#AceNewsDesk – A “highly operational, destructive, and sophisticated nation-state activity group” with ties to North Korea has been weaponizing open source software in their social engineering campaigns aimed at companies around the world since June 2022.
Microsoft’s threat intelligence teams, alongside LinkedIn Threat Prevention and Defense, attributed the intrusions with high confidence to Zinc, which is also tracked under the names Labyrinth Chollima.
Attacks targeted employees in organizations across multiple industries, including media, defense and aerospace, and IT services in the U.S., the U.K., India, and Russia.
The tech giant said it observed Zinc leveraging a “wide range of open-source software including PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software installer for these attacks.”
According to CrowdStrike, Zinc “has been active since 2009 in operations aimed at collecting political, military, and economic intelligence on North Korea’s foreign adversaries and conducting currency generation campaigns.”
The latest findings dovetail with a recent report from Google-owned Mandiant, which uncovered the adversary’s use of PuTTY via fraudulent job lures shared with potential targets on LinkedIn as part of a campaign dubbed Operation Dream Job.
This involves establishing initial connections with individuals by posing as recruitment professionals as a trust-building exercise, before moving the conversation to WhatsApp, where a tailored lure document or seemingly benign software is shared, effectively activating the infection sequence.
A successful compromise is followed by the threat actor moving laterally across the network and exfiltrating collected information of interest by deploying a backdoor called ZetaNile (aka BLINDINGCAN OR AIRDRY).
But in a bid to evade security defenses and avoid raising red flags, the implant is downloaded only when the victim uses the SSH clients to connect to a particular IP address through the credentials specified in a separate text file.
Likewise, attacks employing the trojanized version of TightVNC Viewer are configured to install the backdoor only when the user selects a particular remote host from the options provided.
“Zinc attacks appear to be motivated by traditional cyberespionage, theft of personal and corporate data, financial gain, and corporate network destruction,” the company said.
“Zinc attacks bear many hallmarks of state-sponsored activities, such as heightened operational security, sophisticated malware that evolves over time, and politically motivated targeting.”
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
#AceNewsDesk – An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments.
Broadcom’s Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks under the name Witchetty, which is also known as LookingFrog, a subgroup operating under the TA410 umbrella.
Intrusions involving TA410 – which is believed to share connections with a Chinese threat group known as APT10 (aka Cicada, Stone Panda, or TA429) – primarily feature a modular implant called LookBack.
Symantec’s latest analysis of attacks between February and September 2022, during which the group targeted the governments of two Middle Eastern countries and the stock exchange of an African nation, highlights the use of a new backdoor called Stegmap.
The new malware leverages steganography – a technique used to embed a message (in this case, malware) in a non-secret document – to extract malicious code from a bitmap image of an old Microsoft Windows logo hosted on a GitHub repository.
“Disguising the payload in this fashion allowed the attackers to host it on a free, trusted service,” the researchers said. “Downloads from trusted hosts such as GitHub are far less likely to raise red flags than downloads from an attacker-controlled command-and-control (C&C) server.”
Stegmap, like any other backdoor, has an extensive array of features that allows it to carry out file manipulation operations, download and run executables, terminate processes, and make Windows Registry modifications.
Attacks that lead to the deployment of Stegmap weaponize ProxyLogon and ProxyShell vulnerabilities in Exchange Server to drop the China Chopper web shell, that’s then used to carry out credential theft and lateral movement activities, before launching the LookBack malware.
A timeline of an intrusion on a government agency in the Middle East reveals Witchetty maintaining remote access for as many as six months and mounting a wide range of post-exploitation efforts till September 1, 2022.
” Witchetty has demonstrated the ability to continually refine and refresh its toolset in order to compromise targets of interest,” the researchers said.
“Exploitation of vulnerabilities on public-facing servers provides it with a route into organizations, while custom tools paired with adept use of living-off-the-land tactics allow it to maintain a long-term, persistent presence in targeted organizations.”
