• Smart Intel Briefing
  • Posts
  • The Cybersecurity Crucible - Forging Hard Targets - 25 Sep 2023 | KD Sec & Tech Secure

The Cybersecurity Crucible - Forging Hard Targets - 25 Sep 2023 | KD Sec & Tech Secure

Empowering You with the Latest Cybersecurity Updates and Tips

Introduction

Welcome Back to the Cybersecurity Crucible, Hard Targets!

Firstly, a huge thank you to everyone who has helped us grow by bringing in new subscribers. Your support is invaluable in strengthening our community and furthering our mission at KD Sec & Tech.

As you know, our semi-weekly issues, released every Monday and Friday, aim to provide you with a unique blend of critical cybersecurity updates and custom artwork. We believe that education is the best defense in the digital world, making your cybersecurity journey not only informative but also visually engaging.

If you've found value in our newsletter, we kindly ask that you share it with your network. By doing so, you're helping us educate more people and create a safer digital environment for everyone. The fewer Soft Targets there are, the less opportunity cybercriminals have to exploit vulnerabilities.

Thank you once again for being a vital part of our Cybersecurity Crucible community. Let's continue to armor up and make the digital world a safer place for all!

Cybersecurity Pop Quiz

Test Your Cybersecurity Knowledge With Our Quick Quiz: Are You a True Hard Target?

Question 1: Which of the following encryption algorithms is considered the most secure for data encryption?

  • A. DES (Data Encryption Standard)

  • B. RSA (Rivest–Shamir–Adleman)

  • C. AES (Advanced Encryption Standard)

  • D. Blowfish

Question 2: What should you do if you receive an unexpected email with a link or attachment?

  • A. Click on the link or open the attachment immediately.

  • B. Ignore the email and report it as spam.

  • C. Reply to the email asking for more information.

  • D. Check the sender's email address and verify its authenticity before taking any action.

Question 3: Why is it important to regularly update your software and operating systems?

  • A. Updates often contain new features that you might like.

  • B. Updates can slow down your computer.

  • C. Updates often fix security vulnerabilities.

  • D. There's no particular reason; it's just a recommendation.

Answers:

  1. C. AES (Advanced Encryption Standard)

  2. D. Check the sender's email address and verify its authenticity before taking any action.

  3. C. Updates often fix security vulnerabilities.

Cybersecurity News and Emerging Technology

California Governor Vetoes Bill Banning Robotrucks Without Safety Drivers

Source: Reuters

Summary: California Governor Gavin Newsom has vetoed a bill that aimed to ban autonomous trucks without human safety drivers. The bill was initially proposed to ensure road safety and protect trucking jobs. The Governor's veto allows tech companies to continue testing and potentially deploying driverless trucks on California roads.

What’s the importance of this article? The veto opens the door for advancements in autonomous vehicle technology but also raises concerns about road safety and potential job losses in the trucking industry.

How could this affect me? If you live in California, you may soon share the road with autonomous trucks. If you work in the trucking industry, this could have implications for job security.

Third-Party AI Tools Pose Increasing Risks to Organizations

Source: MIT Sloan

Summary: Organizations are increasingly relying on third-party AI tools for various functions. However, these tools can introduce vulnerabilities such as data breaches, biased algorithms, and unauthorized data access. The article stresses the need for companies to conduct thorough risk assessments before integrating these tools.

What’s the importance of this article? The article serves as a cautionary tale for organizations that are integrating third-party AI tools without fully understanding the associated risks.

How could this affect me? If your workplace uses third-party AI tools, it's crucial to be aware of the potential risks and advocate for proper security measures.

Businesses Face Increasing Cybersecurity Threats

Source: BBC News

Summary: Cybersecurity threats targeting businesses are on the rise, with ransomware attacks increasing by 62% and data breaches by 33% in the last year. The article emphasizes the need for companies to invest more in cybersecurity infrastructure and employee training.

