New York (CNN Business)Binance, a major cryptocurrency exchange, says hackers stole more than $40 million worth of bitcoin from its customers.
The Taiwan-based company, one of the world’s largest crypto exchanges, announced that it discovered a “large scale security breach” Tuesday. It said hackers stole 7,000 bitcoins in one transaction. One bitcoin trades at nearly $6,000.
Facebook makes a U-turn on Blockchain and cryptocurrency ads, CNBC reports. Hence, more crypto-oriented companies will be able to promote their products on the biggest social media network.
‘Facebook Coin’ Reportedly Coming in First Half of 2019
No need for pre-approval
As reported by U.Today, Facebook relaxed is crypto ad ban back in June, but ICOs were still barred from the website. Despite this announcement, the social media giant continued to blackball the majority of crypto-related ads. The thing is, Facebook only readmitted the companies that already got the green light before the ban, but the majority of new submissions have been rejected (mostly for some obscure reasons).
Now, a wide range of crypto-related ads does not need to be pre-approved at all. It appears that only those ads that are promoting ICOs and other crypto projects will be vetted as usual by Facebook.
“While we will still require people to apply to run ads promoting cryptocurrency, starting today, we will narrow this policy to no longer require pre-approval for ads related to blockchain technology, industry news, education or events related to cryptocurrency,” the blog post read.
Back in October, Google also reversed its crypto ban for regulatory compliant exchanges after banning crypto ads along with a slew of other tech companies, such as LinkedIn and Snapchat.
Facebook’s crypto bet
Facebook had no choice but loosen its grip on crypto since it’s prepping to issue its own cryptocurrency that is supposed to become a major disruptor in the industry. Facebook’s foray into crypto is allegedly the reason why major institutions are becoming enthusiasticabout digital assets.
Source: U Today
We would’ve been talking about an extraordinarily low number of breached records this month if it hadn’t been for a string of incidents in India, another Facebook gaffe and a massive blunder in China, in which a series of companies exposed almost 600 million citizens’ CVs.
Still, April 2019 saw a not completely disastrous 1,334,488,724 breached records. That’s better than last month, bringing the annual total to 5.64 billion and reducing the monthly average to 1.46 billion.
Here’s the list in full:
- Criminal accesses personal data of faculty staff and students at Georgia Tech(1.3 million)
- Bangladesh Oil, Gas and Mineral Corporation’s website hacked hours after recovering from previous attack (unknown)
- Australian Signals Directorate confirms data was stolen in parliament IT breach(unknown)
- Massachusetts hospital caught in phishing scam (12,000)
- Hacker breached Minnesota state agency email (11,000)
- South Carolina’s Palmetto Health discloses phishing attack dating back to 2018(23,811)
- Phishing scam exposes personal data at Florida’s Clearway Pain Solutions Institute (35,000)
- Customer data stolen as website of Japanese luxury railway hit by cyber attack(8,000)
- Dakota County, MN, discloses breach after an employee’s email is hacked(1,000)
- Blue Cross of Idaho notifies members of privacy breach after thwarting financial fraud (5,600)
- Texas’s Questcare Medical Services investigating business email compromise attack (unknown)
- Ontario’s Stratford City Hall recovers from cyber attack (unknown)
- IT outsourcing and consulting giant Wipro hacked (unknown)
- Texas-based Metrocare Services discloses second breach in five months (5,290)
- California-based Centrelake Medical Group notifies patients of security incident(unknown)
- North Carolina’s Klaussner Furniture Industries notifies employees of security incident (9,352)
- Customers at US fast food retailer Chipotle say their accounts have been hacked (unknown)
- Minnesota’s Riverplace Counseling Center notifies patients after malware infection (11,639)
- Hacktivists attack UK police sites to protest arrest of Julian Assange (unknown)
- Texas-based EmCare says patient and employee data has been hacked (60,000)
- Idaho-based bodybuilding.com discloses employee-related data breach(unknown)
- Illinois dental insurer notifies members after phishing attack (unknown)
- Attackers breached Docker Hub, grabbed keys and tokens (190,000)
- Atlanta’s Woodruff Arts Center shuts down network amid security breach(unknown)
- University of Alaska discloses data breach that occurred more than a year ago(unknown)
- Magecart hackers steal data from Atlanta Hawks’ online shop (unknown)
- Genesee County, MI, government suffers ‘aggressive’ ransomware attack(unknown)
- Ransomware attack affects Women’s Health Care Group of PA (300,000)
- Greenville, NC, government’s systems knocked out by ransomware (unknown)
- Ransomware attack hits Garfield County, UT (unknown)
- Augusta, ME, hit by ransomware, forcing City Center to close (unknown)
- New Jersey-based paediatric orthopaedic surgeon hit by ransomware (unknown)
- Ransomware at Florida’s Stuart City Hall “more than likely” caused by phishing(unknown)
- Massachusetts-based medical billing services notifies patients of ransomware attack (unknown)
- Idaho’s Sugar-Salem School District 322 hit by ransomware during ISAT testing(unknown)
- Ransomware disables Cleveland airport’s email systems, information screens(unknown)
- Indian government leaves healthcare database exposed on web (12.5 million)
- West Yorkshire council data leak leaves couple who adopted abused children living in fear (2)
- History repeats itself as Facebook third-party apps expose users’ personal data(540 million)
- Canadian pension firm loses microfiche containing personal data (unknown)
- Crook swipes Winnipeg Regional Health Authority employee’s bag; patients’ records taken (75)
- VoterVoice exposes database containing ‘treasure trove’ of personal data(300,000)
- Ohio government accidentally leaks information of those seeking job, family services and health aid (993)
- Chinese companies responsible for massive data breach of CVs (590 million)
- Texas’s Weslaco Regional Rehabilitation Hospital discloses data breach(unknown)
- Russian hospital dumps medical waste, sensitive data in landfill site (unknown)
- UK’s Home Office sorry for EU citizen data breach (240)
- Pennsylvania’s Community College of Allegheny County discloses data breach(unknown)
- Patients at Toledo, OH, rehab hospital subject to data breach (unknown)
- Washington state-based RS Medical discloses incident that may have compromised patient information (unknown)
- Athens, OH, rehabilitation centre notifies patients after unauthorised access to network (20,485)
- Sensitive data found on hard disks may be India’s largest ever data breach (78 million)
- California-based LD Evans says it has only just learned about 2018’s Citrix vulnerability (631)
- India’s JustDial service is breaching users’ personal data in real time (100 million)
- Drug addicts’ personal data found in rehab centres’ unexposed databases (4.91 million)
- Researcher uncovers exposed personal data from Iranian ride-hailing app(6,772,269)
- Pennsylvania-based Partners for Quality discloses data breach (3,673)
- US health provider Inmediata discovers patients’ information was exposed on the web (unknown)
- ‘Horrendous’ privacy breach at Australia’s Centrelink sees clients’ names published on Facebook (unknown)
- Personal data of employees at Lauderdale County, MS, emailed to colleagues(100)
- US consumer commission warns of data breach affecting safety information(unknown)
- Almost $500,000 swiped in Tallahassee, FL, payroll hack (unknown)
- AeroGrow says hackers stole months of credit card data (unknown)
- Florida-based United Way of the Big Bend says tax payers’ info was stolen (64)
- KPMG faces fine of up to $1.6 million after leaking payroll data (41)
Malicious insiders and miscellaneous incidents
- Former IT aide to New Hampshire senator caught keylogging (unknown)
- Employee at Cleveland’s University Hospital accidentally shared patients’ health info (840)
- University of Toledo counsellor fired after allegedly disclosing a student’s PTSD(1)
- Maine’s Acadia Hospital mistakenly release confidential information of Suboxone patients (300)
- Employee at California’s St. Boniface Hospital “inappropriately” viewed patient records (38)
In other news…
- USB stick containing sensitive data (and the movie Gone Girl) discovered during manslaughter trial (6,385)
- Barking resident jailed for blackmailing porn watchers (unknown)
- Source code of Iranian cyber-espionage tools leaked on Telegram (unknown)
- Supply chain hackers snuck malware into video games (unknown)
Source: IT Governanace
Cybersecurity issues are becoming a day-to-day struggle for businesses. Trends show a huge increase in hacked and breached data from sources that are increasingly common in the workplace, like mobile and IoT devices.
Additionally, recent research suggests that most companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data loss.
