Connect with us

Technology

Apple, Google, And Microsoft Started Protecting You From ZombieLoad Threat

Published

on

Although the security issue in intel chips aren't something to be worried about, it's still wise to get the latest update. Explain why it's not a threat that you need to panic.List manufacturers and how to get the update

If you’re reading this from a PC, or at least own one, odds are you’re affected by this problem and it’s best that you update yours immediately.

Big tech companies like Apple, Google, Amazon, Microsoft, and Mozilla have all made patches available to address a security flaw that is currently present in Intel chips dating back to 2011. Apparently, the flaw named ZombieLoad can leak sensitive personal information that’s supposedly stored safely in your computers like passwords, secret keys, and account tokens and private messages.

However, security researchers have said that the threat is something the general public shouldn’t worry about. At least not yet.

According to reports, research on the specific function that hackers can exploit to retrieve data from your PCs is relatively new. Basically, there’s hardly any information about it; that serious threat can easily be mitigated right now with security patches and the like.

Moreover, in order to access your PC, hackers need to have a specific set of skills, knowledge, and effort if they want to push through with trying to get into your computer through ZombieLoad.

In general, there still are easier ways to snoop around your computer other than the latest security flaw that’s posing as a threat. At the time of writing, there weren’t any known reports of any breaches in user security. But nonetheless, it’s still wise to get the latest security patch that manufacturers have started to roll out.

Apple

Apple included fixes for ZombieLoad in their latest macOS Mojave 10.14.15 and Security Update 2019-003 for Sierra and High Sierra and the rest of the MacBooks made available after 2011. Though, users should not notice a significant decrease in performance.

However, only a limited number of Macs made from 2009 to 2010 can install the security updates since some of which cannot support the fixes due to a lack of microcode tech from Intel.

For users who believe that they are at high risk from the security vulnerabilities presented, Apple has published that they can opt to disable their hyper-threading processing technology to fully mitigate ZombieLoad bugs. However, they also included that users who opt to install the full version of the security update should expect a decrease in performance up to 40%. They state that “actual results will vary based on the model, configuration, usage, and other factors.”

Instructions in installation and more information here.

Google

Google has also started rolling out their version of security patches on the ZombieLoad threat but still can’t cater to all devices under its platform.

Primarily, not all Google devices use Intel technology. So those are relatively safe against the problem at hand. Secondly, Google says that “the issue has been mitigated in many Google products (or wasn’t an issue in the first place). In some instances, users and customers may need to take additional steps to ensure they’re using a protected version of a product.” Meaning, some further security updates that users can opt for would be required manually.

Meanwhile “for systems running Android on Intel-based Chrome OS devices, updates are handled by Chrome OS,” and “Intel-based systems that are not Chrome OS devices, users should contact their device manufacturer for available updates.”

Microsoft

For Windows updates under Microsoft, the tech giant says that they are pushing updates on their own through updates. These are for both operating software and cloud. But nonetheless, they are available on their website.

For devices using Microsoft apps, they should download updates from their device manufacturers.

Moreover, Microsoft released this alongside their post:

Customers should take the following actions to help protect against the vulnerabilities:

1. Apply all available Windows operating system updates, including the monthly Windows security updates.
2. Apply the applicable firmware (microcode) update that is provided by the device manufacturer.
3. Evaluate the risk to your environment based on the information that is provided on Microsoft Security Advisories: ADV180002ADV180012ADV190013 and information provided in this Knowledge Base article.
4. Take action as required by using the advisories and registry key information that are provided in this Knowledge Base article.

Manufacturers listed above are some of the biggest tech companies who have rolled out their mitigation and security updates. It can be expected that all Intel-based devices would have rolled out as soon as possible.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Hackers Can Manipulate Media Files Sent Through WhatsApp And Telegram With A Zero-Day

The vulnerability is dubbed as “Media File Jacking.”

Published

on

Photo: Microsiervos | Flickr | CC BY 2.0

Popular instant messaging apps WhatsApp and Telegram contain an unpatched zero-day vulnerability that can be exploited by threat actors and hackers to manipulate files shared across the messaging platform.

Security researchers from Symantec Modern OS Security team found out that there is an existing vulnerability that can allow hackers and cybercriminals to manipulate images, audio files, documents, and other forms of data sent from one user to another.

Both WhatsApp and Telegram, along with other instant messaging platforms, have end-to-end encryption — which makes the message safe to send and receive. End-to-end encryptions only allow the sender and the receiver to read the contents of the images, and even the company has no human-readable copies of the messages sent.

However, according to the researchers, the vulnerability, dubbed as “Media File Jacking” can bypass the end-to-end encryption in the said apps and works on Android by default for WhatsApp and on Telegram if certain features are enabled.