What’s the importance of this article? The article highlights the escalating cybersecurity threats that businesses face, making it imperative to take action.

How could this affect me? If you are part of a business, small or large, the rising cybersecurity threats could directly impact your data security and financial stability.

Tech Giants Google and Apple Take Strides to Defend User Privacy Against Cell-Site Simulators

Source: ETV Bharat

Summary: Google and Apple are implementing security measures to protect users from cell-site simulators, devices that can intercept mobile communications. These simulators can be used for unauthorized surveillance and data collection. Both companies are working on updates to prevent phones from connecting to these fake towers.

What’s the importance of this article? The article brings attention to the ongoing efforts by tech giants to protect user privacy against invasive technologies.

How could this affect me? If you use a smartphone, these updates could significantly enhance your privacy and security.

Cybersecurity General Tip of the Issue

Multi-Factor Authentication: An Extra Layer of Security

Summary: Multi-Factor Authentication (MFA) is a security measure that requires multiple forms of verification before granting access to an account. It combines something you know (like a password) with something you have (like a phone) or something you are (like a fingerprint).

Why is this important? Passwords alone are increasingly insufficient for protecting your accounts. MFA adds an extra layer of security that makes it significantly harder for unauthorized users to gain access to your sensitive information.

How to Implement:

  1. Enable MFA on Important Accounts: Start by enabling MFA on your most important accounts, such as email, banking, and social media.

  2. Choose the Right Method: Opt for hardware-based authentication like security keys or biometrics over SMS-based methods, which can be intercepted.

  3. Test the Setup: After enabling MFA, perform a test to make sure it's working as expected.

  4. Keep Backup Codes: Always keep backup codes in a secure location in case you lose access to your primary authentication method.

By implementing MFA, you're adding a robust layer of security that can protect you even if your password gets compromised.

The Apple Ecosystem

Critical Security Update for iOS 17.0.1

Source: Forbes

Summary: Apple has released a critical security update, iOS 17.0.1, to address vulnerabilities that could allow attackers to execute arbitrary code on the device. The update is available for iPhone 6s and later, and it is strongly recommended to install it immediately.

Exploitation: The vulnerabilities could be exploited by tricking users into visiting a malicious website, which would then allow the attacker to execute arbitrary code on the device.

Mitigation: Update to iOS 17.0.1 as soon as possible by going to Settings > General > Software Update.

Potential iPhone 15 Issues on Launch Day

Source: Macworld

Summary: Apple has issued two support documents addressing potential issues with the iPhone 15. The first issue is related to an iOS 17.0.2 update that is not pre-installed on the first batch of iPhones. The second issue concerns the iPhone 15 Pro models, where the oil from your skin might temporarily alter the color of the outside band.

What's the importance of this article? The article informs early adopters of the iPhone 15 about potential issues they may face, including software updates and physical alterations.

How could this affect me? If you are planning to buy or have already bought an iPhone 15, being aware of these issues can help you take preventive measures.

The Apple Ecosystem Security Tip of the Issue

Enable Two-Factor Authentication on Apple Devices

Summary: Two-factor authentication adds an extra layer of security to your Apple ID by requiring not only your password but also a verification code from a trusted device.

Why is this important? With the increasing number of cyber threats, securing your Apple ID is crucial. Two-factor authentication ensures that even if someone knows your password, they can't access your account without the verification code.

How to Implement:

  1. Go to Settings on your iPhone.

  2. Tap on your Apple ID at the top.

  3. Go to Password & Security.

  4. Tap on Turn On Two-Factor Authentication and follow the on-screen instructions.

Samsung & Android

Android 14 Beta Introduces Webcam Feature

Source: The Verge

Summary:
The Android 14 Beta has rolled out a new webcam feature exclusively for Google Pixel users. This feature allows the phone to serve as a webcam when connected to a computer via USB. It is seen as Google's answer to Apple's Continuity Camera and aims to make the Pixel phones more versatile.

