• Smart Intel Briefing
  • Posts
  • The Cybersecurity Crucible - Forging Hard Targets - 18 Sep 2023 | KD Sec & Tech Secure

The Cybersecurity Crucible - Forging Hard Targets - 18 Sep 2023 | KD Sec & Tech Secure

Your Semi-weekly Guide to Cybersecurity Awareness

Introduction

Welcome to the Cybersecurity Crucible, Hard Targets!

We're thrilled to have you with us and deeply appreciate your subscription to the Cybersecurity Crucible. Your commitment to enhancing your digital safety resonates with our core mission at KD Sec & Tech.

In this vast digital expanse, threats lurk in every corner, constantly evolving and seeking vulnerabilities. The Cybersecurity Crucible is your beacon amidst this chaos. We delve deep, sifting through the complexities of the digital realm, to bring you the most pertinent and timely information in cybersecurity.

Why is this newsletter essential? Because knowledge is power. With every issue of the Cybersecurity Crucible, we aim to empower you, providing insights into the latest vulnerabilities, tech breakthroughs, and cunning scams. Our shared goal? To ensure you're always a step ahead, fortified against these digital threats.

Where article summaries meet custom artwork, the Cybersecurity Crucible offers a unique blend of information and visual appeal, making cybersecurity not just informative but also engaging.

Mark your calendars! Every Monday and Friday, expect the Cybersecurity Crucible in your inbox, ensuring you're both starting and wrapping up your week with the latest in cybersecurity.

In this digital age, knowledge is our strongest armor. Together, let's strengthen our defenses, remain vigilant, and ensure that we transform every potential Soft Target into a steadfast Hard Target!

Cybersecurity Pop Quiz

Test your cybersecurity knowledge with our quick quiz. Let's see if you're a true Hard Target!

Question 1: Which of the following is NOT a recommended practice when creating a strong password?

  • a) Using a mix of uppercase and lowercase letters.

  • b) Including special characters and numbers.

  • c) Using easily guessable information like birthdays.

  • d) Ensuring the password is at least 12 characters long.

Question 2: What does the term "phishing" refer to?

  • a) A method used by hackers to guess passwords.

  • b) A technique to safely browse the internet.

  • c) An attempt to trick individuals into providing sensitive data.

  • d) A firewall protection method.

Question 3: Which of these is a secure method for managing passwords?

  • a) Using the same password for all accounts.

  • b) Writing passwords on sticky notes.

  • c) Sharing passwords with trusted friends.

  • d) Using a password manager.

Answers:

  1. c) Using easily guessable information like birthdays.

  2. c) An attempt to trick individuals into providing sensitive data.

  3. d) Using a password manager.

Cybersecurity News and Emerging Technology

The Lighter Side of MGM & Caesars Las Vegas Hack

Source: CyberNews

Summary: The article provides a humorous take on the MGM and Caesars Las Vegas hack. While the breach was significant, affecting millions of users, the writer uses satire to highlight the ironies and absurdities of the situation.

What’s the importance of this article? It offers a different perspective on cybersecurity incidents, emphasizing the need for vigilance while also highlighting the human element and the occasional absurdities in the world of cybersecurity.

How could this affect me? While the article is light-hearted, it serves as a reminder that even large corporations with vast resources can fall victim to cyberattacks. It underscores the importance of personal cybersecurity vigilance.

TikTok Flooded by Elon Musk Cryptocurrency Giveaway Scams

Summary: Scammers are exploiting TikTok's algorithm to promote cryptocurrency scams, falsely claiming that Elon Musk is giving away large amounts of cryptocurrency. These scams have become increasingly prevalent, misleading users into sending their own cryptocurrency with the promise of receiving larger amounts in return.

What’s the importance of this article? The article highlights the vulnerabilities of social media platforms and the tactics scammers use to exploit popular trends and well-known personalities.

How could this affect me? If you're a TikTok user or engage with cryptocurrency, it's crucial to be aware of such scams. Always verify information from trusted sources before making any financial decisions.

