Chinese Malware, a Year in Review of Zero-day Exploits, a Ransomware Study, and Listener Questions
Aug 10, 2023
auto_awesome
US hunts Chinese malware, year in review of zero-day exploits, study finds no evidence of cyber insurance payment trends, Tenable CEO accuses Microsoft of negligence, listener questions from Greece, Holland, and a new NSA hacker
01:18:53
AI Summary
AI Chapters
Episode notes
auto_awesome
Podcast summary created with Snipd AI
Quick takeaways
Being blacklisted by the US can have severe consequences for companies, especially in terms of doing business with US entities, potentially leading to loss of contracts and credibility.
An AI-based deep learning model has been developed that can steal keystroke data by listening to the sound of keyboard strokes through nearby microphones, posing a potential privacy and security threat in open office environments or during online meetings.
SMS traffic pumping fraud is a scheme where fraudsters generate charges for service providers by using paid subscriptions or phone numbers to receive SMS notifications, which can result in significant financial losses for businesses.
Deep dives
US blacklists companies for dealing with cyber exploits
The US Commerce Department Bureau of Industry and Security has blacklisted four companies for their involvement in cyber exploits that threaten privacy and security. This blacklist prohibits US companies from engaging in any business with these blacklisted companies. For example, Kaspersky, a Russian security company, was blacklisted and is prohibited from being used on any US government-owned devices. Being blacklisted can have significant consequences for a company's ability to do business with US entities, especially in the government and military sectors.
Acoustic attacks can steal data from keystrokes
Researchers have developed an AI-based deep learning model that can steal keystroke data by listening to the sound of keyboard strokes through nearby microphones with a 95% accuracy rate. By training the AI model using Zoom recordings and analyzing the unique sound of each key press, the researchers were able to recreate the typed information. This type of attack poses a potential threat to users' privacy and security, especially when working in an open office environment or using online meeting platforms like Zoom.
SMS traffic pumping fraud
SMS traffic pumping fraud is a scheme where fraudsters use paid subscription services or phone numbers to receive SMS notifications, alerts, or one-time passwords from websites or applications. This fraud generates charges for the service provider, which are then passed on to the victim company. The fraudulent activity can lead to significant financial losses for businesses that are unaware of the attack or unable to detect it. Countermeasures include monitoring for suspicious SMS traffic, rate limiting, and geolocation filters.
Consequences of being blacklisted by the USA
When a company is blacklisted by the USA, it can face severe consequences in terms of doing business with US entities, especially in the government and military sectors. For example, if a company is added to the US Commerce Department Bureau of Industry and Security's blacklist, US companies are prohibited from conducting any business with them. This can result in loss of contracts, credibility, and potential legal actions. Additionally, being blacklisted can negatively impact a company's reputation and ability to attract new customers.
The Importance and Value of Certifications in Cybersecurity Job Opportunities
Certifications in cybersecurity are highly valuable in seeking employment opportunities, especially in the entry-level positions. While certifications are not necessarily mandatory, they significantly enhance job prospects by showcasing expertise and dedication to the field. The type and relevance of the certification depend on the specific job and company requirements. For pen testing roles, certifications such as Hack the Box's Certified Penetration Testing Specialist (CPTS) and Certified Bug Bounty Hunter (CBBH), as well as Tri-Hackme's Sock Level 1, hold significant value. However, for management positions, other certifications focused on cybersecurity program management and policy skills may be more beneficial. Ultimately, certifications can boost the chances of landing a job and complement relevant experience.
Existence of Backdoors in Consumer Electronics
Backdoors in consumer electronics, both in firmware and hardware, do exist, although the extent may vary. The concern arises from scenarios where access or control can be exploited without proper physical access. While not all electronics may have backdoors, instances of backdoors have been reported and could continue to occur, especially in situations where supply chains are not closely monitored. Recognizing the vulnerabilities and risks associated with backdoors, government agencies and security professionals may scrutinize and assess electronic devices and software to identify any potential threat. Hence, it is wise to remain cautious and mindful of potential vulnerabilities, even in seemingly benign consumer electronics.
This week on Hacker And The Fed the US hunts Chinese malware that could disrupt American Military operations, a year in review of zero-day exploits, a study finds no evidence that ransomware victims with cyber insurance pay up more often, there's fighting words between Tenable CEO and Microsoft, and we answer listener questions from a listener in Greece, Holland, and a new minted NSA hacker.
Links from the episode:
U.S. Hunts Chinese Malware That Could Disrupt American Military Operations
