<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 12/7/2023

SHARE

Top News

Apple admits to secretly giving governments push notification data

Governments have been secretly tracking the app activity of an unknown number of people using Apple and Google smartphones, US Senator Ron Wyden (D-Ore.) revealed today. In a letter demanding that the Department of Justice update or repeal policies prohibiting companies from informing the public about these covert government requests, Wyden warned that "Apple and Google are in a unique position to facilitate government surveillance of how users are using particular apps." READ MORE...


Navy contractor Austal USA confirms cyberattack after data leak

Austal USA, a shipbuilding company and a contractor for the U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS) confirmed that it suffered a cyberattack and is currently investigating the impact of the incident. The company is based in Australia and specializes in high-performance aluminum vessels. Its American subsidiary, Austal USA, is under contract for multiple programs that include building Independence class littoral combat ships for the U.S. Navy. READ MORE...

Breaches

Nissan Restoring Systems After Cyberattack

Japanese car manufacturer Nissan has disclosed a cyberattack impacting the internal systems at Nissan Oceania. A regional division of the multinational carmaker, Nissan Oceania is responsible for the company's operations in Australia and New Zealand. Nissan Oceania disclosed the cyberattack in an incident notification on its regional websites, but did not share specific information on the type or extent of the breach, citing its ongoing investigation into the matter. READ MORE...


After hack, 23andMe gives users 30 days to opt out of class-action waiver

Shortly after 23andMe confirmed that hackers stole ancestry data of 6.9 million users, 23andMe has updated its terms of service, seemingly cutting off a path previously granted to users seeking public accountability when resolving disputes. According to a post on Hacker News, the "23andMe Team" notified users in an email that "important updates were made to the Dispute Resolution and Arbitration section" of 23andMe's terms of service on November 30. READ MORE...

Software Updates

Android phones can be taken over remotely - update when you can

Android phones are vulnerable to attacks that could allow someone to takeover a device remotely without the device owner needing to do anything. Updates for these vulnerabilities and more are included in Google's Android security bulletin for December. In total, there are patches for 94 vulnerabilities, including five rated as "Critical." The most severe of these flaws is a vulnerability in the System component that could lead to remote code execution (RCE) without any additional execution privileges required. READ MORE...

Malware

Beware of predatory fin(tech): Loan sharks use Android apps to reach new depths

Since the beginning of 2023, ESET researchers have observed an alarming growth of deceptive Android loan apps, which present themselves as legitimate personal loan services, promising quick and easy access to funds. Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims' personal and financial information to blackmail them, and in the end gain their funds. READ MORE...

Exploits/Vulnerabilities

New 'Pool Party' Process Injection Techniques Undetected by EDR Solutions

Breach and attack simulation firm SafeBreach has discovered eight new process injection techniques that leverage Windows thread pools to trigger malicious code execution as the result of legitimate actions. Dubbed Pool Party, the injection variants work across all processes, without limitations, and are fully undetected by leading endpoint detection and response (EDR) solutions, SafeBreach says. READ MORE...


Dangerous vulnerability in fleet management software seemingly ignored by vendor

A major vulnerability that could allow hackers to manipulate a fleet of vehicles at once - including the possibility of shutting down the vehicles - has gone ignored by the vendor for months, according to researchers that discovered the vulnerability. As the auto sector has evolved beyond a simple mode of transportation into "computers on wheels," vulnerabilities in the software that controls multi-ton steel giants have become an increasingly urgent topic for security researchers. READ MORE...


New SLAM attack steals sensitive data from AMD, future Intel CPUs

Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. SLAM is a transient execution attack that takes advantage of a memory feature that allows software to use untranslated address bits in 64-bit linear addresses for storing metadata. READ MORE...


Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover

Attackers can exploit a critical Bluetooth security vulnerability that's been lurking largely unnoticed for years on macOS, iOS, Android, and Linux device platforms. The keystroke injection vulnerability allows an attacker to control the targeted device as if they were attached by a Bluetooth keyboard, performing various functions remotely depending on the endpoint. Tracked as CVE-2023-45866, the flaw exists in how in the Bluetooth protocol is implemented on various platforms. READ MORE...

On This Date

  • ...in 1941, a date which will live in infamy, Pearl Harbor is attacked in an air raid by the Imperial Forces of Japan, bringing the United States into World War II.
  • ...in 1949, singer-songwriter and actor Tom Waits ("Rain Dogs", "Down By Law") is born in Pomona, CA.
  • ...in 1965, actor Jeffrey Wright ("Westworld", "Casino Royale") is born in Washington, D.C.
  • ...in 1972, Apollo 17 is launched, the final mission of the Apollo program. It is the most recent time that humans travelled beyond low Earth orbit.