Cyber Security News (5th January 2018)

  1. Meltdown and Spectre CPU Flaws Affect Intel, ARM, AMD Processors

Cyber-security researchers have discovered chip design flaws that could enable access to sensitive information such as passwords on computers, servers, and smartphones.  These hardware vulnerabilities have been categorized into two attacks, named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715), which could allow attackers to steal sensitive data which is currently processed on the computer. The vulnerabilities have been disclosed by Google Project Zero, the vulnerabilities potentially impact all major CPUs, including those from AMD, ARM, and Intel—threatening almost all PCs, laptops, tablets, and smartphones, regardless of manufacturer or operating system. Meltdown, allows attackers to read not only kernel memory but also the entire physical memory of the target machines, and therefore all secrets of other programs and the operating system. Spectre is not easy to patch and will haunt people for quite some time since this issue requires changes to processor architecture in order to fully mitigate. But the good news is that all the companies including mac, windows, android have released patches.

Cyber Security Tips:  Administrators and users are strongly recommended that apply patches as soon as possible. Since this exploit can be executed through the website, Chrome users can turn on Site Isolation feature on their devices to mitigate these flaws. Go to browser Copy chrome://flags/#enable-site-per-process and paste it into the URL field at the top of your Chrome web browser, and then hit the Enter key then Look for Strict Site Isolation, then click the box labeled Enable, Once done, hit Relaunch Now to relaunch your Chrome browser.

  1. New Android Malware Disguised as Uber App

Last time Uber was in news for hiding massive data breach of 75 million accounts from its users and paying $100,000 to the culprits. IT security researchers at Symantec have discovered malware that secretly spies upon Uber’s Android app and extracts private, sensitive data such as users’ passwords. This allows attackers to hijack the accounts owned by Uber users and has been dubbed as Android.Fakeapp. It was identified after various Trojan pop-ups were observed by the researchers on the screen at regular intervals. The purpose was to fool the users into giving away their phone numbers and passwords. When the user presses Enter, the malware sends login credentials to a remote server. The attackers would receive the information and use it to compromise accounts and sell them off to other hackers on the black market.

Cyber Security Tips:  Users are strongly recommended that avoid inserting login credentials in a pop-up window, update your uber app, install apps only from trusted sources and keep using reputed antivirus.

  1. Android banking Trojan may target Indian banks’ mobile apps: Quick Heal

PUNE: Global IT security firm Quick Heal’s Security Labs on Thursday announced it has spotted an Android Banking Trojan that imitates more than 232 mobile apps, including those offered by Indian banks like SBI, HDFC, ICICI, IDBI, and Axis, among others. According to the researcher, the malware known as “Android.banker.A2f8a” is being distributed through a fake Flash Player. Once any of the targeted apps is found on the device, the app shows fake notifications disguised as coming from the targeted app and asks users to log in with their credentials and ultimately tricks them by stealing their login ID and password. If anyone of the targeted apps is found on the infected device, the app shows a fake notification on behalf of the targeted banking app. If the user clicks on the notification, they are shown a fake login screen which enables stealing the user’s confidential info like net banking login ID and password.

Cyber Security Tips:  Users are strongly advised to avoid downloading apps from third-party app stores or links provided in SMSs and emails to keep their credentials safe, keep your OS up-to-date, check for Android.banker.A2f8a in your smartphone if found remove it from your device and keep using reputed antivirus.

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: