pixel Watch 2, Samsung Galaxy S23 FE, Plugable Thunderbolt 4 and USB4 Docking Station, DJI Mini 4 Pro, iPhone 15 Pro and Pro Max, Apple Watch Ultra 2, and Bose QuietComfort Ultra Headphones.
What’s the importance of this article? The article is a comprehensive guide to the latest tech products released in 2023, offering readers insights into the features and pricing of each item. For tech enthusiasts and consumers planning to purchase new gadgets, this roundup provides valuable information to make informed buying decisions.
How could this affect me? If you are in the market for new tech gadgets, being aware of the latest releases helps you make informed decisions on products that best suit your needs and preferences. Whether you are looking for smartphones, cameras, headphones, or other tech accessories, understanding the features and pricing of the newest products can guide you in your purchasing process.
Samsung Wallet Integrates Driver’s License Feature in the USA
Source: SamMobile
Summary: Samsung Wallet now allows users in the USA to integrate their driver’s license. This feature aims to offer convenience by reducing the need to carry a physical driver’s license, as users can present the digital version stored securely in their Samsung Wallet.
What’s the importance of this article? The integration of driver’s licenses into Samsung Wallet signifies a move towards digital identification, providing users with a secure and convenient alternative to physical IDs.
How could this affect me? For Samsung users, this feature offers ease and convenience by digitizing identification, making it easier to carry and present when needed without relying on a physical card.
UK Carrier O2 Supports Google Messages and RCS
Source: 9to5Google
Summary: UK carrier O2 now supports Google Messages and Rich Communication Services (RCS), enhancing the texting experience for Android users. This support allows for improved group chats, high-quality photo sharing, and better video calls, providing a richer communication experience.
What’s the importance of this article? The support for Google Messages and RCS by O2 offers Android users in the UK an improved and more dynamic texting experience, bringing enhanced communication features to their devices.
How could this affect me? If you're an O2 customer using an Android device, you can now enjoy a superior texting experience with advanced features, making communication more enjoyable and efficient.
Samsung & Android Security Tip of the Issue
Geotagging Concerns on Android Devices
Summary: Geotagging embeds location data within photos and videos taken on your Android device. While this feature can be useful for organizing media, it poses privacy risks as shared files can reveal your whereabouts.
Why is this important? Disabling geotagging is crucial for protecting your privacy. With geotagging enabled, anyone with access to your photos can potentially extract the location data embedded in the files, exposing your private or sensitive locations.
How to Implement: To disable geotagging on Android devices, open the Camera app and navigate to its settings. Look for the location, GPS, or geotagging option and turn it off. The exact navigation might differ slightly based on the device model and the Android version it's running. For Samsung users, open the Camera app, tap on the gear icon to access settings, scroll down to find the 'Location tags' option, and turn it off. Always review and adjust privacy settings after system or app updates, as these might revert your preferences.
Microsoft & Windows
Microsoft's Acquisition of Activision Blizzard Delayed by UK's CMA
Source: The Verge
Summary: The UK's Competition and Markets Authority (CMA) is investigating Microsoft's proposed acquisition of Activision Blizzard, causing a delay in the deal's finalization. The CMA is concerned about the potential impact on the gaming industry and wants to ensure fair competition.
What’s the importance of this article? The investigation and subsequent delay of the acquisition deal highlight the global regulatory challenges tech giants face in mergers and acquisitions, potentially affecting the industry's landscape and competition dynamics.
How could this affect me? For gamers and stakeholders in the gaming industry, this delay may impact the release and development of future games and services offered by Microsoft and Activision Blizzard.
Microsoft Overhauls OneDrive with New Design and Features
Source: The Verge
Summary: Microsoft announces the third generation of OneDrive, introducing a Fluent design refresh, AI-powered Copilot system, and significant improvements for business users. The overhaul enhances the experience of working with OneDrive, offering quality-of-life improvements for managing and using files across the web, Windows, and Microsoft Office apps. The update also brings a new people view, folder color options, improved search experience, and better offline support, with many features set to be available in early 2024.
