Top 7 Cybersecurity Stories This Week 04-07-2017
WikiLeaks’ latest disclosure of CIA cyber-tools reveals a technique used by the agency to hide its digital tracks, potentially blowing the cover on current and past hacking operations aimed at gathering intelligence on terrorists and other foreign targets. Read More.
A researcher in Israel has uncovered 40 unknown vulnerabilities, or zero-days, that would allow someone to remotely hack millions of newer Samsung smart TVs, smart watches, and mobile phones already on the market, as well as ones slated for future release, without needing physical access to them. The security holes are in an open-source operating system called Tizen that Samsung has been rolling out in its devices over the last few years. Read More.
“Cyber security firm Kaspersky Lab on Monday said it had obtained digital evidence that bolsters suspicions by some researchers that North Korea was involved in last year's $81 million cyber heist of the Bangladesh central bank's account at the Federal Reserve Bank of New York,” reports CNBC. Kaspersky Lab released a 58-page report on Lazarus, a group linked to the heist in Bangladesh and the 2014 attack on Sony's Hollywood studio. Read More.
Yesterday, Thomas Rid, along researchers Costin Raiu and Juan Andres Guerrero-Saade of Kaspersky Lab, presented more evidence that could ultimately and definitively connect one of the earliest cyberespionage campaigns on record to the Russian-speaking APT proficient in stealing secrets from sensitive Western targets through the use of hijacked satellite links, watering hole attacks, a host of covert backdoors and advanced malware. Read More.
Google Project Zero uncovered a sophisticated bug in a Broadcom Wi-Fi chip, which can be found in iPhones, Nexuses and Samsung devices. According to the researcher who discovered the exploit, “an attacker within range may be able to execute arbitrary code on the Wi-Fi chip.” This allows the hacker to take over the device completely by Wi-Fi proximity, without any user interaction. Read More.
According to researchers at Google and mobile cybersecurity firm Lookout, they have discovered “one of the most advanced espionage apps ever written for Android,” dubbed Pegasus. The malicious smartphone app allows customers of “cyber arms dealers” named NSO Group to remotely spy on victims. Read More.
Chinese cyber criminals have allegedly infiltrated the National Foreign Trade Council (NFTC) website in an attacked dubbed, “Operation TradeSecret,” according to a new report from Fidelis Cybersecurity. The group believed to be responsible is APT10, who has also been credited with hacking government sites in the UK and Japan. Read More.