Security News for the Week Ending September 27, 2019

September 27, 2019 CyberCecurity Leave a comment

Did Apple ‘Play’ President Trump?

Apple says that it has received a waiver from import tariffs on Chinese parts for the Mac Pro. Why, after President Trump said he wouldn’t do that? Apple’s PR machine made it look like the Mac Pro was now going to be made in Texas after they floated a rumor that it was going to be made in China. But the Pro has always been made in Texas. And they are not building a new plant – only using the same plant where they have always been built. It is an example of how a very rich, connected and powerful company can game the system to get what it wants while smaller companies lose out. Source: The Register.

Click2Gov – ITS BACK!

Click2Gov facilitates self service government web site portals and in 2017 and 2018 it was compromised in dozens of cities, compromising 300,000 credit cards and costing banks about $2 million.

Well, ITS BACK!

The new attacks started last month and have hit 8 cities so far this time. So far, 20,000 records have been offered for sale. Cities in Florida, Idaho, California and Oklahoma have been hacked.

Coming to a city near you. Source: Wired.

Simjacker – A Mobile Attack That is Invisible

The SIM card in your phone has the information necessary to identify your phone to your carrier, but of course, vendors could not leave well enough alone, so it does more.

The attack begins with the attacker sending the victim an infected SMS message. Except this message has a series of SIM Toolkit (STK) instructions. This message is captured by the SIM card and the commands in it processed. The commands are quite powerful and could potentially send SMS messages containing data from the phone to the attacker, conduct espionage, spread malware and other things.

Not all phones and not all carriers are susceptible. Some US carriers say that they do not use that type of SIM chip. Source: Adaptive Mobile.

Microsoft Bans More File extensions from Outlook Web Access

Apparently OWA is now called Outlook for the Web. Must have missed the email. In any case, Microsoft is now banning a total of 142 file extensions after 38 more extensions will be banned in the next release. In addition to the existing banned extensions like .EXE, .COM, .ASP, .JAR and more, the new list includes Python files (6 extensions), Powershell (10), Digital certificates (3), Java (2) and miscellaneous applications (17). Source: The Hacker News.

Checkm8 Exploit Could Mean Permanent Jailbreak for Many iPhones

This is still new, so there is a lot we don’t know, but a researcher nicknamed ami0mX says that he accidentally found a bug in the iPhone boot ROM that affects most iPhones.

The good news is that it requires local access. Read only memory is only sometimes read only, so maybe Apple will be able to patch this – stay tuned.

If you can exploit this, it would allow you to jailbreak any affected iPhone or iPad. The models affected include (but may not be limited to) the iPhone 4s through the iPhone 8 and the iPhone X. It is not clear if the most recent iPhones are vulnerable.

A jailbreak would allow either a hacker or state actor or a vendor like Celebrite to either extract all data or compromise any affected phone, hence the name checkmate (Checkm8). Source: Threatpost.