“It stems from the lapse in time between when media files received through the apps are written to the disk, and when they are loaded in the apps’ chat user interface (UI) for users to consume. This critical time lapse presents an opportunity for malicious actors to intervene and manipulate media files without the user’s knowledge,” wrote Yair Amit, VP & CTO, Modern OS Security in a blog post together with Alon Gat, a software engineer.

“If the security flaw is exploited, a malicious attacker could misuse and manipulate sensitive information such as personal photos and videos, corporate documents, invoices, and voice memos. Attackers could take advantage of the relations of trust between a sender and a receiver when using these IM apps for personal gain or wreak havoc.”

End-to-end encryption does not make an app immune to threat actors

The researchers said that users of instant messaging platforms are particularly vulnerable in this instance because of the assumptions that because these apps have end-to-end encryption, they are automatically immune from hacking. But that is definitely not the case, as illustrated by Symantec’s discovery.

“As we’ve mentioned in the past, no code is immune to security vulnerabilities. While end-to-end encryption is an effective mechanism to ensure the integrity of communications, it isn’t enough if app-level vulnerabilities exist in the code,” they added.

How the exploit works. Photo: Symantec

The problem comes from how these apps store media files as end-to-end encryptions don’t work if the files were saved externally. When files are stored on external storage, other apps can access and manipulate them. On WhatsApp, data are stored externally by default, while on Telegram, the vulnerability is present if “Save to Gallery” is enabled.

Additionally, the Media File Jacking vulnerability, as the researchers said, points to a more significant issue of app developers’ non-secure use of storage resources.

Impact of the exploits

Researchers from Symantec raised the alarms as malicious actors can use the discovered vulnerability in different ways. Hackers can fundamentally alter images in a near real-time manner as sent by one user to another just by exploiting the zero-day. In a demo video released by Symantec, the researchers were able to change the faces of two men in an image to that of Nicolas Cage as the picture was being sent from one test account to another.

Furthermore, threat actors can also exploit the vulnerability by altering numbers in invoices in a bid to rewire payments to a different bank account number. To make matters worse, researchers said that the invoice-jacking modus can also be carried out without a specific target and could be broadly distributed, looking for any invoices to manipulate, affecting multiple victims who use IM apps like WhatsApp to conduct business.

“As in the previous scenario, an app that appears to be legitimate but is, in fact, malicious, watches for PDF invoice files received via WhatsApp, then programmatically swaps the displayed bank account information in the invoice with that of the bad actor. The customer receives the invoice, which they were expecting to begin with, but has no knowledge that it’s been altered. By the time the trick is exposed, the money may be long gone,” the report said.

The exploitation of the vulnerability may also come in the form of audio-spoofing where an attacker exploits the relations of trust between employees in an organization a the attacker can also program the new and manipulated file to mimic the voice of another person.

At the end of the day, Symantec is encouraging IM users to by disabling the feature that saves media files to external storage in order the mitigate the possible attacks using the exposed vulnerability.

Continue Reading

Technology

Huawei Exec Backtracks: Hongmeng OS Is Not For Smartphones

Liang Hua said they prefer Android as the OS of their smartphones.

Published

on

Photo: Kārlis Dambrāns | Flickr | CC BY 2.0

When Chinese smartphone giant, Huawei, was caught off-guard by Google’s revocation of its Android license following the ban imposed by Washington against the company, the smartphone maker made people believe that they are ready for such situation, and announced that they are developing an alternative operating system called Hongmeng.

However, in an interview, Liang Hua, an executive from the tech superpower, backtracks and says that Hongmeng was developed not as an alternative for Android but for the development of their IoT products instead.

Liang Hua said at a Friday press conference in Shenzhen that the operating system, which was rumored to be 60% faster than android, was not developed for smartphones and that the company still prefers Android as their “first choice” for a smartphone OS.

“The Hongmeng OS is primarily developed for IoT devices that will reduce latency… In terms of smartphones, we are still using the Android operating system and ecosystem as a “first choice.” We haven’t decided yet if the Hongmeng OS can be developed as a smartphone operating system in the future,” said Liang Hua.

Earlier reports revealed that Huawei has been developing Hongmeng since 2012. The company has been testing the new OS on selected devices under a closed door and closed environment. The source also said that the testing was accelerated for the new operating system to be ready for situations such as the latter.

Nonetheless, it is still unclear whether Hongmeng will be the official name of the OS coming from Huawei. Experts note that even if Huawei can successfully launch its operating system, the company will still be faced with the challenge of establishing an app ecosystem. It would take Huawei a lot of time to build apps that are compatible with the new operating system.

When Huawei was subjected to a witch hunt by the US government for allegedly aiding the Chinese government in its efforts to spy on the country, and as a pivotal player to potentially economically sabotage the country, an executive order was launched against the China-based tech giant that effectively forced U.S. tech companies to sever ties with Huawei.