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
#AceNewsDesk – The Bill & Melinda Gates Foundation has increased its investment in digital ID projects through part of a $1.27 billion package to support “global health and development projects.” Part of the funding, $200 million, will go to digital public infrastructure, including civil registry databases and digital ID.
The announcement followed the annual “Goalkeepers Report,” an annual assessment report on the UN’s Sustainable Development Goals (UN SGD).
To achieve that goal, digital identity programs are supposedly needed. The 2019 Goalkeepers Report touted biometrics as one of the technologies needed for the equitable redistribution of resources in developing nations.
The UN set a goal (goal 16.9) for a global legal identity by 2030, and the report said that the world will not make that deadline. A podcast is available on the plans here.
The $200 million will also support data sharing systems and interoperable payments systems.
The Gates Foundation supports several digital ID-related programs, including the MOSIP, an open-source digital ID platform.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
#AceNewsDesk – IOS16 the next version of Apple’s iPhone software, becomes available for download today (September 12). And if you’ve been following along since Apple first previewed the update at its developer conference in June through the subsequent public beta release, you’ll know exactly what to expect: Published about 7 hours ago
(Image credit: DANIEL CONSTANTE/Shutterstock)
But what if you don’t? No worries — we’ve got a rundown of iOS 16’s top features and how to use them, along with profiles of the biggest changes coming to your iPhone. Our iOS 16 public beta hands-on also gives you a sneak preview of how iOS 16 should perform on your iPhone.
If you want to brush up on iOS 16 ahead of today’s launch, read on for links to all of our coverage. And stay tuned for updates throughout the day on how to download iOS 16 to your mobile device.
iOS 16 release: When is it coming?
All Apple has said is to expect iOS 16’s release some time today, an announcement that came amid last week’s September event, where the iPhone 14 made its debut. Three iPhone 14 models, which ship with iOS 16, hit stores Friday (Sept. 16), so Apple is eager to get iOS 16 out to existing iPhones ahead of that release.
There’s no set time for an iOS release, but if the past is an indication, we’d expect the iOS 16 update to become available around 1 p.m. ET / 10 a.m. PT / 6 p.m. BST, give or take an hour. That’s when we’ve seen major software updates from Apple in the past, though the company could always surprise us with a different time.
When the iOS 16 release is available, just tap on the Settings app and head to General. Select Software Update and iOS 16 should be waiting there for you to download.
iOS 16 compatibility: What iPhone do you need?
If you’re familiar with the iOS 16 public beta, nothing’s changing with the full release of iOS 16. But just as a reminder, you’ll need an iPhone 8 or later, so that’s any handset released since the fall of 2017. That means any iPhone 6s or iPhone 7 models that were capable of running iOS 15can’t update to the new version; the original iPhone SE is left out of the mix, too, though the 2020 and 2022 releases can update without a problem.
Note that some features of iOS 16 require an iPhone with an A11 Bionic chip or later to support some features like Live Text and Visual Look Up. (That’s unchanged from iOS 15.) If you’ve got an iPhone XR or later, you’ll be fine.
iOS 16: Top features
So you’ve installed iOS 16. What features should you try out first? Here’s a look at our profiles of all the major changes coming to the software update based on our time with the iOS 16 public beta.
iOS 16 lock screen: The changes to the iOS 16 lock screen are probably the most prominent with this software update, as you can now customize your iPhone’s lock screen with different fonts and colors. An even bigger change is the ability to place widgets on the lock screen, which will come in especially handy if you have an iPhone 14 Pro, thanks to that device’s new always-on display.
iOS 16 Messages: Messages adds the ability to mark texts as unread, which can come in handy if you want to review them later when you have more time. You can launch SharePlay through Messages as well, allowing you to collaborate with other users in apps like Files, Keynote and Notes.
But the biggest change in iOS 16 Messages involves new editing tools. Specifically, you’ll be able to edit text messages after you send them and unsend text messages if you’ve replied to the wrong text message. Editing and unsending features are available only for a limited window after you’ve sent your text.
iOS 16 Safari: Building upon the Tab Groups feature introduced with iOS 15 last year, iOS 16 Safari adds collaboration tools by letting you share Tab Groups with other people.
