Hiya Inc.’s Post

The article states that this side channel attack requires specialist equipment and physical possession of the yubikey, so it is not something most people should worry about. The flaw is not fixable, so if this is a realistic threat for you, then replace the yubikey with a new one not vulnerable. The embedded chips impacted by the flaw are used in other equipment, and these may also be vulnerable. https://lnkd.in/eFGYkFJ4

5G hack: At the upcoming @BlackHatEvents, researchers will demo how mobile devices are vulnerable to data theft and denial of service via weaknesses in 5G. https://lnkd.in/eGRuKWes #BHUSA #5G

Stay tuned for talks on these vulnerabilities at BlackHat and USENIX Security this year!

5G hack: At the upcoming @BlackHatEvents, researchers will demo how mobile devices are vulnerable to data theft and denial of service via weaknesses in 5G. https://lnkd.in/eGRuKWes hashtag #BHUSA #5G

Some really promising research has just surfaced on the Chromium blog you have to read as its a game changing solution to cookie theft, solving a big threat to all businesses of all sizes 🍪 and could make web authentication easier and more secure 👇 Understanding the risks of cookie theft is crucial for businesses in today's digital age. Malicious software can steal cookies from devices, giving attackers access to valuable web accounts. This can have serious consequences, such as financial loss and reputational damage. The article explores a new web capability, Device Bound Sessions Chrome (DBSC), that aims to combat cookie theft. DBSC functions by binding authentication sessions to a particular device, making it significantly harder for attackers to steal cookies and hijack accounts. While DBSC is still under development, it's a promising solution with the potential to significantly improve online security. Here's why it's important: Malicious software can steal cookies, granting attackers access to accounts and potentially causing financial loss or reputational damage. DBSC provides a powerful defence for businesses: By binding authentication sessions to a specific device, DBSC makes stolen cookies useless for attackers. This disrupts the attacker's strategies around cookie theft industry and makes it harder to steal business accounts and is particularly beneficial for apps handling sensitive data! Banking or healthcare app can greatly benefit from DBSC as it adds a layer of security, making it much harder for stolen cookies to compromise those accounts. Interested in learning more? Check out the article for a deeper dive into DBSC! https://lnkd.in/ed4DtheZ #CyberSecurity #Security #SecuringTheWeb

The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we recently discovered a new banker, SoumniBot, which targets Korean users and is notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest. (11TTPs with 'Procedure' level details on the TruKno blog) #trukno #mitreattack #threathunting #threatdetection #cyberattack #ciso #threatintel #threatintelligence #cybersecurity #infosec #malwarehunting #malwareanalysis #malware #ThreatAnalysis https://lnkd.in/gnbdYNJJ

The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we recently discovered a new banker, SoumniBot, which targets Korean users and is notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest. (11TTPs with 'Procedure' level details on the TruKno blog) #trukno #mitreattack #threathunting #threatdetection #cyberattack #ciso #threatintel #threatintelligence #cybersecurity #infosec #malwarehunting #malwareanalysis #malware #ThreatAnalysis

There has been a lot of focus the last week or so on session-token theft and IP restrictions to help mitigate stolen session tokens. I see that as a useful belt+suspenders approach right now - but I'm reminded that many years ago when we started making significant progress against phishing, attackers moved to malware, session theft, but then ultimately to Man-in-the-Browser (MitB) attacks. Sessions tokens like this at financial institutions that had short lifetimes weren't very useful - so attackers just got persistence on end-user devices. Remember Zeus? https://lnkd.in/gw8h3g3n For enterprises the battle here isn't against session-theft per-se - it is against malware. Because attackers are going to - just like they did last time - migrate to more real-time exploitation/use of sessions rather than stealing cookies and reselling them in an ecosystem. The recent session theft attacks should be a wake-up call to folks not just to look towards better session cookie protection (https://lnkd.in/gG5npvXr) but also to ensure that you're tackling your malware exposure because attackers aren't going to give up once session tokens are hard to steal - they're just going to modify the malware that is today stealing session tokens to instead do exactly what Zeus did before.

<<Sessions tokens like this at financial institutions that had short lifetimes weren't very useful - so attackers just got persistence on end-user devices.>> sing it, brother. the motive asymmetry between attackers (profit) and defenders (savings) predicts how persistent successful attackers must be and how much design-level red-teaming successful defenders must do.

Google can be clumsy and oppressive at times, but it is also the main actor forcing the industry to create and adopt secure web practices. Here's another example: They are beginning an effort to thwart session cookie theft malware and are designing it to be an open standard. https://lnkd.in/eBMp7Tyz