CF BYTES- ISSUE#21
- January 5, 2021
- Posted by: Manasdeep
- Category: Cyberfrat
Welcome to second fortnight edition of CF Bytes for Dec 2020 and the final newsletter for the year 2020.
This fortnight we look into the attempts made to hack into journalists’ phones by autocratic governments in an attempt to suppress free speech by using suspected “zero-click” iMessage exploit. Side effects of technology racial bias were seen when flawed facial recognition led to a black man’s wrongful arrest. In frantic efforts to find a cure for pandemic situation for COVID-19, pharmaceutical research labs findings are leaked by attackers deployed by nation-state backed attackers. In other troubling news, new research report has found that microphones on digital assistants such as Alexa are sensitive enough to steal PINs and other sensitive info; leading to un-intended leakage of PII data.
In Security attacks and breaches, Japanese aerospace firm Kawasaki has issued a warning of a possible data breach. Dell Wyse based thin clients have been found to suffer from critical vulnerabilities that can lead to device takeover. In view of taking advantage of the growing popularity of the new open-world game CyberPunk 2077 early release rumors, ransomware disguised as a beta version of the game baits users to download from the android play store. FBI has issued a warning in rising of targeted swatting attacks done on residents using cameras and voice-capable smart devices.
Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit. Read More.
Flawed Facial Recognition Led to Man’s Wrongful Arrest; falling victim to the technology’s racial bias. Read More.
Lazarus Group nation-state actors are actively trying to steal COVID-19 research to speed up their countries’ vaccine-development efforts. Read More.
Windows Zero-Day Still Circulating After Faulty Fix. Read More.
Research shows that microphones on digital assistants are sensitive enough to steal PINs and other sensitive info. Read More.
Attacks / Breaches
A new SolarWinds flaw likely had let hackers install SUPERNOVA malware. Read More.
Swatting attacks targeting residents with camera and voice-capable smart devices. Read More.
Japanese aerospace firm Kawasaki warns of data breach. Read More.
Dell Wyse thin client models are affected by critical vulnerabilities that can be used to take over the devices. Read More.
Ransomware targeting Android devices disguised as a legitimate download of open-world game Cyberpunk 2077. Read More.