CYBER SECURITY WEEKLY NEWS
1. Julian Assange is finally free
2. Apple AirPods eavesdropping vulnerability patched
3. Teamviewer reportedly hacked by Russian actors
4. Your phone’s 5g connection is exposed to bypass and DOS attacks
5. Microsoft confirms that more customer emails have been accessed by Russian actors
6. Weekly vulnerability report
7. Weekly malware report
1. Julian Assange is finally free
After five years in prison and seven in exile, Wikileaks founder Julian Assange is free.
Julian, through Wikileaks, is said to have exposed over 10 million classified documents belonging to the US.
Wikileaks first gained attention for the first time in 2010 after it leaked a video showing US soldiers killing civilians in Iraq and after posting classified documents on the Afghanistan war.
After a 14-year-old saga, he finally walked out of court a free man after he pleaded guilty to a single charge and he arrived back in Australia to enjoy his freedom once again.
The question remains on whether he'll go back to Wikileaks and if he does, how different will it be?
2. Apple AirPods vulnerability patched
If you are a regular AirPods user, be careful as your conversations could now be eavesdropped.
A recently found vulnerability by Jonas Dreßler allowed an attacker in physical proximity to overhear private communications.
“When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones," Apple outlined in an advisory.
This vulnerability affects Airpods(2nd generation and later), AirPods Pro (all models), Airpods Max, Powerbeats Pro, and Beats Fit Pro.
Apple has released a new firmware update that fixed the vulnerability, released on June 25, 2024
3. Teamviewer reportedly hacked by Russian threat actors
TeamViewer a remote monitoring and management giant reported on a breach on June 26, 2024, attributed to a hacking group, APT29, affiliated to Russia.
An update from TeamViewer briefed that the attack targeted credentials associated with an employee account within its corporate IT environment.
"We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts, and implemented necessary remediation measures," the company said in a statement.
However, the company has not disclosed any further details on the hack and how the hackers infiltrated them but has said that an investigation is ongoing. The company also added that there is no evidence of the threat actors gaining access to customer data or the production environment.
4. Your phone’s 5g connection is exposed to bypass and DOS attacks
5G technologies, the tech upgrade that opened up doors to future technologies could put you at risk of data theft and denial of service attacks. Thanks to seven researchers at Penn State University who described how hackers can set up a fake mobile network base station, attracting target devices. The device and the fake mobile base station undergo an authentication and key agreement(AKA). The phone does not vet the station and it accepts the legitimacy of the fake base station. The researchers then exploit the AKA, leaving the victim vulnerable.
5. Microsoft confirms that more customer emails have been accessed by Russian actors
The tech giant confirmed that more email addresses were accessed than the ones originally revealed, during the hack by Russian actors Midnight Blizzard, AKA APT29 and Cozy Bear. Reports of the breach were brought to light on January 19, 2024, where the threat actors stole top-level company staff, cybersecurity, and legal employee emails.
The report surprised Microsoft’s customers after Microsoft confirmed that the attack surface was broader.
Microsoft said that it has been reaching out to customers to help them take protective and mitigating measures. Also formerly notified customers would be given more information on what types of information have been assessed by the group
6. Weekly vulnerability report
-194 new vulnerabilities found in WordPress; 18 in themes and 176 in plugins. 94 of the vulnerable plugins remain unpatched.
-Apple’s AirPods Bluetooth vulnerability that allowed attackers to eavesdrop on the users patched
-Critical GitLab vulnerability exposed, that allows attackers to run pipelines as users
-Google Chrome has released a security update to fix four severe vulnerabilities
-VMware discloses vulnerabilities affecting VMware vSphere and VMware Cloud Foundation products, that potentially lead to remote code execution
7. Weekly malware report
-New Medusa trojan variant surfaces with significant stealth abilities, targeting seven countries
-Kimusky, a North Korean actor make use of a malicious Google Chrome extension, TRANSLATEXT to steal sensitive information including passwords, cookies, users, and browser screenshots.
-An ISP from South Korea intentionally infects 600,000 users with malware to prevent them from using torrent services.
-Lockbit ransomware group announced having 33TB of American’s banking secrets, adding the US Federal Reserve to its victims list
-TeamViewer was breached by the APT 39 group from Russia