The other big change in iOS 16 is passkeys, a replacement for passwords that’s going to require third-party apps and websites to embrace. But we spoke to Apple about how passkeys improve upon the password experience.
iOS 16 Maps: More detailed city maps are coming to more places in iOS 16 Maps, and you’ll also be able to find the cost of trips when you plot out routes using the navigation software’s public transit option. Even better, the new Maps lets you top off the balance on any transit cards you’ve stored in the Wallet app.
But the biggest addition to Maps is the ability to plot out multi-stop routes when you’re driving. In fact, you can add up to 15 stops on any one trip.
iOS 16 Fitness: You no longer need an Apple Watch to monitor how much you move. iOS 16 adds a standalone Fitness app that tracks your steps, distance traveled and calories burned. It may be a stripped-down version of a similar app available to Apple Watch owners, but Fitness on the iPhone can motivate you to get up and moving every day.
iOS 16 Focus: Another feature introduced in iOS 15 gets a bit of a tweak in iOS 16, as Apple streamlines the setup process for Focus. New filters let you fine-tune what’s permitted and what’s blocked out when you’ve set a Focus mode, and while those filters are limited to Apple’s built-in apps at launch, Apple’s released a tool to let developers add filters to their apps.
iOS 16 Photos: Editing and organizational tools get most of the attention in iOS 16 Photos, as Apple adds the ability to copy and paste edits to photos and videos, saving you time when you want to make identical changes to a batch of photos at once. Undo and redo edit commands let you reverse and re-institute image edits, while the Hidden and Recently Deleted folders now use Face ID unlocking for an extra level of security. A new Duplicates folder makes it easier to get identical folders out of your library.
iOS 16 Live Text and Visual Look Up: Apple added Live Text and Visual Look Up to iOS 15, tapping into the neural engine on its recent processors to let you copy text out of photos and look up information about things that you’ve photographed. iOS 16 extends those capabilities by letting you copy text in videos just like you can in photos — action buttons related to that identified text lets you jump to phone calls and web pages or look up websites in Safari.
Visual Look Up adds a far neater tool — tap on the subject of a photo and you can copy that object, pasting it into other apps like Notes, Messages and more. Visual Look Up can now identify birds, insects and statues, too.
What features won’t be available in iOS 16 when it launches?
Back in June, Apple previewed a new iCloud Shared Photo Library, which is designed to make it easier to share photos with family members. With iCloud Shared Photo libraries, you can include five other people, all of whom can add their own photos and make changes to photos within the album.
Throughout the iOS 16 beta process, we expected iCloud Shared Photo Library to debut with the rest of iOS 16’s new features. But last week, The Verge reported that iCloud Shared Photo Library wasn’t going to appear with the rest of iOS 16 today. Indeed, a check of Apple’s iOS 16 featurespage now lists iCloud Shared Photo Library as coming “later this year.”
We already knew that Live Activities wasn’t going to be ready with the rest of iOS 16. This is a new kind of notification that alerts you about ongoing information — the score of a ballgame, for example, or the status of a ride-share coming to pick you up. Live Activities largely depend on third-parties using Apple’s developer tools to create new widgets, and those won’t appear until after iOS 16’s debut. Apple does offer a bit of a preview as to how Live Activities will work with its Timer widget, which offers a live countdown on the lock screen.
Today’s best apple iphone 14 deals
Philip Michaels is a Managing Editor at Tom’s Guide. He’s been covering personal technology since 1999 and was in the building when Steve Jobs showed off the iPhone for the first time. He’s been evaluating smartphones since that first iPhone debuted in 2007, and he’s been following phone carriers and smartphone plans since 2015. He has strong opinions about Apple, the Oakland Athletics, old movies and proper butchery techniques. Follow him at @PhilipMichaels.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
Password leaks are one of the most annoying problems of the digital age. At first glance, it might seem like no big deal: who cares if someone finds out the password to some old e-mail account that is rarely used and contains nothing of value?
