Cyber Security News January 2019

This posting is here to collect cyber security news in January 2019.

I post links to security vulnerability news to comments of this article.

If you are interested in cyber security trends, read my Cyber security trends 2019 posting.

You are also free to post related links.

 

412 Comments

  1. Tomi Engdahl says:

    New York state is investigating Apple’s response to the FaceTime bug
    https://www.theverge.com/2019/1/30/18204213/apple-facetime-bug-new-york-state-investigation

    ‘New Yorkers shouldn’t have to choose between their private communications and their privacy rights’

    New York state Attorney General Letitia James has launched an investigation into the circumstances of Apple’s recent FaceTime bug. The bug, which allowed callers to listen and watch through a phone’s camera before a call was picked up, became public on Monday, and Apple has since disabled the relevant feature. The AG’s office will be focusing on Apple’s slow response to the bug, which was reported to the company more than a week before it became public.

    Reply
  2. Tomi Engdahl says:

    Apple Allegedly Knew There Was a Critical Bug in FaceTime, Decided to Ignore It
    User says he reported the issue to Apple a week ago
    https://news.softpedia.com/news/apple-allegedly-knew-there-was-a-critical-bug-in-facetime-decided-to-ignore-it-524735.shtml?utm_source=spd_sidebar&utm_medium=spd_newspage&utm_campaign=spd_related

    A major vulnerability in FaceTime allows anyone to see and hear contacts before they answer a group call, and Apple decided to suspend the feature completely until a fix is released.

    And while the discovery has prompted an instant reaction of the Cupertino-based tech giant, it looks like the company actually knew there was a critical issue in Group FaceTime, only that it didn’t do anything about it.

    Twitter user @MGT7500 posted a message on January 21 to warn of a major bug in FaceTime that would have enabled anyone to listen on contacts even when calls weren’t answered.

    “My teen found a major security flaw in Apple’s new iOS. He can listen in to your iPhone/iPad without your approval. I have video. Submitted bug report to @AppleSupport…waiting to hear back to provide details. Scary stuff!” the original tweet reads.

    “Apple never answered”

    But as it turns out, Apple actually ignored the report and the company only acted to block exploits earlier today when the vulnerability made the headlines.

    Reply
  3. Tomi Engdahl says:

    Apple blocks Google from running its internal iOS apps
    https://www.theverge.com/2019/1/31/18205795/apple-google-blocked-internal-ios-apps-developer-certificate

    Google joins Facebook in Apple’s banning spree

    Apple shut down Google’s ability to distribute its internal iOS apps earlier today. A person familiar with the situation told The Verge that early versions of Google Maps, Hangouts, Gmail, and other pre-release beta apps stopped working alongside employee-only apps like a Gbus app for transportation and Google’s internal cafe app. The block came after Google was found to be in violation of Apple’s app distribution policy, and followed a similar shutdown that was issued to Facebook earlier this week.

    TechCrunch and Bloomberg’s Mark Bergen reported late Thursday that the apps’ functionality had been restored; Apple appears to have worked more closely with Google to fix this situation

    Reply
  4. Tomi Engdahl says:

    India’s largest bank SBI leaked account data on millions of customers
    https://techcrunch.com/2019/01/30/state-bank-india-data-leak/

    India’s largest bank has secured an unprotected server that allowed anyone to access financial information on millions of its customers, like bank balances and recent transactions.

    The server, hosted in a regional Mumbai-based data center, stored two months of data from SBI Quick, a text message and call-based system used to request basic information about their bank accounts by customers of the government-owned State Bank of India (SBI), the largest bank in the country and a highly ranked company in the Fortune 500.

    Reply
  5. Tomi Engdahl says:

    FBI Mapping ‘Joanap Malware’ Victims to Disrupt the North Korean Botnet
    https://thehackernews.com/2019/01/north-korea-hacker.html

    The United States Department of Justice (DoJ) announced Wednesday its effort to “map and further disrupt” a botnet tied to North Korea that has infected numerous Microsoft Windows computers across the globe over the last decade.

    Dubbed Joanap, the botnet is believed to be part of “Hidden Cobra”—an Advanced Persistent Threat (APT) actors’ group often known as Lazarus Group and Guardians of Peace and backed by the North Korean government.

    Reply
  6. Tomi Engdahl says:

    New security flaw impacts 5G, 4G, and 3G telephony protocols
    https://www.zdnet.com/article/new-security-flaw-impacts-5g-4g-and-3g-telephony-protocols/

    Researchers have reported their findings and fixes should be deployed by the end of 2019.

