TWINN #120 on Juice Jacking
Article Contents
Threats come in all shapes and sizes. Not just in a digital sense but also in the real-world. But especially where the two worlds collide. The most successful kinds of hacks are the ones where the victim goes about the the normal course of business and is unaware of how their own actions facilitated the attack.
This past week we saw Juice Jacking back in the news and there’s a reason why the FBI tweeted a word of caution not to use USB ports in public places:
The 5 Top Cyber Security Stories Of The Week – April 17, 2023
1. Why is ‘Juice Jacking’ Suddenly Back in the News?
The race to attack via cables hasn’t stopped. Take for example the O.MG Elite cable. The same idea is also applied to USB Ethernet adaptors that themselves have built-in mini computers, designed to have additional payloads. I have a LAN turtle at my desk and it works exactly as advertised.
2. LockBit ransomware encryptors found targeting Mac devices.
We don’t often see ransomware on macOS and even this one looks like it was just a test, while also including older PowerPC code. This group is clearly casting a wide net.
3. Hackers claim vast access to Western Digital systems.
It is still unclear if any client data has been compromised, but it does shed a light on cloud-based storage means our data is stored on someone else’s network.
4. CISA and partners issue secure-by-design principles for software manufacturers.
That new strategy calls for critical infrastructure owners and operators to meet minimum security standards and will potentially expose software companies to liability for flaws in their products.
5. Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability.
When an exploited zero-day attack happens on Chrome, it means overnight we become aware of 3 billion devices being vulnerable. This level of concentration is not healthy. Consider using an alternate browser like Brave, which in many cases has built-in defense mechanisms to avoid the exploitation of weaknesses.
Did you know?
There’s a new season of the World’s Greatest Con podcast. Some strong language, otherwise highly recommended as a social contagion story.