What's the importance of this article?
The introduction of this feature is a significant step in enhancing the utility of Google Pixel phones. It not only adds a new layer of functionality but also positions the Pixel series as a strong competitor against Apple's ecosystem.

How could this affect me?
If you are a Google Pixel owner, this feature could eliminate the need for a separate webcam, thereby saving you money. It also adds to the overall versatility of your device, making it a more valuable investment.

Security Threats Android Users Face in 2023

Source: MakeUseOf

Summary:
The article provides an in-depth look at the security threats Android users could face in 2023. It covers a range of issues from malware attacks, phishing scams, unpatched vulnerabilities, to risks associated with public Wi-Fi and USB charging ports.

What's the importance of this article?
Understanding these threats is crucial for Android users to take preventive measures. The article not only outlines the risks but also offers mitigation strategies, making it a comprehensive guide for securing Android devices.

How could this affect me?
Being aware of these threats allows you to take appropriate security measures, such as keeping your software updated and being cautious with app permissions. This knowledge could be the difference between keeping your data secure and falling victim to cyber-attacks.

Samsung Leaks Its Upcoming Fan Edition Devices

Source: Engadget

Summary:
Samsung accidentally leaked its upcoming Fan Edition devices on its Argentinian website. The leak included images of a Galaxy S23 FE smartphone, Galaxy Tab S9 FE tablet, and new Galaxy Buds FE earbuds. While the specs for the phone and tablet were not disclosed, the Galaxy Buds FE are expected to feature a single 12mm driver, three microphones in each earbud for active noise cancellation, and a three-way speaker. The leak may have been intentional to grab headlines, or it could be another in a series of unintentional slip-ups by the company.

What’s the importance of this article?
The leak provides a glimpse into Samsung's future product lineup, which could be crucial for consumers making purchasing decisions. The Fan Edition devices are generally more affordable than Samsung's flagship models, making them highly anticipated each year.

How could this affect me?
If you're in the market for new Samsung devices, this leak could offer valuable insights into what to expect from the upcoming Fan Edition lineup. Knowing the features in advance could help you make a more informed decision.


Samsung & Android Security Tip of the Issue

Enable Two-Factor Authentication on Android Devices

Summary: Two-factor authentication (2FA) adds an extra layer of security to your Android device by requiring not only your password but also a verification code from a trusted source.

Why is this important? With the increasing number of cyber threats targeting Android devices, enabling 2FA can significantly enhance your device's security.

How to Implement:

  1. Go to Settings on your Android device.

  2. Tap on "Google."

  3. Tap on "Manage your Google Account."

  4. Go to the "Security" tab.

  5. Under "Signing in to Google," tap on "2-Step Verification" and follow the on-screen instructions.

Microsoft & Windows

Microsoft Windows 11 Copilot Update: Top 10 Features

Summary:
Microsoft announced a significant update to Windows 11, called Copilot, which will start rolling out on September 26. The update will introduce over 150 new features, including improvements to the Paint app, Photos, Snipping Tool, and Notepad. Some of the standout features include AI enhancements in Paint for digital creation, background blur in Photos, and text extraction in Snipping Tool. The update aims to make Windows 11 a hub for the best AI experiences.

What’s the importance of this article?
This article is crucial for Windows 11 users as it provides a comprehensive overview of the upcoming Copilot update. The update is not just a regular patch but a significant upgrade that will introduce over 150 new features aimed at enhancing user experience.

How could this affect me?
If you are a Windows 11 user, this update could significantly impact your daily computing tasks. The AI enhancements and new features could streamline your workflow, making tasks quicker and more efficient.

3 Microsoft PowerToys You Should Install on Every New PC

Source: Tom's Guide

Summary:
The article discusses the utility of Microsoft's PowerToys, a package of Windows tools that enhance the user experience. The author highlights three must-have PowerToys: FancyZones, PowerToys Run, and Mouse Without Borders. FancyZones allows for more customizable window layouts, PowerToys Run improves search functionality, and Mouse Without Borders enables seamless control across multiple PCs.

