news220909

FFT news digest Sep 9 2022

Apple

The latest version of Apple's iPhone operating system is due to be released on Monday. We would respectfully suggest waiting a while before installing it. iOS 16 is a major update with a completely redesigned lock screen and significant changes to the Messages app that will allow edits to be made up to 15 minutes after a message is sent. These are just some of the radical changes in iOS 16 which, experience teaches, will almost certainly bring with them unanticipated and unwelcome issues. When you do decide to install it, be prepared for your iPhone to run out of battery more quickly while it does the internal housekeeping required by a major update. And iPad users won't get the new version immediately but will have to wait until later in the year.

This week, Apple also announced the details of its latest iPhone line-up. The iPhone 14 range will look much like the previous version but promises better battery life and an 'always-on' display. Possibly the most significant feature will be the addition of limited satellite connectivity which presages Apple's ambitions in space. Initially, these will focus on tracking functionality and emergency messaging but some commentators believe its ultimate aspiration is to build a global cellular communication system using satellites as cell towers. This requires so many building blocks to fall in place that we're sceptical whether it will ever happen but it will be fascinating to watch Apple try.

Statistic of the week probably comes from Apple's iPhone 14 event where it was revealed that 3 trillion photos were taken on iPhones last year. It's a figure 70,000 people watching a feed on YouTube would have missed. That's because what they thought was an official interview with Apple boss, Tim Cook, was actually a fake stream created from a chat with CNN. Predictably, the point of the feed was to push crypto currency scams.

Threats

Linux: Attackers are increasingly targeting the Linux operating system, particularly instances used in cloud platforms and servers. Trend Micro

MFA: It's crucial that users are aware of the increasingly common scam designed to defeat multi-factor authentication. Resecurity has spotted a kit being sold on the dark web that simplifies the process, effectively making it available to anyone. Any link that requests the user to log in to a corporate service should be treated with caution.

WhatsApp: A venerable old scam has returned with a new lease of life. It takes the form of a warning to WhatsApp users about a video (titled 'Martinelli') that if opened will hack smartphones. It's a silly hoax. Simply ignore! AFP

Schools: The US government has urged educational establishments to be on their guard following a surge in ransomware attacks.

Sextortion: Interpol is warning about what it describes as a "dramatic increase in digital extortion threats." The #YouMayBeNext campaign focusses on sextortion, ransomware and Distributed Denial of Service (DDoS) attacks.

Facebook Business: Fraudsters have been identifying potential Facebook Business/Ads users on LinkedIn, and sending them a message inviting them to open an attachment. Doing so installs malicious software designed to extract stored Facebook 'session cookies' which enable the scumbags to hijack the account. WithSecure

Iran

The US and the UK have condemned Iran for a far-reaching cyber attack on Albania which destroyed data, shut down a government web portal, and leaked details about the prime minister and foreign ministry. The White House said the US "would take further action to hold Iran accountable for actions that threaten the security of a US ally and set a troubling precedent for cyberspace." Albania has cut off diplomatic relations with Iran, despite denials from Teheran that it had anything to do with the attacks. Its denial would be more credible if it weren't for Iran's track record in the use of cyber weapons. Only this week, Mandiant identified a new Iranian threat group that it says has targeted organisations and individuals with Android spyware.

Shutdown

An international law enforcement operation has shut down an online criminal marketplace that specialised in the sale of stolen login credentials and other personal information. The closure of WT1SHOP reveals the ludicrous scale of the market in stolen credentials. According to the US Department of Justice, WT1SHOP had over 5.85 million records of personally identifying information, including approximately 25,000 scanned driver's licenses/passports, 1.7 million login credentials for various online shops, 108,000 bank accounts, and 21,800 credit cards. A year ago, a law enforcement operation closed a similar, even bigger marketplace.

In brief

Choked: "Russia is being throttled by a severe technology deficit inflicted by sanctions," according to Politico. It says it's seen a shopping list of high-tech items that the Kremlin is trying to procure, most of them semi-conductors.

Uyghur: A previously undocumented strain of Android spyware has been found disguised as a book written by the exiled Uyghur leader, Dolkun Isa. Cyble

TikTok: There have been widespread reports that the social platform suffered a breach affecting "2 billion data records." As so often with cybersecurity news, the truth is more complex. TikTok has flatly denied the report and the source of the original claim has been deleted. It's possible some data has been lost but it's nowhere near as dramatic as originally suggested. Now who might want to undermine TikTok...

Maritime: ZDNet examines the cybersecurity risk to the maritime supply chain. Its view; it's an overlooked risk that could create "an ocean of trouble."

Cleaner: A man employed as a cleaner in Israeli Defence Minister Benny Gantz's home has been sentenced to three years' prison for attempting to spy for Iran-linked hackers. AFP

IHG: InterContinental Hotels Group says its systems have been "significantly disrupted " by a cyber attack. It's the second significant incident to hit the group in five years.