The Future of AI and Cybersecurity

Summary: As AI solutions become more integrated into the cybersecurity landscape, experts are examining the benefits and potential risks of this approach. Keijo Mononen, General Manager at Ericsson Security Solutions, discusses the role of AI in the future of cybersecurity. Many organizations are leveraging AI and machine learning to detect malware, with tools like Microsoft's Security Copilot leading the way. However, there are inherent risks, such as over-reliance on AI and potential bypass methods by attackers. The article also touches on the ethical considerations of AI in security, emphasizing the importance of unbiased and representative training data.

What’s the importance of this article? The article delves into the increasing role of AI in cybersecurity, highlighting both its advantages and challenges. As cyber threats evolve, understanding the potential of AI and its limitations becomes crucial for organizations aiming to bolster their defenses.

How could this affect me? With the growing integration of AI in cybersecurity tools and solutions, individuals and businesses need to be aware of its capabilities and limitations. Over-reliance on AI could lead to vulnerabilities, while a balanced approach, combining AI with human expertise, can offer robust protection against cyber threats.

Cybersecurity Tip of the Issue

Beware of Deepfake Technologies

Summary: Deepfakes are artificial intelligence-powered manipulations of audio and video. They can make it appear as though someone said or did something they didn't. As the technology behind deepfakes becomes more advanced, it's becoming increasingly difficult to distinguish between real and manipulated content.

Why is this important? Deepfakes can be used maliciously to spread misinformation, tarnish reputations, or even commit fraud. Being aware of this technology and its potential misuse is crucial in today's digital age to avoid falling for scams or spreading false information.

How to Implement:

  1. Educate Yourself: Familiarize yourself with the concept of deepfakes and how they are created.

  2. Verify Information: Before sharing a controversial video or audio clip, verify its authenticity through trusted news sources or fact-checking websites.

  3. Use Detection Tools: There are several tools and software available that can help detect deepfakes. Consider using them if you're unsure about the authenticity of a piece of media.

  4. Stay Updated: As with all cybersecurity threats, the landscape is ever-evolving. Stay updated on the latest advancements in deepfake technology and the tools to combat them.

Platform-Specific Vulnerabilities and Pertinent News

iOS

Apple Patches “Clickless” 0-Day Image Processing Vulnerability in iOS, macOS

Source: Ars Technica

Summary: Apple has rolled out security updates across its platforms, including iOS, iPadOS, macOS, and watchOS, to address zero-day security vulnerabilities that can be exploited through a maliciously crafted image or attachment. These vulnerabilities, identified as CVE-2023-41064 and CVE-2023-41061, were reported by the Citizen Lab and are referred to as "BLASTPASS." The vulnerabilities can be triggered without any user interaction, making them particularly dangerous.

Exploitation: The "BLASTPASS" vulnerabilities can be exploited by simply loading a malicious image or attachment. This can occur in various apps, including Safari, Messages, WhatsApp, and other first- and third-party applications. These are also termed as "zero-click" or "clickless" vulnerabilities.

Mitigation: Users can proactively protect themselves against such vulnerabilities by enabling Lockdown Mode on their iOS and macOS devices. This mode blocks many attachment types and deactivates link previews, which are common attack vectors for these types of vulnerabilities. Apple's Security Engineering and Architecture team has confirmed that Lockdown Mode effectively blocks this specific attack.

iPhone 15 vs. iPhone 15 Pro: Which Should You Buy?

Source: 9to5Mac

Summary: The article provides a detailed comparison between the iPhone 15 and iPhone 15 Pro. It highlights the differences in camera capabilities, display, battery life, and price. The iPhone 15 Pro boasts a 120Hz ProMotion display, improved low-light photography, and ProRAW video recording, making it a favorite among professionals and enthusiasts.

What’s the importance of this article? With the recent launch of the iPhone 15 series, many consumers are faced with the decision of choosing between the standard iPhone 15 and the more advanced iPhone 15 Pro. This article provides a comprehensive comparison to help potential buyers make an informed decision.