We’ve compiled 60 cybersecurity statistics to give you a better idea of the current state of overall security, and paint a picture of how potentially dire leaving your company unsecure can be.
Data Breaches by the Numbers
The increasing amount of large-scale, well-publicized breaches suggests that not only are the number of security breaches going up — they’re increasing in severity, as well.
- In 2016, 3 billion Yahoo accounts were hacked in one of the biggest breaches of all time. (Oath.com)
- In 2016, Uber reported that hackers stole the information of over 57 million riders and drivers. (Uber)
- In 2017, 412 million user accounts were stolen from Friendfinder’s sites. (LeakedSource)
- In 2017, 147.9 million consumers were affected by the Equifax Breach. (Equifax)
- According to 2017 statistics, there are over 130 large-scale, targeted breaches in the U.S. per year, and that number is growing by 27 percent per year. (Accenture)
- Thirty-one percent of organizations have experienced cyber attacks on operational technology infrastructure. (Cisco)
- 100,000 groups in at least 150 countries and more than 400,000 machines were infected by the Wannacry virus in 2017, at a total cost of around $4 billion. (Malware Tech Blog)
- Attacks involving cryptojacking increased by 8,500 percent in 2017. (Symantec)
- In 2017, 5.4 billion attacks by the WannaCry virus were blocked. (Symantec)
- There are around 24,000 malicious mobile apps blocked every day. (Symantec)
- In 2017, the average number of breached records by country was 24,089. The nation with the most breaches annually was India with over 33k files; the US had 28.5k. (Ponemon Institute’s 2017 Cost of Data Breach Study)
- In 2018, Under Armor reported that its “My Fitness Pal” was hacked, affecting 150 million users. (Under Armor)
- Between January 1, 2005 and April 18, 2018 there have been 8,854 recorded breaches. (ID Theft Resource Center)
Average expenditures on cybercrime are increasing dramatically, and costs associated with these crimes can be crippling to companies who have not made cybersecurity part of their regular budget.
- In 2017, cyber crime costs accelerated with organizations spending nearly 23 percent more than 2016 — on average about $11.7 million. (Accenture)
- The average cost of a malware attack on a company is $2.4 million. (Accenture)
- The average cost in time of a malware attack is 50 days. (Accenture)
- From 2016 to 2017 there was an 22.7 percentage increase in cybersecurity costs. (Accenture)
- The average global cost of cyber crime increased by over 27 percent in 2017. (Accenture)
- The most expensive component of a cyber attack is information loss, which represents 43 percent of costs. (Accenture)
- Ransomware damage costs exceed $5 billion in 2017, 15 times the cost in 2015. (CSO Online)
- The Equifax breach cost the company over $4 billion in total. (Time Magazine)
- The average cost per lost or stolen records per individual is $141 — but that cost varies per country. Breaches are most expensive in the United States ($225) and Canada ($190). (Ponemon Institute’s 2017 Cost of Data Breach Study)
- In companies with over 50k compromised records, the average cost of a data breach is $6.3 million. (Ponemon Institute’s 2017 Cost of Data Breach Study)
- Including turnover of customers, increased customer acquisition activities, reputation losses and diminished goodwill the cost of lost business globally was highest for U.S. companies at $4.13 million per company. (Ponemon Institute’s 2017 Cost of Data Breach Study)
- Damage related to cybercrime is projected to hit $6 trillion annually by 2021. (Cybersecurity Ventures)
Cybersecurity Facts and Figures
It’s crucial to have a grasp on the general landscape of metrics surrounding cybersecurity issues, including what the most common types of attacks are and where they come from.
- Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The United States ranks highest with 18.2 percent of all ransomware attacks. (Symantec)
- Trojan horse virus Ramnit largely affected the financial sector in 2017, accounting for 53 percent of attacks. (Cisco)
- Most malicious domains, about 60 percent, are associated with spam campaigns. (Cisco)
- Seventy-four percent of companies have over 1,000 stale sensitive files. (Varonis)
- Malware and web-based attacks are the two most costly attack types — companies spent an average of US $2.4 million in defense. (Accenture)
- The financial services industry takes in the highest cost from cyber crime at an average of $18.3m per company surveyed. (Accenture)
- Microsoft Office formats such as Word, PowerPoint and Excel make up the most prevalent group of malicious file extensions at 38 percent of the total. (Cisco)
- About 20 percent of malicious domains are very new and used around 1 week after they are registered. (Cisco)
- Over 20 percent of cyber attacks in 2017 came from China, 11 percent from the US and 6 percent from the Russian Federation. (Symantec)
- The app categories with most cybersecurity issues are lifestyle apps, which account for 27 percent of malicious apps. Music and audio apps account for 20 percent. (Symantec)
- The information that apps most often leak are phone numbers (63 percent) and device location (37 percent). (Symantec)
- In 2017, spear-phishing emails were the most widely used infection vector, employed by 71 percent of those groups that staged cyber attacks. (Symantec)
- Between 2015 and 2017, the U.S. was the country most affected by targeted cyber attacks with 303 known large-scale attacks. (Symantec)
- In 2017, overall malware variants were up by 88 percent. (Symantec)
- Among the top 10 malware detections were Heur.AdvML.C 23,335,068 27.5 2 Heur.AdvML.B 10,408,782 12.3 3 and JS.Downloader 2,645,965 3.1 (Symantec)
- By 2020, the estimated number of passwords used by humans and machines worldwide will grow to 300 billion. (Cybersecurity Media)
With new threats emerging every day, the risks of not securing files is more dangerous than ever, especially for companies.
- 21 percent of all files are not protected in any way. (Varonis)
- 41 percent of companies have over 1,000 sensitive files including credit card numbers and health records left unprotected. (Varonis)
- 70 percent of organizations say that they believe their security risk increased significantly in 2017. (Ponemon Institute’s 2017 Cost of Data Breach Study)
- 69 percent of organizations don’t believe the threats they’re seeing can be blocked by their anti-virus software. (Ponemon Institute’s 2017 Cost of Data Breach Study)
- Nearly half of the security risk that organizations face stems from having multiple security vendors and products. (Cisco)
- 7 out of 10 organizations say their security risk increased significantly in 2017. (Ponemon Institute’s 2017 Cost of Data Breach Study)
- 65 percent of companies have over 500 users who never are never prompted to change their passwords. (Varonis)
- Ransomware attacks are growing more than 350 percent annually. (Cisco)
- IoT attacks were up 600 percent in 2017. (Symantec)
- The industry with the highest number of attacks by ransomware is the healthcare industry. Attacks will quadruple by 2020. (CSO Online)
- 61 percent of breach victims in 2017 were businesses with under 1,000 employees. (Verizon)
- Ransomware damage costs will rise to $11.5 billion in 2019 and a business will fall victim to a ransomware attack every 14 seconds at that time. (Cybersecurity Ventures)
- Variants of mobile malware increased by 54 percent in 2017. (Symantec)
- Today, 1 in 13 web requests lead to malware (Up 3 percent from 2016). (Symantec)
- 2017 represented an 80 percent increase in new malware on Mac computers. (Symantec)
- In 2017 there was a 13 percent overall increase in reported system vulnerabilities. (Symantec)
- 2017 brought a 29 percent Increase in industrial control system–related vulnerabilities. (Symantec)
- By 2020, we expect IT analysts covering cybersecurity will be predicting five-year spending forecasts (to 2025) at well over $1 trillion. (Cybersecurity Ventures)
- The United States and the Middle East spend the most on post-data breach response. Costs in the U.S. were $1.56 million and $1.43 million in the Middle East. (Ponemon Institute’s 2017 Cost of Data Breach Study)
There’s no question that the situation with cybercrime is dire. Luckily, by assessing your business’s cybersecurity risk, making with company-wide changes and improving overall security behavior, it’s possible to protect your business from most data breaches.
Make sure you’ve done everything you can do to avoid your company becoming a victim to an attack. The time to change the culture toward improved cybersecurity is now.
Just as 4G networks led to the ubiquity of the smartphone and other smart devices, 5G networks will lead to the rise of billions of new devices connected to the Internet, all talking with one another at incredibly fast speeds with remarkably low latency. This will open up vast new possibilities for consumers, businesses and society as a whole – everything from self-driving cars on the road to the ability for doctors to conduct remote surgery from anyplace in the world.
