August 4, 2023
- CYBERSECURITY HEADLINES TODAY -
Potential WeChat Ban on Australian Government Devices
NATO Tech Funding, Apple Kernel Flaw CVE 2023-38606
New Apple Vulnerability: Device Owner Call To Action
Apple CVE, Operation Triangulation Take Two - Apple Gadgets Exploited in Data Stealing Operation?
This Day, August 4, 5 in Tech History
In this Episode:
Mark Miller: Today is August 4th and it’s our 200th episode at “It’s 5:05”. So we have something special planned. This is Executive Producer, Mark Miller. In addition to our regular format, we are extending the show today to include “The Story of the Week”, where four of our journalists examine the same topic from different viewpoints.
With Apple’s announcement of a critical exploit in it’s kernel prior to 15.7.1, Tracy Bannon, Katy Craig, Olimpiu Pop, and Marcel Brown will give you their individual takes on this known vulnerability and what you can do about it.
It’s a new format for us, so let us know what you think.
Thanks for joining us for our 200th episode. Here’s to the next 200.
Marcel Brown: August 4th, 2007. NASA launches the Mars Phoenix lander. Phoenix would become the first spacecraft to land on the Martian arctic surface. Its mission was to dig for ice and assess if the Martian arctic ever had conditions that could have supported life.
Edwin Kwan: A senate committee investigating interference in Australia by foreign powers through social media have released a report this week, which found that TikTok and WeChat could be the country’s biggest security risk.
Hillary Coover: NATO just launched a €1 billion fund to support defense and security startups, benefiting its member countries during the ongoing Ukraine conflict.
From Sourced Network Productions in Washington, DC, it’s 5:05. I’m Hillary Coover. Today is Tuesday, August 4th, 2023. Here’s the full story behind today’s cybersecurity and open source headlines.
Edwin Kwan: Potential WeChat Ban on Australian Government Devices
This is Edwin Kwan from Sydney, Australia.
A senate committee investigating interference in Australia by foreign powers through social media have released a report this week, which found that TikTok and WeChat could be the country’s biggest security risk. The report made 17 recommendations, including introducing new regulation to ensure all platforms operate under transparency requirements or be banned from use across the country.
TikTok was banned earlier this year on Australian government devices over fears the app’s security was compromised and the app could be used for foreign interference. This is because it was found that China-based employees can and have accessed Australian user data and can manipulate content algorithms. However, TikTok is unable to tell how often the data was accessed, despite initially suggesting that the information was logged.
WeChat was found to pose similar data security and foreign interference risks. One of the committee recommendations is to also ban the application on government devices.
– Report on foreign interference through social media handed down, TikTok and WeChat put on notice – ABC News
– NATO Is Ready To Start Writing Checks To Security And Defense Startups From Its New $1.1B Fund
Hillary Coover: NATO Tech Funding
NATO just launched a €1 billion fund to support defense and security startups, benefiting its member countries during the ongoing Ukraine conflict.
Hi, this is Hillary Coover in Washington, DC.
With €1 billion in funding and access to 23 NATO member markets, defense technology startups can accelerate their growth and impact.
It’s no secret that defense technology startups often struggle to get funding. NATO’s fund changes that by injecting massive capital into the industry. With a 15-year timeframe, this fund creates a supportive ecosystem for new technologies to thrive. Ambitious entrepreneurs worldwide have the chance to transform security and protect 1 billion citizens.
For more, check us out on 505updates.com.
Story of the Week: Apple Vulnerability Announcement
And now, our story of the week featuring Trac Bannon, Olimpiu Pop, Katy Craig, and Marcel Brown with their perspectives on the current Apple vulnerability announcement. We’ll start with Katy Craig.
Katy Craig: Apple Kernel Flaw CVE 2023-38606
Apple recently disclosed a significant vulnerability that was potentially actively exploited in versions of iOS prior to version 15.7.1, and it’s a kernel vulnerability.
This is Katy Craig in San Diego, California.
For those unacquainted with the term, the kernel is a crucial component of any operating system. It’s the bridge between applications and the actual data processing done at the hardware level. In simple terms, it’s the operating system’s core that oversees everything within your system.
If an app is able to modify sensitive kernel states, the implications can be severe. It’s akin to giving an unknown entity unrestricted access to the most critical aspects of your operating system. From there, the scope for potential damage or unauthorized access is extensive, to say the least.
Apple’s acknowledgement that this issue may have been actively exploited is equally significant. This is not a theoretical vulnerability, but one that could potentially have real-world impacts on millions of iOS users.
The positive note here is Apple’s responsiveness. They address this vulnerability in the recent iOS 16.6 update, so it’s crucial for all users to update their devices to this version or newer to mitigate the risk.
To learn more about this story, listen to Oli and Trac’s reports.
This is Katy Craig, stay safe out there.
– NVD – CVE-2023-38606
Trac Bannon: New Apple Vulnerability: Device Owner Call To Action
Apple is responding quickly to a vulnerability with a CVSS score rating of 5.5. That translates to a medium severity. The 5:05 cybersecurity journalists have been monitoring it since it was initially reported and still awaiting analysis. Given the widespread use of Apple products, we’ve decided to cover this kernel of vulnerability.
Exactly what does this mean for folks who have Apple Tech?
Hello, this is Trac Bannon reporting from Camp Hill, Pennsylvania.
The vulnerability is named CVE-2023-38606, and it gives the bad guys the potential to fiddle with Apple’s iOS operating system. If successful, an attacker could take control of the device’s camera and microphone, track the device’s location, install malware, steal sensitive data, or even brick the device.
Never heard of the term “brick a device?” It means the device is completely unusable, or about as useful as a brick.
