CyberSecurity Pulse 2017-03-20

CyberSecurity Pulse 2017-03-20

“The father of doubts has a son of knowledge.”
Sudheer Reddy

Analyst Insight

WikiLeaks Will Disclose CIA Exploits to Tech Companies Under Specific Conditions

As many people know, Vault 7 is the name WikiLeaks has given to a collection of documents, purportedly from the CIA, detailing a range of malware and hacking tools that can be used to turn phones and TVs into spying devices. The first set of files brought to the light, codenamed "year zero", contained 8,761 documents describing exploits that the agency would have developed against many popular consumer electronic devices.

CyberSecurity Pulse 2017-03-20However, WikiLeaks withheld the code for the exploits from the first round of releases to prevent it from being misused. By releasing the code to tech firms first, the organisation said it wants to allow them time to patch the vulnerabilities before they are made public. In this sense, Assange would have contacted tech companies, including Apple, Microsoft, and Google to explain how Wikileaks intends to share the knowledge about the vulnerabilities the CIA was allegedly taking advantage. It seems that Wikileaks requested the satisfaction of specific conditions to the tech companies, for example, a 90-day disclosure deadline.

Of course, the best option for tech firms is to accept the conditions and fix the issues as soon as possible. Meanwhile, the CIA questions the reliability of the source and the content of the data leak: "We don't comment on the authenticity of purported intelligence documents released by Wikileaks or on the status of any investigation into the source of the documents. As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity", the spokesperson wrote. Only time will tell us who is right.

» More information at Wikileaks

Top Stories

Proposed Bill Would Legally Allow Cybercrime Victims to Hack Back

CyberSecurity Pulse 2017-03-20A new proposed bill intended to amend section 1030 of the Computer Fraud and Abuse Act that would allow victims of ongoing cyberattacks to fight back against hackers by granting victims more powers to engage in active defense measures to identify the hacker and disrupt the attack. The new bill has been proposed by Representative Tom Graves of Georgia and is named the "Active Cyber Defense Certainty" (ACDC) Act. However, this new bill allowing hacking back attackers is already raising up some concerns about potential unintended effects that the abuse of such actions may cause if the limits and procedures are not properly defined.

» More information at The Hacker News

NCSC Warns of Cyberattacks Powered by Russia Against the Political System

CyberSecurity Pulse 2017-03-20The alert was raised by the UK National Cyber Security Center (NCSC) that is informing political parties in the UK to warn about "the potential for hostile action against the UK political system". The warning does not confirm that Russia is the most dangerous state for political hacking but many members of the British intelligence community have few doubts about cyber capabilities of Russians state-sponsored hackers. In a separate context, the British Foreign Secretary Boris Johnson explained that there is no evidence of cyber attacks powered by Russian entities against the Brutish politicians and parties. "We have no evidence the Russians are actually involved in trying to undermine our democratic processes at the moment but what we do have is plenty of evidence that the Russians are capable of doing that", Johnson declared on a national television programme this Sunday.

» More information at Security Affairs

Rest of the Week´s News

Malware Found Preinstalled on 38 Android Phones Used by Two Companies

An assortment of malware was found on 38 Android devices belonging to two unidentified companies. According to Checkpoint, the malicious apps weren't part of the official firmware supplied by the phone manufacturers but were added later somewhere along the supply chain. In at least six of the cases, the malware was installed to the ROM using system privileges, a technique that requires the firmware to be completely reinstalled for the phone to be disinfected.

» More information at Ars Technica UK

How One Photo Could Have Hacked Your WhatsApp and Telegram Accounts

A new security vulnerability has recently been patched by WhatsApp and Telegram that could have allowed hackers to completely take over user account just by having a user simply click on a picture. According to Checkpoint, the vulnerability resided in the way both messaging services process images and multimedia files without verifying that they might have hidden malicious code inside.

» More information at Checkpoint

Hundreds of High-Profile Twitter Accounts Hacked through 3rd-Party App

In a large-scale Twitter hack, thousands of Twitter accounts from media outlets to celebrities were compromised last Wednesday. This strange Twitter activity on numerous high-profile accounts is the result of a vulnerability found in the third-party app called Twitter Counter. However, the company has made it very clear that no "Twitter account credentials (passwords)" or "credit card information" has been compromised.

» More information at The Hacker News

Further Reading

Google and Microsoft Increase the Cash on Their Bug Bounty Programs

» More information at The Register

US Charges Two Russian Spies and Two Hackers For Hacking 500 Million Yahoo Accounts

» More information at The Hacker News

Messaging App Confide Used by White House Staffers Is Also Vulnerable

» More information at The Hacker News