Verizon 5G keynote at CES
At the 2019 CES in Las Vegas, for example, Verizon CEO Hans Vestberg laid out a compelling vision for 5G, noting that it would help to bring about “the Fourth Industrial Revolution.” There are many technologies today powering this Fourth Industrial Revolution – everything from artificial intelligence and robotics to the Internet of Things (IoT) and virtual reality – and all of them are being given a push forward by 5G. AI, for example, is making it possible to create self-driving cars, while the IoT is making it possible for smart devices to become ubiquitous, both in the home and within the enterprise.
To highlight the various ways that Verizon is already starting to make this 5G future a reality, Vestberg invited a number of key technology partners on stage with himself, including top executives from the New York Times, Walt Disney Studios, and drone company Skyward to showcase some of their best 5G projects. The New York Times, for example, is the middle of creating a new 5G journalism lab to support data-intensive technologies such as VR and AR, while Skyward is making it possible to control as many as one million drones from anywhere in the world. (And, indeed, during his CES keynote, Vestberg piloted a drone based in Los Angeles while on stage in Las Vegas)
Cybersecurity concerns in the 5G world
And, yet, this exciting new 5G world will encounter its own share of cybersecurity challenges. Hackers and cybercriminals in the world will still look for ways to access user data and profit from it. With billions of devices connected to the Internet, they will have an incredibly large attack surface in which it will be much easier to find the proverbial “weakest link” in the security chain. Geoffrey R. Morgan, Founding Partner at Fairchild Morgan Law, suggests that, “The exponential increase in speed, density and efficiency afforded by 5G technology will cause a dramatic rise in cybersecurity concerns, particularly by those industries that are among the first to utilize it.”
Moreover, the ability of hackers to cause harm and destruction will also mount exponentially. In today’s 4G world, a huge botnet formed by hacking into user devices in the home could be used to mount large-scale DDOS attacks on websites; in tomorrow’s 5G world, that same botnet could be used to take out an entire network of self-driving cars in a single city, leading to mayhem on the roads.
Obviously, then, cybersecurity is just as much a concern in the 5G world as it is in the 4G world – and perhaps more so. Vast amounts of remote sensors and smart devices hooked up to global supply chains, for example, will radically increase the complexity of securing corporate networks from intruders and cyber criminals. And the sheer amount of data being created by 5G networks will make it much more difficult to spot anomalies in user behavior resulting from hackers. According to one estimate, for example, the data output of a single autonomous vehicle in one day will equal the daily output of 3,000 people.
The 8 currencies of 5G
The good news is that 5G is still so new that there is time to make security a priority. That, says Verizon CEO Hans Vestberg, is one reason why the company has come up with the idea of 8 “currencies” for 5G. These currencies – peak data rate, mobile data volume, mobility, connected devices, energy efficiency, service deployment, reliability and latency – all represent key features of the Verizon 5G network that make it completely unlike anything we’ve seen before. For example, “peak data rate” refers to the ability to generate speeds of up to 10 Gbps, while “mobility” refers to the ability to stay connected while moving at speeds of up to 500 km/hour.
In the 3G and 4G world, the way that companies thought about their networks was in terms of two simple currencies: speed and throughput. In other words, how fast can you make uploads and downloads, and how much volume can your network handle at any point in time? But in a 5G world, companies need to expand their thinking from two currencies to eight currencies. Doctors and healthcare professionals, for example, place a tremendous value on “latency”: when they are doing remote surgeries, it is absolutely critical that end-to-end latency is as close to zero as possible. And, given the challenges posed by climate change, enterprises are much more aware of the value of the “energy efficiency” currency when it comes to 5G networks.
Using the 8 currencies of 5G to power future cybersecurity innovations
By taking this big picture view, it is possible to consider how the 8 currencies of 5G will have a positive impact on how we address cybersecurity issues in the future. Since 5G is not simply a faster version of 4G, but rather, an entirely new network architecture, it opens the door to entirely new security models for user privacy, identity management, and threat detection. For example, Hed Kovetz, CEO & Co-founder at Silverfort, notes that, “The 5G system incorporates secure identity management for identifying and authenticating users to ensure that only the genuine user can access services. Its new authentication framework enables mobile operators to choose authentication credentials, identifier formats and authentication methods for users and IoT devices.”