What’s the importance of this article?
This article is essential for Windows users looking to optimize their computing experience. PowerToys offers a range of utilities that can make tasks more efficient and provide functionalities that are otherwise missing in Windows.

How could this affect me?
If you're a Windows user, these PowerToys can significantly improve your workflow. FancyZones can help you manage your desktop space better, PowerToys Run can speed up your searches, and Mouse Without Borders can make multitasking across multiple PCs a breeze.

Microsoft’s Surface and AI Event: All the News and Announcements

Source: The Verge

Summary:
The article covers Microsoft's recent hardware event in New York City, where the company announced new Surface devices and AI-powered features for Windows 11, Microsoft 365, and Bing. The new Surface Laptop Studio 2 and Surface Laptop Go 3 were introduced, both with upgraded processors and better battery life. Microsoft also revealed the Surface Hub 3, an all-in-one collaborative touchscreen device. AI features like Copilot were highlighted, which will be integrated across Windows 11 and other Microsoft services.

What’s the importance of this article?
The article provides a comprehensive overview of Microsoft's latest hardware and software advancements, focusing on AI integration across various platforms. This is crucial for anyone interested in Microsoft's ecosystem, as it signals the company's future direction.

How could this affect me?
If you are a user of Microsoft products, these updates could significantly impact your user experience. The new hardware offers better performance, and the AI features promise to make tasks more efficient and integrated.

Microsoft & Windows Security Tip of the Issue

Enable Windows Defender Ransomware Protection

Summary:
Enable Windows Defender Ransomware Protection to safeguard your files and data from ransomware attacks.

Why is this important?
Ransomware attacks are increasingly common and can encrypt your files, demanding a ransom for their release. Windows Defender's built-in ransomware protection can add an extra layer of security.

How to Implement:

  1. Open Windows Security by clicking on the shield icon in the taskbar.

  2. Go to 'Virus & threat protection.'

  3. Scroll down and click on 'Manage ransomware protection' under 'Ransomware protection.'

  4. Turn on 'Controlled folder access.'

This feature will monitor changes that apps make to files in protected folders and block unauthorized or suspicious activities.

Scams to Watch Out For

Beware: Scammers are Impersonating Online Brands

Source: YouTube

Summary:
The video features Scott Knapp, Amazon's director of worldwide Buyer risk Prevention, discussing the most common scams that people should be aware of. He emphasizes the "suspicious activity scam," where scammers send texts or emails warning of suspicious activity on your account to lure you into giving personal information. He also talks about the types of information these scammers might ask for, such as credit card details and Social Security numbers and provides tips on how to protect yourself from such scams.

Key Takeaways:

  • The "suspicious activity scam" is currently the most prevalent, where you receive a text or email warning of suspicious activity on your account.

  • Scammers may ask for various types of personal information, including credit card details and Social Security numbers.

  • Be cautious of emails or messages with poor grammar or from suspicious email addresses, as these are often signs of scams.

  • Always verify the information by going directly to the company's official website or app.

Thank You, Hard Targets!

Your continued support and active engagement are invaluable to us. It's not just about reading our newsletter; it's about participating in a larger mission to enhance cybersecurity awareness and fortify our digital landscapes. You're not just passive readers—you're Hard Targets making a real difference.

As we continue to bring you valuable insights and tips, I have a small but significant favor to ask: If you haven't already implemented the cybersecurity tips we've shared, please take a moment to do so. These tips are designed to make you even more resilient against cyber threats.

Additionally, if you find value in our newsletter, could you please share it with a friend or family member and encourage them to subscribe before our next issue? The more Hard Targets we have, the safer our digital world becomes.

Thank you once again for being an integral part of our mission. Let's keep building a safer digital world, one Hard Target at a time.

Links

Kingdom Dominion Security & Technology

Reply

or to participate.