But then you remember that this same e-mail is linked to your social network accounts, not to mention banking and other apps, and it’s now in cybercriminal hands. Besides the anguish of losing money and data, such a leak can cause major headaches for your friends, family and colleagues — after all, a hijacked account can be used to send phishing or scam e-mails in your name to all your contacts.
In this post, we explain how your credentials can be stolen and how to reduce the risk of them leaking. Sure, caution and vigilance play a massive role in it, but there are hi-tech solutions specifically designed to prevent leaks, which often handle threats much better than the naked eye.
Trojan stealers
These stealthy spies, once on your device, usually display no visible signs of activity. After all, the longer they remain under the radar, the more of your data they can steal and pass to their handlers, such as passwords for banking apps or gaming services.
A Trojan can get on your computer or smartphone if you open a malicious file sent by another user, downloaded from a website or copied from external media. Remember that any executable file from the internet is a potential trap.
But even those files that look like non-executables need to be treated with caution. Cybercriminals do their best to fool victims by disguising malicious files as images, videos, archives, documents, etc., and often they succeed. For example, they might change the icon or use a fiendishly cunning filename that mimics a safe format. What’s more, even an ordinary Office document can turn into a trap under certain conditions: a malicious script in the document can exploit a vulnerability in the program you use to open it.
Therefore, to combat such leaks, we recommend installing a security solution that can detect and block spyware Trojans.
Phishing
Phishing e-mails come in a variety of forms, but the goal is always to lure you to a fake website and get you to enter your credentials. It might be a message saying your bank account has been blocked, or an early-bird offer to subscribe to an online movie theater. Or it might be a phishing link from an attractive stranger on Tinder, a potential buyer of your product on Amazon, or even a close friend (if their e-mail was hacked by scammers).
The standard tip in this situation is to look carefully at the URL: some fake sites have an extra letter in the address, a double domain name, etc. However, that does not always help since modern cybercriminals have learned how to disguise their fakes. For example, in case of a browser-in-the-browser attack, you might see a phishing site with a genuine address.
So it’s better to play it safe and use a security solution that spots phishing attacks and warns you about them.
Browser attacks
Often, passwords get stolen through browser vulnerabilities or extensions. In the first case, specially crafted code on a web page plants spyware on your device. In the second, you yourself install a malicious script under the guise of a handy browser plug-in. After that, when you go to, say, a bank website, this script redirects all traffic through a hacker proxy server, spilling your credentials in the process.
Public Wi-Fi
Attackers can also intercept data (including passwords) sent over the network if you’re using unencrypted or old WEP-protected Wi-Fi. Another variant is when a hacker sets up a public Wi-Fi hotspot with a name similar to an existing network (usually belonging to a nearby cafe, hotel or business center). The inattentive user connects to the fake hotspot and all their internet traffic flows straight to the cybercriminals.
You can avoid such leaks by carefully checking network names, avoiding suspicious access points, and disabling automatic connection to Wi-Fi. Better still, ensure that all your traffic is encrypted, then, even if you do connect to the wrong hotspot, eavesdroppers won’t know what you’re sending or where.
Passwords all around
Then of course there are people who write down passwords on sticky notes and bits of paper, then leave them in full view of any passerby. Don’t be like them. It is also dangerous to write passwords in insecure text files on your computer or smartphone, or store passwords in the browser for autofilling.
So what to do instead? After all, infosec experts bleat on about the need for strong passwords that can’t be brute forced. They also don’t stop ranting about never using the same password more than once, because if it gets stolen, attackers will have more to steal from you. Is the solution, then, to create a memory palace full of long, complex passwords? But hardly anybody has such a gifted mind.
An easier option is to use a password manager protected by strong encryption. Simply enter all your usernames and passwords and memorize just one master password for the vault itself.
External leaks
All of the above is about keeping passwords safe at your end, but leaks often occur in remote internet services: online stores, social networks, crypto exchanges, or any other resource with login authentication. By hacking such a site, cybercriminals can get ahold of a huge user database, plus passwords and other personal data.