How could this affect me? If you're considering upgrading your iPhone or switching to an iPhone, this article offers insights that can guide your purchase decision. Knowing the differences and similarities can help you choose a model that best fits your needs and budget.

Android

How to Change the Color of Text Bubbles on Android

Source: Android Police 

Summary: Texting on Android has seen significant improvements over the years, especially with the introduction of RCS chat features. This guide provides steps on how to change the color of text bubbles on Android, enhancing the visual appeal and readability of messages. The article discusses changing text bubble colors using Material You theming, accessibility features, and alternative texting apps.

What’s the importance of this article? The article is essential for Android users who wish to customize their messaging experience, ensuring that their conversations are both visually appealing and easily readable.

How could this affect me? Customizing text bubble colors can enhance the user experience, making conversations more engaging and ensuring that text is easily readable based on individual preferences or needs.

Android's September Security Update Fixes Actively Exploited Zero-Day and More

Source: ZDNET 

Summary: Google's recent security bulletin highlighted a high-severity zero-day vulnerability (CVE-2023-35674) in Android that is currently under targeted exploitation. This vulnerability allows threat actors to escalate privileges without user interaction.

Exploitation: The vulnerability allows attackers to escalate privileges on an Android device without any user interaction, making it a prime target for malicious actors.

Mitigation: Users are advised to update their Android devices with the latest security patches immediately to protect against this vulnerability.

macOS

New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App

Summary: A new variant of the XLoader malware for macOS has been discovered, disguising its malicious features under an app named "OfficeNote." This version of XLoader is bundled inside an Apple disk image named "OfficeNote.dmg." The malware, first detected in 2020, is an information stealer and keylogger. The latest version of XLoader bypasses previous limitations by using languages like C and Objective C.

What’s the importance of this article? This article highlights the evolving nature of malware targeting macOS. The new variant of XLoader, disguised as a productivity app, indicates that cybercriminals are using sophisticated methods to target macOS users, especially those in a working environment.

How could this affect me? If you're a macOS user, especially in a professional setting, you could be at risk of this malware. It attempts to steal browser and clipboard data, which could lead to further compromises.

Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability

Summary: Adobe's September 2023 update addresses a critical security flaw in Acrobat and Reader that is actively being exploited. This vulnerability, tracked as CVE-2023-26369, affects both Windows and macOS versions of the software. Successful exploitation could lead to code execution when a specially crafted PDF document is opened.

What’s the importance of this article? Adobe's software, especially Acrobat and Reader, is widely used across various platforms. An actively exploited vulnerability in such software poses a significant risk to users, as it can allow attackers to execute malicious code.

How could this affect me? If you use Adobe Acrobat or Reader on your macOS device, you could be at risk. Opening a malicious PDF could lead to unauthorized code execution on your device, compromising your data and security.

Windows 10

Microsoft Reminds Users Windows Will Disable Insecure TLS Soon

Summary: Microsoft has issued a reminder to its users that insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols will soon be disabled in upcoming Windows releases. These protocols have been used for nearly two decades to protect users against eavesdropping, tampering, and message forgery during online communications. The change will only apply to future Windows operating systems, and existing versions will not be affected. Starting from Windows 11 Insider Preview builds in September 2023, TLS versions 1.0 and 1.1 will be disabled by default, though there will be an option to re-enable them for compatibility reasons.

What’s the importance of this article? This article highlights Microsoft's ongoing efforts to enhance security by phasing out outdated encryption protocols. As cyber threats continue to evolve, it's crucial for companies to update and strengthen their security measures to protect users.

How could this affect me? If you are using older applications or systems that rely on TLS 1.0 or 1.1, you might face compatibility issues once these protocols are disabled. It's advisable to update or replace any software that still uses these outdated protocols to ensure uninterrupted and secure operations.