What should you do?
Users should update their devices to the latest version of the operating system as soon as possible. Apple has been blazingly fast in issuing patches. To check your version, go to Settings > General > About. The version number will be listed under “Software Version.”
With all the different vulnerabilities being discovered, here are a few device hygiene tips:
-the obvious starter is to keep your device’s operating system up to date.
– Only install apps from trusted sources.
– Be careful about what links you click on and what files you open.
– Use a strong password and change it regularly.
– Keep your device’s firmware up to date. Firmware updates often include security patches that can help protect your device from being bricked and back up your data regularly. You’ll never know when you may need to recover it.
These actions will help you avoid having to use your very expensive device as a paperweight.
To learn more about this CVE, listen to today’s reports.. All of us will give you something to noodle on.
– NVD – CVE-2023-38606
– How to Fix a Bricked iPhone or iPad in 2023 – Dr.Buho
Marcel Brown: Apple CVE
Apple recently released several updates for virtually all their operating systems, ranging back a couple of versions, in order to fix a vulnerability, where an app may be able to modify sensitive kernel state. Apparently it’s an urgent fix, but as a small business or individual user, should you be concerned?
This is Marcel Brown, reporting from St. Louis, Missouri.
CVE-2023-38606 is the technical identifier for the vulnerability that is superficially described by Apple as a security update for the kernel in their operating systems, in which an app may be able to modify sensitive kernel state. Additionally, they report that the issue was addressed with improved state management. While technically accurate, upon further investigation, it does not detail that this “vulnerability” was part of the so-called “Operation Triangulation Campaign” that was discovered and publicized by Russian Security Firm, Kaspersky, in June of this year.
If you’re not aware, this malware campaign appears to have been targeted at government officials, primarily in Russia, and senior employees of Kaspersky. It appears that the campaign has been active since 2019. So for those of us who are not government officials or high-level employees of security companies, should we be concerned?
First off, if we follow best practices for technology security, we should go ahead and update our Apple devices with the latest operating systems as soon as possible. This will effectively end the threat from this malware campaign. That being said, updating now does not help if our devices had been targeted for this malware.
In theory, the malware would’ve been able to send sensitive information from targeted devices to the perpetrators of the attacks. There is no real way to know if a device was targeted without going through an elaborate process of creating an offline backup of a device and doing a forensic examination.
The good news is that while this sounds very dire, the reality is that these types of attacks are usually very targeted to high-value individuals, such as government officials, dissidents, corporate executives, and reporters who have very sensitive information. This is similar to the recent Microsoft hack that was directed at email accounts of certain US government officials.
Those who are using the attacks want to keep them secret so that the underlying vulnerabilities they are taking advantage of are not discovered and patched. Therefore, these types of vulnerabilities are not exploited in a widespread manner because they are often extremely technically complex to pull off at all, let alone covertly. Secondly, because those who discover and exploit the vulnerabilities do not publicize them among hacking or criminal circles. Therefore, the average individual out there should not be overly concerned that they were targeted by the operation triangulation attacks.
If one is following good security practices by protecting their data correctly and monitoring important accounts, the risk is minimal. But again, do make sure to update to the latest versions of the operating systems of your Apple devices, including iPhones, iPads, Macintosh, Apple TV, and the Apple Watch.
Olimpiu Pop: Operation Triangulation Take Two – Apple Gadgets Exploited in Data Stealing Operation?
An app might be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against version of iOS released before iOS 15.7.1. Read the advisory published by Apple.
Yeah, I know. Just another vulnerability. What’s unique about this one? Kernel vulnerabilities are tough to detect to their high complexity, privileged system access, and a diversity of kernels across various systems. Additionally, a lack of effective debugging tools and the kernel’s concealed nature due to security protocols, add to the difficulty of finding vulnerabilities. Hence, uncovering these vulnerabilities poses a significant challenge in the field of cybersecurity.
Kernel vulnerabilities are extremely hazardous because they might offer hackers root access, leading to potential total system control. This could result in significant data breaches, privacy violations, and widespread system disruptions.
Corroborating this with a variety of devices that might be affected- tablets, TVs, laptops, and watches. It might be the perfect spy tool. It seems that we might not be far from the truth.
According to Kaspersky’s researchers, it is yet another zero-day vulnerability exploited in Operation Triangulation. Soon after the disclosure of the operation, Russia’s FSB accused the US intelligence of the attacks against thousands of iPhones belonging to diplomatic personnel. Strange enough, the operation targeted diplomats from Israel, China, and Syria, but also NATO countries.
Worried about the gadgets in your pockets, on your wrist, or in the living room? Listen to the full episode to complete this picture with Katy and Trac’s segments.
Olimpiu Pop, reported from Transylvania, Romania.
Marcel Brown: This Day, August 4, 5 in Tech History
This is Marcel Brown for August 4th and August 5th.
August 4th, 2007. NASA launches the Mars Phoenix lander. Phoenix would become the first spacecraft to land on the Martian arctic surface. Its mission was to dig for ice and assess if the Martian arctic ever had conditions that could have supported life.
August 5th, 1858. After four failed attempts, American Merchant, Cyrus West Field, succeeds in completing the first successful Transatlantic telegraph cable, completed approximately two months after construction began. The cable was only operational for just over a month. However, this cable proved the feasibility of transatlantic communications and Cyrus West Field raised new funds to complete the first permanent telegraph line in 1866.
That’s your technology history for today. For more, tune in next week and visit my website thisdayintechhistory.com.
That’s our update for today, August 4th, 2023. I’m Hillary Coover. We’ll be back on Monday… at 5:05.