What’s more, the owners of such sites are not always keen to report such hacks. Meanwhile, your data gets passed around or put up for sale on the dark web. Infosec experts monitor the publication of such databases and warn users.
As always, however, be careful: here, too, such “experts” might appear to be scammers in disguise. This is a common phishing method: the user receives a message about an alleged leak and is invited to follow a link to a site asking for their credentials supposedly for verification, whereupon the password is stolen for real.
Your Kaspersky application has a service for checking whether a leak really happened or not. Called Data Leak Checker, it is found on the Privacy tab. It lets you check whether your e-mail is spotted in a stolen database somewhere. If so, you will receive a list of leaky sites, the type of data made public (personal, banking, online activity history and so on), as well as recommendations on what to do about it.
Protection for all seasons
Of course, password theft is not the only misfortune that can befall your digital self. Attackers have all kinds of tricks up their sleeve for stealing valuable data, emptying online bank accounts and causing other harm: spyware, ransomware, fake websites, malicious miners, the list goes on.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
#AceNewsDesk – The development, revealed by Securonix, points to the growing adoption of Go among threat actors, given the programming language’s cross-platform support, effectively allowing the operators to leverage a common codebase to target different operating systems.
Go binaries also have the added benefit of rendering analysis and reverse engineering difficult as opposed to malware written in other languages like C++ or C#, not to mention prolong analysis and detection attempts.
Phishing emails containing a Microsoft Office attachment act as the entry point for the attack chain that, when opened, retrieves an obfuscated VBA macro, which, in turn, is auto-executed should the recipient enable macros.
The execution of the macro results in the download of an image file “OxB36F8GEEC634.jpg” that seemingly is an image of the First Deep Field captured by JWST but, when inspected using a text editor, is actually a Base64-encoded payload.
“The deobfuscated [macro] code executes [a command] which will download a file named OxB36F8GEEC634.jpg, use certutil.exe to decode it into a binary (msdllupdate.exe) and then finally, execute it,” Securonix researchers D. Iuzvyk, T. Peck, and O. Kolesnikov said.
The binary, a Windows 64-bit executable with a size of 1.7MB, is not only equipped to fly under the radar of antimalware engines, but is also obscured by means of a technique called gobfuscation, which makes use of a Golang obfuscation tool publicly available on GitHub.
The gobfuscate library has been previously documented as used by the actors behind ChaChi, a remote access trojan employed by the operators of the PYSA (aka Mespinoza) ransomware as part of their toolset, and the Sliver command-and-control (C2) framework.
Communication with the C2 server is facilitated through encrypted DNS queries and responses, enabling the malware to run commands sent by the server through the Windows Command Prompt (cmd.exe). The C2 domains for the campaign are said to have been registered in late May 2022.
Microsoft’s decision to block macros by default across Office apps has led many an adversary to tweak their campaigns by switching to rogue LNK and ISO files for deploying malware. It remains to be seen if the GO#WEBBFUSCATOR actors will embrace a similar attack method.
“Using a legitimate image to build a Golang binary with Certutil is not very common,” the researchers said, adding, “it’s clear that the original author of the binary designed the payload with both some trivial counter-forensics and anti-EDR detection methodologies in mind.”
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
Apple didn’t say how the vulnerabilities were discovered or by who — it just cited “anonymous researchers” in its brief reports.
The website noted issues with two parts of Apple’s software — the kernel at the heart of iOS and the web browser engine, WebKit — that could lead to “arbitrary code execution”.
What does that mean?
Apple’s explanation of the vulnerability means a hacker could get “full admin access” to the device.
That would allow intruders to impersonate the device’s owner and subsequently run any software in their name, SocialProof Security chief Rachel Tobac said.
Commercial spyware companies such as Israel’s NSO Group are known for identifying and taking advantage of such flaws, exploiting them in malware that secretly infects targets’ smartphones, siphons their contents and surveils the targets in real time.
NSO Group’s spyware is known to have been used in Europe, the Middle East, Africa and Latin America against journalists, dissidents and human rights activists.
And that’s been fixed?