What’s the importance of this article? The article is important as it informs users about the significant updates and improvements made to OneDrive, which is widely used for cloud storage by both consumers and businesses. The introduction of new features and a more user-friendly design enhances the functionality and ease of use of OneDrive, making it a crucial update for users who rely on this service for storing and managing their files.
How could this affect me? If you are a OneDrive user, these updates will directly impact your experience with the service. The new features and improvements aim to make file management and collaboration easier and more efficient, ultimately helping you to work more productively and effectively, whether you are using OneDrive for personal or business purposes.
Microsoft Launches Web Version of Windows App Store
Source: The Verge
Summary: Microsoft has launched a web version of the Windows App Store, allowing users to browse and install apps directly from their browsers. This move is part of Microsoft's effort to make apps more accessible and easier to discover.
What’s the importance of this article? The web version of the Windows App Store enhances accessibility and user experience, making it easier for users to discover and install applications on their Windows devices.
How could this affect me? Windows users now have a more convenient option for discovering and installing apps, which may streamline the user experience and offer a broader range of applications to explore and use.
Microsoft & Windows Security Tip of the Issue
Concerns Regarding Geotagging
Summary: Geotagging automatically embeds location data (latitude and longitude) into files, such as photos. While this feature is useful for organizing and recalling where each photo was taken, it poses privacy risks. Sharing a geotagged photo can inadvertently disclose your exact location to others.
Why is this important? Understanding and managing geotagging is crucial for protecting your privacy. Cybercriminals or malicious actors can exploit this information to track your movements, learn about your habits, or determine when you are not at home, leading to potential stalking, theft, or other security issues.
How to Implement: On Windows devices, you can disable geotagging for photos by going to the Camera app, navigating to Settings, and turning off the location setting. For existing photos, you can remove geotagging by right-clicking on the file, selecting 'Properties', going to the 'Details' tab, and choosing 'Remove Properties and Personal Information'. Always be cautious when sharing photos online and consider using photo-sharing platforms that automatically strip out geotagging information.
Scams to Watch Out For
New Warnings About Scammers as Student Loan Payments Resume
Source: YouTube
Summary: With federal student loan payments resuming, scammers are attempting to exploit the millions of Americans affected. These scammers use various methods, including robocalls, online ads, emails, and traditional mail, to deceive individuals into paying fees for fraudulent services or to acquire personal information. They often promise loan forgiveness or reduced payments, creating a sense of urgency to trick individuals into complying with their schemes.
Key Takeaways:
Scammers are targeting the 27 million Americans with federal student loan debt, which totals approximately $1.1 trillion.
They use various outreach methods, including robocalls, online ads, emails, and snail mail.
Scammers often promise loan forgiveness, reduced payments, or offer to handle paperwork for a fee.
Warning signs include requests for personal information, such as your Federal Student Aid ID, or claims of affiliation with the Department of Education.
To avoid scams, verify the identity of the caller, do not pay fees for loan management services, and consult official government websites for accurate information.
Thank You, Hard Targets!
Thank you, dear subscribers, for dedicating your time to read through this issue. Your continuous support is immensely appreciated, and it fuels our commitment to bringing you valuable content each time.
We're on a mission to grow our community of Hard Targets, and we need your help! If each one of you could encourage just one friend or family member to subscribe before our next issue, it would make a significant difference. This collective effort will not only expand our Hard Targets community but also enable us to provide you with better content, exclusive discounts on tech and security products, and top-notch services.
Remember, there's strength in numbers. By growing our community, we enhance our resilience and fortify our defenses against the myriad of cyber threats lurking in the digital shadows. As Hard Targets, we stand united, informed, and unyielding in the face of adversity.
Once again, thank you for your unwavering support. Let’s continue to stand strong as Hard Targets, vigilant and unassailable, as we navigate through the complex landscape of cybersecurity together.
Reply