Moreover, the “mobility” currency, or the ability to stay connected while traveling at very fast speeds, means that it might be possible to create virtual security environments that travel with us as we move from point to point, regardless of which device we use, through the use of virtualization and cloud technologies. In fact, Robert Arandjelovic, Director of Product Marketing (Americas) at Symantec, suggests that, “A transition to 5G could lead to the complete obsolescence of the network perimeter. With the growth in cloud services and applications, the erosion of that perimeter has already begun… In a hyper-connected, non-perimeter world, the cloud and the endpoint become the new place where security technologies can be deployed to keep people safe.”
The “mobile data volume” currency means that emerging technologies that rely on vast amounts of data – such as machine learning and artificial intelligence – can now be deployed to create new AI-powered cybersecurity solutions. One idea that is gaining traction, for example, is using AI to spot anomalies in user and system behavior. This acts as a form of automated threat detection and mitigation, and helps to reduce the current dependence of 4G networks on user names and passwords as a way to keep users safe.
In many ways, AI cybersecurity solutions would benefit greatly from 5G. Aaron Bugal, Global Solutions Engineer at Sophos, notes that, “5G connectivity could help the way in which information integral to making a security decision is transported to the automated processes and people who need it. An example of this would be the ongoing benefit to artificial intelligence platforms that will only work best when they have as much information as possible to digest and learn from. Especially when they’re tasked with identifying unusual behavior across an organization, most of these platforms feed off data local to them, with devices that are remote or mobile unable to properly feed (upload) to these systems and typically exposing a short fall in awareness. 5G could unlock more data to get to an AI security platform in a shorter time and allow for best understanding of the organization and faster and accurate prediction of a security event.”
Cybersecurity and Verizon’s “Built on 5G” challenge
To help innovators come up with new 5G cybersecurity solutions, Verizon has launched a “Built on 5G Challenge” that offers a $1 million prize for a truly unique idea that builds on top of the 8 currencies of 5G. The “Built on 5G Challenge” will begin accepting submissions in April, with the winning team announced during Mobile World Congress Americas in October. For security researchers around the world, this could become a unique opportunity to make cybersecurity an enabling technology, rather than simply a “tax” on innovation. If the New York Times and Walt Disney Studios are creating their own showcase 5G labs, why can’t cybersecurity researchers also create their own 5G labs and launch innovative new products that use 5G?
Clearly, there is enormous potential for 5G to change how we address cybersecurity issues in the future. Many of the best technologies today – especially artificial intelligence – can be fully leveraged on these super-fast, low-latency 5G networks. As Verizon CEO Hans Vestberg noted at CES, “5G will change everything.” And that, of course, includes cybersecurity.
Thank you to Verizon Wireless for sponsoring this post
THE NATIONAL SECURITY Agency develops advanced hacking tools in-house for both offense and defense—which you could probably guess even if some notable examples hadn’t leaked in recent years. But on Tuesday at the RSA security conference in San Francisco, the agency demonstrated Ghidra, a refined internal tool that it has chosen to open source. And while NSA cybersecurity adviser Rob Joyce called the tool a “contribution to the nation’s cybersecurity community” in announcing it at RSA, it will no doubt be used far beyond the United States.
You can’t use Ghidra to hack devices; it’s instead a reverse-engineering platform used to take “compiled,” deployed software and “decompile” it. In other words, it transforms the ones and zeros that computers understand back into a human-readable structure, logic, and set of commands that reveal what the software you churn through it does. Reverse engineering is a crucial process for malware analysts and threat intelligence researchers, because it allows them to work backward from software they discover in the wild—like malware being used to carry out attacks—to understand how it works, what its capabilities are, and who wrote it or where it came from. Reverse engineering is also an important way for defenders to check their own code for weaknesses and confirm that it works as intended.
“If you’ve done software reverse engineering, what you’ve found out is it’s both art and science; there’s not a hard path from the beginning to the end,” Joyce said. “Ghidra is a software reverse-engineering tool built for our internal use at NSA. We’re not claiming that this is the one that’s going to be replacing everything out there—it’s not. But it helped us address some things in our workflow.”
“There’s really no downside.”