Both issues were addressed in the new update, Apple’s update page said.
Which devices need to be updated?
iPhone 6s and later
iPad Pro (all models)
iPad Air 2 and later,
iPad 5th generation and later
iPad mini 4 and later
iPod touch (7th generation)
Mac computers running MacOS Monterey
There’s also an update for Apple’s Safari browser on Macs running the Big Sur and Catalina versions of MacOS.
How do I update my software?
To update the software on your iPhone, iPad or iPod touch, go into Settings.
From there, tap General and then tap Software Update. You should be met with something that looks like this:
Security experts have warned Apple users to update their software. (ABC News)none
Then hit “download and install”.
To update the software on your Mac computer, go to System Preferences, then go to Software Update and click either Update Now or Upgrade Now.
If you can’t find Software Update in your System Preferences, try going into the App Store and clicking on the Updates tab.
Apple released security updates for Macs running Monterey, Big Sur and Catalina.(Supplied: Apple)none
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
#AceBreakingNews – Popular end-to-end encrypted messaging service Signal on Monday disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1,900 users.
“For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal,” the company said. “All users can rest assured that their message history, contact lists, profile information, whom they’d blocked, and other personal data remain private and secure and were not affected.”
Signal, which uses Twilio to send SMS verification codes to users registering with the app, said it’s in the process of alerting the affected users directly and prompting them to re-register the service on their devices.
The development comes less than a week after Twilio revealed that data associated with about 125 customer accounts were accessed by malicious actors through a phishing attack that duped the company’s employees into handing over their credentials. The breach occurred on August 4.
In the case of Signal, the unknown threat actor is said to have abused the access to explicitly search for three phone numbers, followed by re-registering an account with the messaging platform using one of those numbers, thereby enabling the party to send and receive messages from that phone number.
As part of the advisory, the company has also urged users to enable registration lock, an added security measure that requires the Signal PIN in order to register a phone number with the service.
Web infrastructure provider Cloudflare, which was also unsuccessfully targeted by the sophisticated phishing scam, said the use of physical security keys issued to every employee helped it impede the attack.
Phishing and other types of social engineering rely on the human factor to be the weakest link in a breach. But the latest incident also serves to highlight that third-party vendors pose as much a risk to companies.
The development further underscores the dangers of relying on phone numbers as unique identifiers, what with the technology susceptible to SIM swapping that allows bad actors to carry out account takeover attacks and illicit money transactions.
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
#AceNewsDesk – Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system according to Threatpost by Elizabeth Montalbano
A Belgian security researcher has successfully hacked the SpaceX operated Starlink satellite-based internet system using a homemade circuit board that cost around $25 to develop, he revealed at Black Hat.
Lennert Wouters revealed a voltage fault injection attack on a Starlink User Terminal (UT)—or satellite dish people use to access the system – that allowed him to break into the dish and explore the Starlink network from there, he revealed in a presentation called “Glitched on Earth by Humans” at the annual ethical hacker conference this week.
Wouters physically stripped down a satellite dish he purchased and created the custom board, or modchip, that can be attached to the Starlink dish, according to a report on Wired about his presentation on Wednesday.
He developed the tool using low-cost, off-the-shelf parts and was able to use it to obtain root access by glitching the Starlink UT security operations center bootrom, according to a tweet previewing the presentation that he said was sent through a rooted Starlink UT.
To design the modchip, Wouters scanned the Starlink dish and created the design to fit over the existing Starlink board. He soldered the modchip—comprised of a Raspberry Pi microcontroller, flash storage, electronic switches and a voltage regulator–to the existing Starlink PCB and connected it using a few wires, according to the report.
‘Unfixable Compromise’
Once attached to the Starlink dish, the tool launched a fault injection attack to temporarily short the system, which allowed for bypass of Starlink’s security protections so Wouters could break into locked parts of the system.
Wouters’ attack runs the glitch against the first bootloader–the ROM bootloader that’s burned onto the system-on-chip and can’t be updated. He then deployed patched firmware on later bootloaders, which gave him control of the dish, according to the report.