The ban from Google has brought Huawei’s future into limbo; making it uncertain for users, especially concerning security updates for their Huawei and Honor phones —or the general idea whether their devices will still be able to run altogether. Following the announcement, Huawei assured its users that all phones that were sold ahead of the banning and those that are already in stock would continue receiving updates from Android.

Now, Huawei’s backtrack follows the bilateral meeting between Trump and China’s Xi Jinping in the recently concluded G-20 Meeting held in Tokyo; the American president announced that American companies could already resume in selling their products to Chinese companies.

The two presidents, in a closely watched sit-down with each other, have agreed for a truce and cease-fire over the long-disputed trade wars between the two superpowers.

“U.S. companies can sell their equipment to Huawei. We’re talking about equipment where there’s no great national security problem with it. I said that’s O.K., that we will keep selling that product, these are American companies that make these products,” Donald Trump said after his meeting with the Chinese president. “That’s very complex, by the way. I’ve agreed to allow them to continue to sell that product so that American companies will continue.”

While the relief is what Huawei has been looking forward to from the G-20 meeting today, it seems like it could be a temporary relief as negotiations regarding the matter is bound to continue, and the ad hoc decision of Trump may still be overturned at some point of the negotiations. Nonetheless, it’s time for the Chinese smartphone superpower to breathe better.

Washington officials are reportedly holding meetings on how they will implement the new orders from Trump. However, special attention has to be given on how to deal with Huawei and its presence on the “entity list,” as the relief does not explicitly remove Huawei from the said list.

Continue Reading

Technology

This App Uses AI To Track Dogs By Their Unique Nose Prints

Authorities can also use it to monitor “uncivilized dog keeping.”

Published

on

Photo: Soumyaroop Chatterjee | Flickr | CC BY-ND 2.0

There’s no denying: facial recognition and biometrics identification is everywhere. They are in airports to help passengers board faster, in smartphones to allow users to unlock their devices automatically, in conservation reservoirs to track endangered animals, and in law enforcement agencies to help catch criminals.

And the development of artificial intelligence (AI) that allows facial recognition technology to evolve is moving faster every day. This time, a China-based start-up has developed an AI that has the capability of identifying and recognizing dogs through their nose prints.

Similar to how human fingerprints are unique to every human, dog nose prints are also unique to every dog. That is why, Megvii, a Chinese start-up, who is also an independent surveillance system contractor for the Chinese government, have developed and trained an AI to recognize dogs using their nose prints.

Photo: Megvii

The identification system is available through the Megvii app, and users need to scan their dog’s noses from multiple angles — same as how users register their fingerprint credentials to use the biometric unlock system of a smartphone.

The company says, that unlike previous identification methods like chip implants to pets the Megvii nose print identification app is much cheaper and is less invasive.

Apps that could identify and recognize animals like dogs aren’t new in the market at all. An app called Finding Rover uses facial recognition and machine learning to match photos of dogs submitted by owners of lost pets to a massive database of shelters and dog homes to recognize and find lost dogs.

Moreover, using nose prints to identify and recognize dogs and other pets aren’t new as well. Kennel clubs around the world are known to use nose prints to match lost dogs with shelter dogs. One primitive way to take a nose print is by coating the nose with ink and pressing it against white cardboard.

What’s new with Megvii’s market offering is the method by which dog prints are collected. In the new app, coating dog’s nose isn’t necessary anymore, as the AI only need photos of dog noses to locate key identifying markers — creating a unique profile of a dog in the database.

The company claims that amidst the differences in camera resolution, their identification system can verify a dog’s identity against an existing record with 95% accuracy. It also says that the system could identify a dog with “high precision” by checking it against records from a larger database, although the company didn’t elaborate on the accuracy rate in that scenario.

Aside from identifying lost dogs, Megvii says that their apps can also be used to track inappropriate pet-owner behaviors, and authorities can monitor “uncivilized dog keeping.” In China, actions, like walking a dog in public without a leash and not scooping after a dog has pooped, are considered uncivilized, and in some instances in several cities, are considered illegal.

Biometrics identification tech application on animals

The advent of facial recognition and biometric identification technology has not only helped pet owners in keeping track of their beloved pets. The technology has also been known to be used by conservators in China to track the movement of endangered animals like the endemic panda population.

A group of researchers from the China Conservation and Research Centre for Giant Pandas have developed an app that could recognize individual pandas using facial recognition technology. The app will draw from more than 120,000 images and video clips of giant pandas to identify the animals that are living in the wild.

Camera traps in China have captured images and video footage of giant pandas that are often difficult to see in the wild. The photographs and video are some of the most amazing photos ever of pandas and other species in their remote habitat, which were caught on film as part of long-term wildlife monitoring projects set up in panda nature reserves by the Chinese government and WWF.

The development of the new facial recognition app will presumably help conservationist monitor their programs by keeping track of how many pandas are left. It will also provide significant insight regarding the breeding program that conservationist has been implementing to encourage an increase in the panda population.

Continue Reading

Trending