Tag Archive for: leaks

Apple Chip Flaw Leaks Secret Encryption Keys

/in


The next time you stay in a hotel, you may want to use the door’s deadbolt. A group of security researchers this week revealed a technique that uses a series of security vulnerabilities that impact 3 million hotel room locks worldwide. While the company is working to fix the issue, many of the locks remain vulnerable to the unique intrusion technique.

Apple is having a tough week. In addition to security researchers revealing a major, virtually unpatchable vulnerability in its hardware (more on that below), the United States Department of Justice and 16 attorneys general filed an antitrust lawsuit against the tech giant, alleging that its practices related to its iPhone business are illegally anticompetitive. Part of the lawsuit highlights what it calls Apple’s “elastic” embrace of privacy and security decisions—particularly iMessage’s end-to-end encryption, which Apple has refused to make available to Android users.

Speaking of privacy, a recent change to cookie pop-up notifications reveals the number of companies each website shares your data with. A WIRED analysis of the top 10,000 most popular websites found that some sites are sharing data with more than 1,500 third parties. Meanwhile, employer review site Glassdoor, which has long allowed people to comment about companies anonymously, has begun encouraging people to use their real names.

And that’s not all. Each week, we round up the security and privacy news we don’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

Apple’s M-series of chips contain a flaw that could allow an attacker to trick the processor into revealing secret end-to-end encryption keys on Macs, according to new research. An exploit developed by a team of researchers, dubbed GoFetch, takes advantage of the M-series chips’ so-called data memory-dependent prefetcher, or DMP. Data stored in a computer’s memory have addresses, and DMP’s optimize the computer’s operations by predicting the address of data that is likely to be accessed next. The DMP then puts “pointers” that are used to locate data addresses in the machine’s memory cache. These caches can be accessed by an attacker in…

Source…

Scientists Hack Weather Satellite Data to Quantify Methane Leaks

/in


(Bloomberg) — Satellites sitting more than 22,200 miles (35,700 kilometers) above the Earth’s surface have been capturing storms and weather data for decades. Now, scientists have essentially hacked the data coming back for another purpose: spotting methane emissions.

Most Read from Bloomberg

The innovation could have far-reaching consequences for fossil fuel operators unable or unwilling to halt major methane releases because it allows researchers to observe emissions every five minutes and estimate the total amount emitted. The approach, which uses shortwave infrared observations from the National Oceanic and Atmospheric Administration’s Geostationary Operational Environmental Satellites (GOES), can detect large-emitting events of around tens of metric tons an hour or larger.

Satellites observe concentrations of methane from space by analyzing the way sunlight reflects off the Earth. As light passes through a cloud of the gas, its intensity is weakened on certain wavelengths. Methane absorbs light in the short-wave infrared portion of the electromagnetic spectrum. Although the GOES system wasn’t built to detect methane, its sensor includes short-wave infrared channels designed to observe things like snow cover and fire hot spots.

The new technique is already being used by geoanalytics firms and scientists to quantify major emissions events in North America. Kayrros SAS used the approach to estimate that a fossil gas pipeline spewed about 840 metric tons of methane into the atmosphere after it was ruptured by a farmer using an excavator. That’s very close to the 50.9 million cubic feet of gas operator Williams Cos. said leaked, which works out to about 900 metric tons of methane. The short-term climate impact of the event was roughly equal to the annual emissions from 17,000 US cars.

Read more: Regulators Probe Why Williams Took More Than an Hour to Halt a Methane Leak

The new approach, which was executed for the first time last year by scientists at Harvard University, enables near continuous, real-time coverage and contrasts with all other satellites currently used to detect methane, which are in low-Earth orbit and snap images as they circumnavigate the…

Source…

Group-IB reveals Hi-Tech Crime Trends 23/24: surge in ransomware, leaks, and info stealers targeting Middle East and Africa

/in


(MENAFN– Active DMC) Dubai, February 28, 2024 — Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, has presented a comprehensive overview of the cyber threat landscape in the Middle East and Africa (MEA) for the years 2023/2024 with the release of its annual Hi-Tech Crime Trends report. The report provides a thorough analysis of how cybersecurity challenges in the MEA region have evolved. In 2023, Group-IB’s researchers identified a 68% surge in the number of ransomware attacks, with financial services and real estate companies emerging as the most common victims. The Gulf Cooperation Council (GCC) countries, South Africa, and Turkey were the most frequently targeted locales by Ransomware-as-a-Service (RaaS) affiliates. Information stealers pose a significant concern, impacting 297,106 infected devices in the MEA region whose logs were made available on Underground Clouds of Logs (UCL), and an additional 903,002 hosts, logs from which were put up for sale on underground markets. Additionally, 152 new data leaks were detected in the MEA region in 2023.

Nation-state sponsored hackers target MEA

Group-IB researchers discovered that the Middle East and Africa was a significant target for advanced persistent threats (APTs), also known as nation-state sponsored groups, last year. Overall, Group-IB attributed 523 attacks to nation-state actors across the globe in 2023. Attacks on MEA organizations accounted for 15% of the global total, numbering 77, with Group-IB experts asserting that this may be due to ongoing geopolitical conflicts in the region, along with MEA’s importance to the global energy market.

The top targeted locales in the MEA region in 2023 were Israel (14 attacks), Turkey (12) and the GCC region (8). Government and military organizations suffered the most APT attacks in the MEA region, totalling 20. Transportation (8 attacks) and telecommunications (7) were the second and third most targeted sectors, respectively.

Attacks coordinated by groups such as APT42, Oilrig and Hexane (all from MEA) reflect the desire of certain countries in the region to strengthen their…

Source…

Data leaks, AI and ransomware topped the headlines in 2023 for SC Media

/in


Ransomware, cloud leaks and AI — oh my! It was a year when both old and new cyber threats shared center stage, while cybersecurity teams also raced to meet creeping compliance deadlines.

Here is a roundup of 10 of SC Media’s most-viewed stories this year, including a mix of news, analysis and opinion, as well as “honorable mentions” that hit on the topics that mattered most to you.

1. 260K dating profiles leaked in publicly accessible ASW S3 storage

Sensitive data doesn’t get much more sensitive than the 340 GB of files leaked by an app called 419 Dating – Chat & Flirt. As we reported in July, a publicly accessible database was discovered in an Amazon Web Services S3 storage bucket by vpnMentor researcher Jeremiah Fowler, who believed the leak was most likely due to a misconfigured firewall. In addition to 260,000 user account email addresses, the database contained explicit photographs and Software Development Kit files for two other dating apps.

Honorable mentions – more on cloud security:

2. NPM software repository flooded with 15K phishing packages

This incident in February highlights dangers lurking in the open-source ecosystem. Thousands of software packages promising game cheats and increased followers on social media platforms like TikTok were uploaded to the NPM repository to lure users to phishing websites. Researchers from Checkmarx said they believed the phishing packages were distributed using an automated process and carried out through multiple user accounts, making it difficult to quickly detect and remove the malicious packages.

Honorable mentions – more on phishing:

3. Google details 0-click bug in Pixel 6 modem

This vulnerability — or rather, a combination of two critical vulnerabilities — could allow an adversary with the right resources to hijack a victim’s Android handset simply by initiating a phone call. Because the exploit relies on the ability to downgrade the Pixel 6’s cellular modem communication to 2G, the Android Red Team members who disclosed the bug at Black Hat in August recommended that all Android users disable 2G communication.

Honorable mentions – more on vulnerability management:

4. Cybercriminals are already using ChatGPT to…

Source…