    A new vulnerability has been discovered in the upcoming 5G cellular mobile communications protocol. Researchers have described this new flaw as more severe than any of the previous vulnerabilities that affected the 3G and 4G standards.

    Further, besides 5G, this new vulnerability also impacts the older 3G and 4G protocols, providing surveillance tech vendors with a new flaw they can abuse to create next-gen IMSI-catchers that work across all modern telephony protocols.

    Reply
  7. Tomi Engdahl says:

    This is how YouTube influencer scam artists operate
    https://www.zdnet.com/article/this-is-how-youtube-influencer-scam-artists-operate/

    The scams look credible but the only gift on offer is the loss of your personal data.

    A scam striking the followers of YouTube influencers which offers lucky fans free gifts from their favorite stars has been in operation far longer than first thought.

    Reports surfaced last week of the fraudulent scheme, in which YouTube influencers including Philip DeFranco, Jeffree Star, and Bhad Bhabie are being impersonated by scam artists seeking to cash in on their fame.

    While the campaign appeared to be fairly new — although low-bar — researchers from RiskIQ believe that the scam could have been in operation since 2016.

    On Wednesday, RiskIQ researcher Yonathan Klijnsma published a blog post examining the scam in detail.

    YouTube Impersonation Scams Offering Fake Rewards are Running Wild
    https://www.riskiq.com/blog/labs/youtube-impersonation-scams/

    Reply
  8. Tomi Engdahl says:

    APT reports
    Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities
    https://securelist.com/chafer-used-remexi-malware/89538/

    Throughout the autumn of 2018 we analyzed a long-standing (and still active at that time) cyber-espionage campaign that was primarily targeting foreign diplomatic entities based in Iran. The attackers were using an improved version of Remexi in what the victimology suggests might be a domestic cyber-espionage operation. This malware has previously been associated with an APT actor that Symantec calls Chafer.

    Reply
  9. Tomi Engdahl says:

    Airbus Suffers Data Breach, Some Employees’ Data Exposed
    https://thehackernews.com/2019/01/airbus-data-breach.html

    European airplane maker Airbus admitted yesterday a data breach of its “Commercial Aircraft business” information systems that allowed intruders to gain access to some of its employees’ personal information.

    Reply
  10. Tomi Engdahl says:

    Zack Whittaker / TechCrunch:
    Apple restores Google’s internal iOS apps after certificate misuse punishment — Apple has blocked Google from distributing its internal-only iOS apps on its corporate network after a TechCrunch investigation found the search giant abusing the certificates.

    Apple restores Google’s internal iOS apps after certificate misuse punishment
    https://techcrunch.com/2019/01/31/apple-ban-google-data-app/

    Chance Miller / 9to5Mac:
    Facebook says Apple has restored its access to enterprise certificates, bringing internal apps back online — Update: In a leaked memo obtained by Business Insider, Facebook continues to defend its Research app, as well as its decision to distribute it via enterprise certificates.

    Facebook says Apple has restored its access to enterprise certificates, bringing internal apps back online
    https://9to5mac.com/2019/01/31/facebook-enterprise-certificates-online/

    Update: In a leaked memo obtained by Business Insider, Facebook continues to defend its Research app, as well as its decision to distribute it via enterprise certificates.

    Reply
  11. Tomi Engdahl says:

    Ethical Hacker Exposes Magyar Telekom Vulnerabilities, Faces 8 Years in Jail
    https://www.bleepingcomputer.com/news/security/ethical-hacker-exposes-magyar-telekom-vulnerabilities-faces-8-years-in-jail/

    An ethical hacker who discovered a security vulnerability in Magyar Telekom’s IT systems during April 2018 is currently being investigated by the Hungarian Prosecution Service after the company filed a complaint and faces 8 years in prison, local Hungarian media reports.

    The security expert announced Magyar Telekom of the security issues affecting their systems

    allow potential attackers to “access all public and retail mobile and data traffic and monitor the servers of the companies served by T-Systems,” says Hungary Today.

    HCLU previously helped defend other Hungarian white hats
    HCLU further commented the case declaring that white hats shouldn’t be prosecuted given that they are providing a service that, in the end, helps the entire society. On the other hand, the Hungarian Prosecutor’s Office argues that the defendant “crossed a line and due to the danger his actions may have posed to society, he must face the consequences of criminal law.”

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*