Weekly Cybersecurity News

We share this week’s important news of current events in the world of cybersecurity that directly or indirectly impact our lives as well as operations of businesses, various institutions and organizations, and governments-nation states in this highly digitalized and interconnected world.

Is your smartphone spying on you without you even knowing it?

Potential threat could be posed by ambient light sensors in smartphones, which could be exploited as makeshift cameras, allowing for unauthorized image capture. Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory demonstrated how these sensors, commonly used for adjusting screen brightness, could be repurposed to capture images of a user’s surroundings. This discovery raises concerns about privacy invasion and underscores the need for tighter permissions and enhanced security measures. Another threat is the prevalence of spyware vulnerability on smartphones, and users must look for signs of spyware presence and follow preventive measures to protect against it, keeping in mind the importance of antivirus software, regular software updates, cautious browsing habits, and user control over app permissions. Users are suggested actions such as removing unfamiliar apps, restarting devices, and restricting camera and microphone permissions to mitigate spyware risks.

Cellphone nightmare leads to ported numbers, identity theft and fight for recovery:

Cellphone users are warned about the growing threat of ported phone number scams, where hackers exploit personal information to hijack individuals’ phone numbers, gaining access to their accounts and potentially leading to identity theft. By tricking mobile providers, hackers transfer victims’ numbers to new carriers or SIM cards under their control, bypassing security measures like two-factor authentication. To protect against such scams, users are advised securing phone numbers with additional security measures, enabling two-factor authentication, and being cautious with email communications and take necessary if one’s identity is stolen.

LightSpy Malware Attacking Android And IOS Users:

LightSpy, a newly discovered malware, poses a significant threat to both Android and iOS users by infiltrating mobile devices and exfiltrating sensitive data such as GPS locations, SMS messages, and browser history. The malware’s modular design allows it to execute shell commands remotely and record VOIP call sessions, making it highly versatile and adaptable. Spread through phishing campaigns and compromised websites, LightSpy operates stealthily once installed, potentially leading to identity theft, financial loss, and personal safety concerns for users. To mitigate the risk, users are advised to keep their security software updated and exercise caution with unrequested communications. The emergence of LightSpy underscores the need for continued vigilance and robust security measures in the face of evolving cyber threats.

FBI warns of massive wave of road toll SMS phishing attacks:

The FBI issued a warning about a widespread SMS phishing scam targeting Americans with fake road toll fee notifications. Thousands of reports have surfaced, with scammers sending texts claiming recipients owe unpaid tolls and providing links to pay. The messages appear to come from state toll services, but the links lead to fake websites designed to collect personal information. Authorities advise recipients not to click the links, delete the messages, file complaints with the IC3, check their toll accounts through legitimate channels, and secure personal and financial information if they’ve interacted with the messages.

Apple: Mercenary spyware attacks target iPhone users in 92 countries:

Apple has alerted iPhone users in 92 countries to a widespread “mercenary spyware attack” aimed at compromising their devices remotely. The attack is sophisticated and specifically targets individuals based on their identity or occupation, such as journalists, activists, politicians, and diplomats. To counteract these attacks, Apple advises enabling lockdown mode, updating devices to the latest software version, and seeking expert assistance if necessary. The spyware attacks, often attributed to NSO Group’s Pegasus kit, are highly funded and advanced, posing significant challenges to detection and prevention. Apple has been actively notifying users about such attacks since 2021 and emphasizes the importance of taking immediate action to protect personal information and device security.

Keeping iPhone Data Hidden From Apple Is ‘Virtually Impossible’:

Researchers from Finland’s Aalto University assert that keeping personal data hidden from Apple devices like the iPhone is “virtually impossible.” Despite Apple’s reputation for privacy, the study reveals concerns about data collected by Apple’s pre-loaded apps, such as Safari, Siri, iMessage, and others, which are integral to the platform and challenging to remove. The researchers found that data sharing in these apps is difficult to stop, requiring persistent and expert navigation through complex settings. While the study raises questions about Apple’s data usage and privacy protections, it also acknowledges Apple’s efforts to introduce privacy settings and controls. However, the researchers suggest that Apple could improve clarity in informing users about data collection practices.

Security Bite: Annual cost of cybercrime to hit $9.2 trillion in 2024:

There has been an alarming rise in the annual cost of cybercrime, projected to reach $9.2 trillion in 2024. This has lead to significant financial impact of cyberattacks globally and the key contributing factors to this trend includes growing attack surface due to the proliferation of IoT devices, geopolitical tensions leading to state-sponsored attacks, cybersecurity skills shortage, low barrier of entry into cybercrime through ransomware-as-a-service (RaaS), and lack of awareness among individuals and organizations.

Government spyware is another reason to use an ad blocker:

Ad blockers can serve as a defense against government spyware, as spyware makers are utilizing online ads as a means to conduct surveillance. Spyware companies have reportedly developed systems capable of infecting specific targets with spyware through banner ads.One such example is Intellexa, a European company behind the Predator spyware, which presented a proof-of-concept system called Aladdin in 2022. Aladdin demonstrated how spyware could be planted through online ads, targeting individuals like graphic designers and activists with job offers as a disguise. Another Israeli company, Insanet, also developed an ad-based infection system capable of locating individuals within an advertising network. Malicious ads, or malvertising, involve injecting malicious code into online ads displayed on websites, allowing attackers to deliver malware to a target’s device. Ad blockers prevent ads from displaying in web browsers, thus blocking the underlying website from loading the ads and mitigating the risk of malvertising attacks.

Bot attacks persist as top threat in 2024:

There has been a significant rise in bot attacks in 2023, with December marking the peak of activity. Online retail was heavily targeted, experiencing nearly double the number of attacks compared to the previous year. While the betting industry remained the primary target, there was a decrease in bot activity in the pharmaceutical sector. The distribution methods of bots also changed, with an increase in web scripts and browser bots. Despite a shift in user activity dynamics, analysts anticipate a potential increase in bot attacks in 2024.

SoumniBot malware exploits Android bugs to evade detection:

A new Android banking malware called SoumniBot has been discovered by researchers. It exploits weaknesses in Android’s parsing procedure to evade detection. SoumniBot steals sensitive information such as contact lists, account details, and online banking certificates. It’s controlled remotely and can perform various actions on infected devices. The malware primarily targets Korean users and spreads through third-party stores and unsafe websites. Remaining cautious and updating devices regularly are essential to avoid such threats.

Published on Medium