Wouters first performed the attack in a lab before implementing the modchip on the dish itself, he revealed in a write-up about his presentation published on the conference’s website.
“Our attack results in an unfixable compromise of the Starlink UT and allows us to execute arbitrary code,” Wouters wrote. “The ability to obtain root access on the Starlink UT is a prerequisite to freely explore the Starlink network.”
Wouters was able to explore the Starlink network and its communication links once he gained access to the system, adding that other researchers can potentially build on the work to further explore the Starlink ecosystem.
Wouters revealed the vulnerability to SpaceX in a responsible way through its bug bounty program before publicly presenting on the issue.
Implications for Starlink
Starlink is SpaceX’s low Earth orbit satellite constellation, an ambitious project that aims to provide satellite internet coverage to the whole world. Some 3,000 small satellites launched since 2018 already are providing internet to places that can’t be reached by terrestrial networks. Other companies—including Boeing, Amazon and Telesat—also have launched their own satellite constellations to provide internet from space.
Starlink’s UT is one of three core components of the Starlink system; the other two are the satellites that move about 340 miles above the Earth’s surface to beam down internet connections, and gateways that transmit connections up to the satellites. The UTs also communicate with satellites to provide internet on Earth.
As is typically the case with any technology, the increase in use and deployment of Starlink and other satellite constellations also means that threat actors have a greater interest in finding their security holes to attack them.
Indeed, Russia saw an advantage in taking out a satellite providing internet communications across Europe by attacking its technology on the ground as Russian troops entered Ukraine on Feb. 24. The move successfully disrupted communications on the ground in Ukraine at a crucial time in the invasion, while also affecting other parts of Europe. It even had a ripple effect and jammed airplane navigation systems and other critical infrastructure.
Knowing the critical nature of its security, SpaceX already has responded to Wouters’ presentation with a six-page paper published online inviting security researchers to “bring on the bugs” to help the company better protect the Starlink system as well as offering a detailed explanation of how it protects Starlink.
The paper also congratulates Wouters’ research, calling it “technically impressive” before poking a series of holes in it and assuring that Starlink’s “defense-in-depth approach to security limits the overall impact of this issue to our network and users.”
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
#AceBreakingNews – Police Scotland has hinted that it could trial Live Facial Recognition (LFR) technology, according to the Scottish Daily Press.
Cameras equipped with LFR technology scan people’s faces as they go about their business in public. The scanned images are then converted to “facial fingerprints” or “biometric patterns.”
The technology was recently deployed at Oxford Circus in London by the Metropolitan Police (The Met). About 36,000 unsuspecting members of the public were scanned and matched against a watchlist of 6,747 people.
Speaking to the Scottish Daily Mail, Bex Smith, Assistant Chief Constable of Police Scotland, said: “Police Scotland is not using, trialing or testing live facial recognition technology presently.
“But we are keeping a watching brief on the trialing of technology elsewhere.
“As technology advances, we can see that embracing new ways of working and harnessing technology needs to be considered.
“We are committed to our duty to keep people safe, and this may necessitate us moving with the times and looking to technology to help us to do so in the future.
“We recognize the valid concerns about the use of new technology and are developing a governance framework to balance requirements to comply with data protection and privacy regulations.”
For good reasons, LFR technology raises privacy and civil liberties concerns. “Many people will understandably be concerned that the introduction of this new technology could potentially infringe on their civil liberties,” said Tory justice spokesperson Jamie Greene.
“Robust engagement and due diligence must be the top priority before these cameras are potentially rolled out.”
Rights group Big Brother Watch warned: “This intrusive surveillance poses a serious threat to our civil liberties, violates our right to privacy, and routinely results in misidentifications and legal issues.”
But according to The Met, the technology helps keep people “safe.”
“This technology helps keep Londoners safe, and will be used to find people who are wanted for violent and serious offenses and those with outstanding arrest warrants issued by the court,” said a spokesperson for The Met.
“Independent experts will also be carrying out a test on the LFR system to establish accuracy.”
Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com
