A quick Saturday digest of cybersecurity news articles from other sources.
April Fool’s Day Edition
Dangerous Android phone 0-day bugs revealed – patch or work around them now!
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation
Based on information from public websites that map chipsets to devices, affected products likely include:
- Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series;
- Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series;
- The Pixel 6 and Pixel 7 series of devices from Google; and
- any vehicles that use the Exynos Auto T5123 chipset.
In the meantime, these bugs can apparently be sidestepped in your device settings, if you:
- Turn off Wi-Fi calling.
- Turn off Voice-over-LTE (VoLTE).
Burning Space Junk Creates Mysterious Lights in California Sky
Bright streaks observed Friday March 17 (St. Patrick’s Day) were jettisoned equipment from the International Space Station re-entering Earth’s atmosphere. See the video
SEC proposes stronger cybersecurity rules
The US Securities and Exchange Commission is proposing a number of new cybersecurity rules including a requirement that broker-dealers and other entities notify their clients within 30 days of a data breach. “Critically, firms would need to help customers understand how to protect themselves from harm that might result from the breach,” says SEC Chair Gary Gensler.
CISOs need a plan for handling generative AI risks
Matt Kelly, CEO of Radical Compliance, outlines the key questions that security leaders must consider in order to deal with the operational and supply chain risks posed by generative and advanced artificial intelligence. These include whether they have the necessary oversight structures, policies and people to deal with AI-enabled work, as well as support both from the top and across the business.
Full Story: NAVEX Global Ethics & Compliance Matters (3/15)
Google Pixel phones had a serious data leakage bug – here’s what to do!
What if the “safe” images you shared after carefully cropping them… had some or all of the “unsafe” pixels left behind anyway?
Windows 11 also vulnerable to “aCropalypse” image data leakage
Turns out that the Windows 11 Snipping Tool has the same “aCropalypse” data leakage bug as Pixel phones. Here’s how to work around the problem…
Google opens Bard AI wait list
Google has opened up a wait list for Bard, its generative AI chatbot. It appears to be a direct competitor of ChatGPT and GPT-4, the generative AI from startup OpenAI, which Microsoft uses in its Bing Chat. [Bob says: I was invited to the waitlist two weeks ago and accepted in two days. Check out my first experiment with Bard
Ransomware gangs’ harassment of victims is increasing
The harassment reported by Palo Alto Networks Unit 42 typically takes the form of phone calls and emails directed toward employees, C-suite executives and even customers. Must read…
Report: 1 in 5 Americans have considered quitting, working for themselves
The appeal of owning your own business applies to all generations due to layoffs, the erosion of corporate trust and financial instability, according to HoneyBook and The Harris Poll.
Bob comments: In my own professional career I have experienced dozens of lay offs, mergers, bankruptcies and other forms of job loss. I realized that my financial goals were never going to be achieved as long as my income was in the hands of others. I started my own business in 2001 (my third attempt – try try again) and did much better financially on my own. Plus no pointless meetings or stupid rules. If this is where the employees have all gone, I wish them luck, and hope they enjoy the success I had.
ChatGPT explained DHCP to me in ‘gangsta’ terms
Posted by u/yaheaaard Up The Cert Path
edit : thanks for all the support on the funny, hope I could help all the fellow gangsters studying for A+. May all your ports be pimpin pimpin and all your terms be thuggin thuggin
JCDC Cultivates Pre-Ransomware Notification Capability
03/23/2023 08:00 AM EDT
In today’s blog post, Associate Director of the Joint Cyber Defense Collaborative (JCDC) Clayton Romans highlighted recent successes of pre-ransomware notification and its impact in reducing harm from ransomware intrusions. With pre-ransomware notifications, organizations can receive early warning and potentially evict threat actors before they can encrypt and hold critical data and systems for ransom. Using this proactive cyber defense capability, CISA has notified more than 60 entities of early-stage ransomware intrusions since January 2023, including critical infrastructure organizations in the Energy, Healthcare and Public Health, Water and Wastewater Systems sectors, as well as the education community.
The pre-encryption ransomware notification was cultivated with the help of the cybersecurity research community and through CISA’s relationships with infrastructure providers and cyber threat intelligence companies.
For more information, visit #StopRansomware. To report early-stage ransomware activity, visit Report Ransomware. CISA also encourages stakeholders and network defenders to review associate director Romans’ post, Getting Ahead of the Ransomware Epidemic: CISA’s Pre-Ransomware Notifications Help Organizations Stop Attacks Before Damage Occurs, to learn more about CISA’s Pre-Ransomware Notification Initiative.
Please share your thoughts. We recently updated our anonymous Product Feedback Survey and we’d welcome your feedback.
[Bob says: WOW!! Your tax dollars at work doing something really useful for a change!]
Massive adversary-in-the-middle phishing campaign bypasses MFA and mimics Microsoft Office
Microsoft has already seen millions of phishing emails sent every day by attackers using this phishing kit. Learn how to protect your business from this AitM campaign.
[Bob says: I like Adversary in the Middle better than On Path Attack as the politically correct non-sexist replacement for Man in the Middle.]
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com