FORMER NSA HACKER DAVE AITEL
Similar reverse-engineering products exist on the market, including a popular disassembler and debugger called IDA. But Joyce emphasized that the NSA has been developing Ghidra for years, with its own real-world priorities and needs in mind, which makes it a powerful and particularly usable tool. Products like IDA also cost money, whereas making Ghidra open source marks the first time that a tool of its caliber will be available for free—a major contribution in training the next generation of cybersecurity defenders. (Like other open source code, though, expect it to have some bugs.) Joyce also noted that the NSA views the release of Ghidra as a sort of recruiting strategy, making it easier for new hires to enter the NSA at a higher level or for cleared contractors to lend their expertise without needing to first come up to speed on the tool.
The NSA announced Joyce’s RSA talk, and Ghidra’s imminent release, in early January. But knowledge of the tool was already public thanks to WikiLeaks’ March 2017 “Vault 7” disclosure, which discussed a number of hacking tools used by the CIA and repeatedly referenced Ghidra as a reverse-engineering tool created by the NSA. The actual code hadn’t seen the light of day, though, until Tuesday—all 1.2 million lines of it. Ghidra runs on Windows, MacOS, and Linux and has all the components security researchers would expect. But Joyce emphasized the tool’s customizability. It is also designed to facilitate collaborative work among multiple people on the same reversing project—a concept that isn’t as much of a priority in other platforms.
Ghidra also has user-interface touches and features meant to make reversing as easy as possible, given how tedious and generally challenging it can be. Joyce’s personal favorite? An undo/redo mechanism that allows users to try out theories about how the code they are analyzing may work, with an easy way to go back a few steps if the idea doesn’t pan out.
The NSA has made other code open source over the years, like its Security-Enhanced Linux and Security-Enhanced Android initiatives. But Ghidra seems to speak more directly to the discourse and tension at the heart of cybersecurity right now. By being free and readily available, it will likely proliferate and could inform both defense and offense in unforeseen ways. If it seems like releasing the tool could give malicious hackers an advantage in figuring out how to evade the NSA, though Dave Aitel, a former NSA researcher who is now chief security technology officer at the secure infrastructure firm Cyxtera, said that that isn’t a concern.
“Malware authors already know how to make it annoying to reverse their code,” Aitel said. “There’s really no downside” to releasing Ghidra.
No matter what comes next for the NSA’s powerful reversing tool, Joyce emphasized on Tuesday that it is an earnest contribution to the community of cybersecurity defenders—and that conspiracy theorists can rest easy. “There’s no backdoor in Ghidra,” he said. “Come on, no backdoor. On the record. Scout’s honor.”
A serious Apple iOS bug has been discovered that allows FaceTime users to access the microphone and front facing camera of who they are calling even if the person does not answer the call.
To use this bug, a caller would FaceTime another person who has an iOS device and before the recipient answers, add themselves as an additional contact to Group FaceTime. This will cause the microphone of the person you are calling to turn on and allow the caller to listen to what is happening in the room. Even worse, if the person that is being called presses the power button to mute the FaceTime call, the front facing caSecuritymera would turn on as well.
BleepingComputer has tested and confirmed that this bug works in iOS 12.1.2 and we were able to hear and see the person. When testing it against an Apple Watch, though, we were not able to get the audio portion of the bug to work.
While it is not known who first discovered this bug, numerous people have been posting about it on social media and making video demonstrations as shown below.
When 9to5Mac first reported on the bug, they were only able to get the microphone snooping working. Later, BuzzFeed reported that they could also access the front facing camera and that Apple stated that they are “aware of this issue and we have identified a fix that will be released in a software update later this week.
Natalie Silvanovich, a Google Project Zero security researcher who has discovered numerous FaceTime issues in the past, has a theory as to how this could be happening.
Theory: FaceTime stores call participants in a list that doesn’t allow duplicates, and uses the indexes for signalling. When the caller is added a second time, the entry at index 1 is set to answered, with the expectation that it is the caller …https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/ …
For those who are rightfully concerned about this bug, my suggestion is that you disable FaceTime immediately until Apple releases a patch. Otherwise, people can not only listen in on what you are doing, but in some cases also see what you are doing. This could allow people to take compromising videos and audio without your knowledge.
To disable FaceTime you can follow these steps:
- Go into Settings
- Tap FaceTime
- Now toggle the FaceTime switch so that it is disabled and your screens looks like the following.
Now that FaceTime is disabled, callers will be unable to utilize this bug to listen and watch you without your permission through FaceTime.
Source: Bleeping Computer