Telefónica Tech Boletim semanal de Cibersegurança 29 Abril – 5 Maio Vulnerabilidade crítica nos firewalls Zyxel O fabricante de equipamentos de rede Zyxel lançou patches de segurança para uma vulnerabilidade crítica que afeta seus firewalls. A vulnerabilidade, que foi descoberta e relatada...
Telefónica Tech Boletim semanal de Cibersegurança 15 – 21 Abril Google corrige duas novas vulnerabilidades de 0-day exploradas ativamente O Google emitiu novos avisos de segurança sobre a identificação de vulnerabilidades de 0-day que afeta o navegador Chrome que está...
Mobile phone Surveillance: Who’s listening to your calls?ElevenPaths 12 abril, 2016 In the current digital world, espionage is much more common than we think. Revelations from Edward Snowden that the NSA hacked SIMs to spy on mobile conversations prove that physical proximity is no longer necessary for surveillance. It is for this reason that mobile gadgets make ideal tools for surveillance. This is due to the many devices that tend to include microphones, cameras, GPS, WIFI or storage capacity. Hackers are easily able to keep watch on their victims by simply infecting a mobile phone or interfering with wireless communications – often without cutting-edge technology. So while the benefits of increased online and mobile working are widely accepted – and these include ubiquitous access to information, flexibility and improved productivity – are companies aware of the risks and more importantly prepared to step up and manage them? The thing about mobile surveillance is that it is usually a targeted attack, with the objectives of the surveillance preselected. Top executives and politicians for instance are often targeted because they manage strategic plans that have great economic impact. Attacks of this kind tend to include social engineering strategies and are very often associated with advanced persistent threats. The simple truth is that a mobile ecosystem requires a permeable security perimeter through which legitimate communications can flow. However, criminal organisations can make use of these channels to steal information or boycott the corporate infrastructure. The implementation of enterprise mobile strategies involves a higher degree of vulnerability, which can and should be efficiently managed. Let’s look at some of the techniques used in cellphone surveillance: How is voice communication intercepted? There are a number of methods in which voice communication could be intercepted. These include: Interception of public mobile networks: 2G networks are not a secure communication channel. Hackers can make use of inhibition devices (such as Jammer) to force a downgrade from 3G or 4G networks to 2G, in order to listen through specialised devices. Man in the middle: ARP (Address Resolution Protocol) spoofing can allow an attacker to intercept data frames on a network, modify or stop all traffic. It is also possible to intercept the communications by means of rogue hotspots or antennas. SSLStrip can then force a victim’s device into communicating with an adversary, replacing HTTPS protocols by plain-text over HTTP. Risks in the Public Switched Telephone Network (PSTN): Communications are unencrypted – as in the case of voice and SMS text – while they go through the core operator infrastructure. Other risks are uncontrolled call forwarding and spoofing. Malware installed on the device: Malware can intercept packages between the call application and the operating system, or even capture the voice directly accessing the microphone software controllers. What features should a secure call system fulfil? A secure call system works by making voice digitised, encrypted and transmitted in data packets through the mobile data network. The product should combine telephone and messaging protection, powered by security mechanisms and advanced point-to-point encryption technologies compatible with IP communication. So what can companies and individuals to to secure calls? There are three main ways. Secure the smartphone: There are two modalities of secure smartphones. Firstly, a device built from the ground up with specific hardware and a secured OS. Second, modality deals with popular devices that includes a pre-installed secured OS. In both cases secured OS’s consist of high-end mobile threat protection components, containerisation, encrypted storage, remote management and authentication system. These are usually the most expensive solutions and less flexible. Secure add-ons: Physical components such as smartphone cases or SD memories, which address the voice encryption by means of an encryption processor included in the add-on itself. It wouldn’t matter if the device itself became infected since the information goes through the component encrypted. Secure call apps: These apps allow users to make end-to-end encrypted phone calls from the most popular mobile OS’s. The user experience is similar to the pre-installed non-secure call application. Contacts and messages are encrypted and stored by the app itself. What does an optimal solution look like? In a general corporate setting, hardware solutions can be difficult to deploy as they require a different smartphone model, a second smartphone or some kind of attached hardware. This may discourage users from making calls and may generate a fake sense of security in the security department. As a result, hardware solutions are not especially suitable for a general business. These solutions may be helpful for a limited group of senior managers or for the most security demanding environments such as the military, government, or companies that need the upmost protection level. Edward Snowden brought to light the need to protect company communications, and to update security to the digital age – against malware, network attacks, exploits or any other type of attack that could impact businesses significantly. Secure call applications combined with an advanced threat protection are by far cheaper and more user friendly than a secure smartphone and can be managed through a mobile device management. Eliminating surveillance doesn’t have to be complex, and businesses need to bake security prevention into their company policy from the off. *It may be of your interest: IoT – The new security headache for the enterprise IT department? BANDS: Detección proactiva de amenazas en infraestructuras críticas Francisco Oteiza francisco.oteiza@11paths.com Nossa passagem pelo SSIG 2016 (Parte I)[Especial Abril] Materialidade pericial em meios informáticos
Telefónica Tech Boletim semanal de Cibersegurança 11 – 17 Fevereiro Apple corrige 0-day explorado ativamente A Apple emitiu vários avisos de segurança para corrigir uma vulnerabilidade de 0-day explorada ativamente. A falha de segurança, listada como CVE-2023-23529, é uma confusão...
Telefónica Tech Boletim semanal de Cibersegurança 4 – 10 Fevereiro Vulnerabilidade crítica no Atlassian Jira A Atlassian emitiu um comunicado de segurança no qual lança correções para resolver uma vulnerabilidade crítica no Jira Service Management Server e no Data Center. De...
Telefónica Tech Boletim semanal de Cibersegurança 27 Janeiro – 3 Fevereiro LockBit Green: nova variante LockBit Pesquisadores da vx-underground detectaram recentemente que uma nova variante de ransomware, chamada LockBit Green, está sendo usada pelos manipuladores de ransomware LockBit. Esta nova variante seria...
Telefónica Tech Boletim semanal de Cibersegurança 21 – 27 Janeiro Killnet visando vítimas na Espanha Esta semana, o grupo hacktivista Killnet anunciou uma campanha de ataques contra a Alemanha, levando a ataques de Negação de Serviço Distribuído (DDoS) que tornaram...
Telefónica Tech Boletim semanal de Cibersegurança 14 – 20 Janeiro Vulnerabilidades críticas nos roteadores Netcomm e TP-Link Várias vulnerabilidades foram descobertas nos roteadores Netcomm e TP-Link. Por um lado, as falhas, identificadas como CVE-2022-4873 e CVE-2022-4874, são um caso de estouro de...
Telefónica Tech Boletim semanal de Cibersegurança 31 Dezembro – 6 Janeiro Cadeia de dependência do PyTorch é violada O PyTorch, uma popular estrutura de aprendizado de máquina de código aberto, alertou os usuários que instalaram o PyTorch todas as noites entre...