Friday, August 9, 2019

WHAT YOU NEED TO KNOW ABOUT 5G AND NETWORK SECURITY

Do you always want the latest and greatest when it comes to technology?

As the march of communication technology continues, new and innovative tools come out every day that improve our lives and make our data more secure. Well, that’s the theory, anyway.


The reality is that there can be a real “look-before-you-leap” problem when it comes to communication technologies. Just take a look at 5G, for example.

5G is considered to be the next step up in mobile communication. Just how LTE was a massive improvement over 3G, 5G looks primed to change the landscape when it comes to wireless devices completely. With major carriers, including AT&T and Verizon, rolling out their 5G networks later this year, you should know that it might not be quite as safe as advertised…

Sunday, July 21, 2019

DETECTING CORPORATE DATA LEAK EXPOSURES WITH OSINT

Do you want to know one of the biggest cybersecurity risks out there for individuals and organizations? Publicly accessible information.
Every other week, you read about some massive organization that had their data hacked and released on the web. Sometimes, this data was out there on the dark web for months and months before anyone noticed, only becoming evident when the information was somehow used against them. But by the time that the organization is forced to take action, it’s often too late for anything but damage control.
How does this information get out there? Well…

Tuesday, July 16, 2019

HOW NASA COULD HAVE AVOIDED GETTING HACKED

When you think of NASA, you think of the cutting edge of science and space exploration. These are the people who were responsible for the moon landing, the Mars missions, and countless technological innovations that have defined the world as we know it today.
What you might not think of is inadequate and out-of-date security, but here we are.
In June of 2019, NASA confirmed that its Jet Propulsion Laboratory (JPL) was hacked back in April 2018. What’s worse is that this hack remained undetected for almost one year. It doesn’t exactly fill you with confidence about our nation’s space agency, does it?
While the final extent of the damage is not (and may never be) known, NASA has confirmed that malicious actors stole approximately 500 MB of data related to the Mars missions. If you follow the news, these missions involve sending unmanned drones (such as the Curiosity rover) to the red planet to gather information. If things go well, the plan is to send a crewed mission at some point in the 2020s.
So, how was this high-tech cyber heist accomplished? Through espionage worthy of a Mission: Impossible movie? Nope. What if we told you that it was all because of an unauthorized Raspberry Pi?

Thursday, March 21, 2019

Hundreds of motel guests were secretly filmed and live-streamed online..

About 1,600 people have been secretly filmed in motel rooms in South Korea, with the footage live-streamed online for paying customers to watch, police said Wednesday.
Two men have been arrested and another pair investigated in connection with the scandal, which involved 42 rooms in 30 accommodations in 10 cities around the country. Police said there was no indication the businesses were complicit in the scheme.

In South Korea, small hotels of the type involved in this case are generally referred to as motels or inns. Cameras were hidden inside digital TV boxes, wall sockets and hairdryer holders and the footage was streamed online, the Cyber Investigation Department at the National Police Agency said in a statement.

Saturday, February 16, 2019

USB Cable Allows Remote Attacks over WiFi


*Note, ComSec's Cyber TSCM Inspection, Utilizing the "ORIUS WIFI" analyzer would reveal this threat within seconds. Contact us, we can help. J.D.L.~


Like a scene from a James Bond or Mission Impossible movie, a new offensive USB cable plugged into a computer could allow attackers to execute commands over WiFi as if they were using the computer's keyboard.

When plugged into a Linux, Mac, or Windows computer, this cable is detected by the operating system as a HID or human interface device. As HID devices are considered input devices by an operating system, they can be used to input commands as if they are being typed on a keyboard.

Created by security researcher Mike Grover, who goes by the alias _MG_, the cable includes an integrated WiFi PCB that was created by the researcher. This WiFi chip allows an attacker to connect to the cable remotely to execute command on the computer or manipulate the mouse cursor.

Thursday, January 31, 2019

New security flaw impacts 5G, 4G, and 3G telephony protocols

Researchers have reported their findings and fixes should be deployed by the end of 2019.
A new vulnerability has been discovered in the upcoming 5G cellular mobile communications protocol. Researchers have described this new flaw as more severe than any of the previous vulnerabilities that affected the 3G and 4G standards.

Further, besides 5G, this new vulnerability also impacts the older 3G and 4G protocols, providing surveillance tech vendors with a new flaw they can abuse to create next-gen IMSI-catchers that work across all modern telephony protocols.This new vulnerability has been detailed in a research paper named "New Privacy Threat on 3G, 4G, and Upcoming5G AKA Protocols," published last year.According to researchers, the vulnerability impacts AKA, which stands for Authentication and Key Agreement, a protocol that provides authentication between a user's phone and the cellular networks.

Wednesday, January 30, 2019

Apple ‘knew FaceTime could let people spy on you a WEEK before telling us..

APPLE was reportedly told that its FaceTime app could let strangers spy on you more than a week and a half ago.
This will come as a shock to many iPhone owners, as Apple only confirmed the bug's existence late on Monday, January 28.

It comes as security experts revealed this morning that an Apple iCloud bug let anyone read your private iPhone notes.

The Face Time bug meant that anyone could call your FaceTime and listen in through your microphone, without you ever accepting the call.

In some cases, it was even possible to secure a live video feed of the victim – without their knowledge or consent.

Apple has temporarily disabled Group FaceTime while it prepares a "fix" this week, but the company supposedly knew about the bug days prior to the 9to5mac reveal.

According to the New York Times, 14-year-old Grant Thomas, from Arizona, discovered the bug on January 19. The teen found that he could use FaceTime video chats to eavesdrop on his friend's phone before his friend had answered the call.

His mother Michele reportedly sent a video of the hack to Apple the very next day, warning over a "major security flaw".