Microsoft Will Block 3rd-Party Printer Drivers in Windows Update

Summary: Microsoft has announced a significant shift in its printer driver strategy over the next four years. The company will block third-party printer driver delivery in Windows Update. This change is part of Microsoft's efforts to enhance the security of the Windows ecosystem. Printer driver vulnerabilities have often gone unnoticed for years, posing significant security risks to users. Starting in 2025, Microsoft will no longer accept driver submissions from printer vendors, and by 2026, the company will prioritize its in-house Windows Internet Printing Protocol (IPP) Class drivers.

What’s the importance of this article? The article underscores Microsoft's commitment to bolstering the security of its operating system by reducing potential vulnerabilities associated with third-party printer drivers. By phasing out these drivers, Microsoft aims to provide a safer environment for its users.

How could this affect me? If you rely on third-party printer drivers, you might need to seek alternative installation methods in the future. While existing drivers will continue to function, new drivers will not be published to Windows Update after 2025. It's essential to stay informed and prepared for these changes to ensure seamless printing operations.

Windows 11

Get MS Office and Windows 11 Pro for Life — Just $60

Source: Mashable 

Summary: As of September 16, a bundle of Microsoft Office Pro 2021 for Windows and Windows 11 Pro is available for only $59.99 instead of $418.99, offering a savings of 85%. This bundle provides users with a lifetime license to commonly used Microsoft Office apps and the latest Windows 11 Pro operating system.

What’s the importance of this article? This article highlights a significant discount on a bundle that includes Microsoft Office Pro 2021 and Windows 11 Pro. It emphasizes the value of having up-to-date software to enhance productivity and make the most of computer hardware features.

How could this affect me? For those considering an upgrade to the latest Microsoft software, this deal offers a cost-effective solution. Users can access the latest features and improvements without the high costs usually associated with such software upgrades.

Windows 11: Microsoft Edge Tests AI-Writing with Powerhouse Duo, ChatGPT, and Bing A

Source: OnMSFT.com 

Summary: Microsoft is testing a new AI writing tool in Microsoft Edge that aims to transform online content creation. Powered by GPT-4 technology and Bing AI, this tool can reproduce webpage text in a tailored tone, allowing users to customize it to their preferences. The AI tool can also rearrange text in various formats, from standard paragraphs to email layouts. This feature is currently in the testing phase in the Canary version of Chromium Edge.

What’s the importance of this article? The introduction of an AI writing tool in Microsoft Edge represents a significant advancement in content creation. It offers users a unique digital experience tailored to their style or business needs and can be a valuable asset for bloggers, researchers, and professionals.

How could this affect me? The AI writing tool can simplify content creation tasks, from drafting emails to writing blog posts. However, users should be aware of potential challenges with plagiarism detection and ensure ethical use of the tool.

Scams to Watch Out For

How Malware Scammers Steal Your Money

Source: YouTube

Summary: The video depicts a scenario where an individual is lured into a scam through an enticing advertisement on social media. The scammer convinces the victim to download an app, which contains malware, giving the scammer remote access to the victim's device. The scammer then records the victim's bank app credentials and later, without the victim's knowledge, accesses the bank app, increases transfer limits, adds new payees, and transfers funds out of the account. The video emphasizes the importance of strong security features and advises viewers to only download apps from official app stores to prevent such scams.

Key Takeaways:

  • Scammers use enticing ads on social media to lure victims.

  • Victims are tricked into downloading apps containing malware.

  • The malware allows scammers to remotely access and control the victim's device.

  • Scammers record bank app credentials and make unauthorized transactions.

  • It's crucial to only download apps from official app stores and avoid apps from unknown sources.

Thank You, Hard Targets!

Thank you for diving deep into this edition of the Cybersecurity Crucible. Your dedication to fortifying your digital defenses and staying informed is truly admirable. As we continue to navigate the complex world of cybersecurity, your engagement makes all the difference. If you've found value in our insights, please consider spreading the word. Every person we educate becomes another "hard target" in the vast digital landscape.

Links

Kingdom Dominion Security & Technology

Reply

or to participate.