Apple FaceTime at Risk From Severe Flaw

eWeek | January 29, 2019

Apple FaceTime at Risk From Severe Flaw
Since the invention of the telephone by Alexander Graham Bell in 1876, the basic protocol for any type of voice communication has been that the receiver needs to pick up the phone in order to start the call. That basic premise has carried forward to the digital age, but it's one that has now been challenged by a severe flaw in Apple's FaceTime application. A vulnerability that first became public knowledge on Jan. 28 could enable a caller to hear audio from the receiver's end before the call is accepted. FaceTime is an integrated application that is included in Apple's iOS mobile operating system as well as its macOS desktop operating system. Apple has stated that it is aware of the issue and is planning on releasing an update. Apple has also temporarily shut down its Group FaceTime service feature at the back-end server, to help further mitigate the risk. Additionally, until a formal patch is available, Apple users are advised to disable FaceTime on their devices.

Spotlight

The most important thing to understand about dealing with a true advanced persistent threat (APT) is that it's like having pneumonia; by the time it's diagnosed you've probably had it for a while - sometimes a long while. It's often not easy to cure, and if you try to cure it without the right medication, it can mutate and become resistant. In fact, an APT is worse than ordinary pneumonia - it's like designer pneumonia that's been genetically engineered specifically for you.

Spotlight

The most important thing to understand about dealing with a true advanced persistent threat (APT) is that it's like having pneumonia; by the time it's diagnosed you've probably had it for a while - sometimes a long while. It's often not easy to cure, and if you try to cure it without the right medication, it can mutate and become resistant. In fact, an APT is worse than ordinary pneumonia - it's like designer pneumonia that's been genetically engineered specifically for you.

Related News

ThreatConnect partners Microsoft Graph Security API to Strengthen Security Automation

ThreatConnect | August 19, 2020

ThreatConnect, Inc.®, provider of the industry’s only intelligence-driven security operations solutions, announced today that it has joined the Microsoft Intelligent Security Association and will integrate Microsoft solutions with the ThreatConnect Threat Intelligence (TIP) and Security Orchestration Automation and Response (SOAR) Platform using the Microsoft Graph Security API. This integration allows ThreatConnect clients to connect with nearly any piece of Microsoft technology, including Azure Sentinel, O365, and Microsoft Defender ATP, using the Microsoft Graph Security API. The integration allows clients to retrieve alerts, perform data enrichment, gain relevant threat intelligence, and carry out incident response actions. The Microsoft Graph Security API is a single interface that connects to Microsoft security products. Through this integration, made possible by ThreatConnect’s robust App Services capability, clients are able to subscribe to and listen for Microsoft Graph Notifications, parse these notifications for subsequent operations, and manage Graph Mail and security alerts via ThreatConnect Playbooks. Some examples of actions supported:

Read More

SOFTWARE SECURITY

Cybersecurity Startup ActZero Announces Partnership with Tech Data

ActZero | August 28, 2021

ActZero, a cybersecurity startup whose AI-driven managed detection and response (MDR) platform makes best-in-class security accessible for businesses of all sizes, today announced a strategic partnership with Tech Data, one of the world's largest technology distributors and solutions aggregators. Together, ActZero and Tech Data aim to help organizations accurately detect, learn from, and prevent emerging security threats. The ActZero platform combines next-generation antivirus protection, endpoint detection and response (EDR), and 24/7 automated and managed threat hunting capabilities, enabled by a purpose-built AI engine, delivered through its single, cost-effective solution. As a result, ActZero detects and prevents all types of threats, from commodity malware to sophisticated attacks, all in sub-second responses. The partnership will accelerate adoption of ActZero's novel security platform as part of the Tech Data edge-to-cloud portfolio and broaden access to superior security for small and mid-size businesses through the IT distributor and solutions aggregator's global footprint. In addition, this scale helps unlock powerful network effects that enrich ActZero's machine learning engines and improve its ability to detect and contain threats. "We're excited to roll out this partnership," said John Nurczynski, co-founder and Head of the Summit partnership program at ActZero. "Our goal is to democratize cybersecurity for small and mid-size businesses, and Tech Data's well known distribution platform and industry-leading security expertise unlocks the ability to get ActZero's superior approach in the hands of more companies." "With year-over-year cybercrime statistics increasing exponentially, making smart investments in security solutions is a no-brainer for businesses grappling with how to handle malware, ransomware and proliferating cyber threats," said Tracy Holtz, vice president of security solutions at Tech Data. "Adding cybersecurity innovators like ActZero to our portfolio of solutions arms Tech Data customers with critical online security tools so the businesses they serve – especially small and mid-sized companies – are equipped to protect from edge to cloud." ABOUT ACTZERO ActZero is a cybersecurity startup that makes small- and mid-size businesses more secure by empowering teams to cover more ground with fewer internal resources. Our intelligent managed detection and response service provides 24/7 monitoring, protection and response support that goes well beyond other third-party software solutions. Our teams of data scientists leverage cutting-edge technologies like AI and ML to scale resources, identify vulnerabilities and eliminate more threats in less time.

Read More

DATA SECURITY

Cynet CISO Challenge for Cybersecurity Leaders Measure Expertise Against their Peers

Cynet | May 11, 2021

Cynet, supplier of the world's first self-ruling XDR stage, today declared the 2021 CISO Challenge for network safety group pioneers to approve their insight and comprehension of genuine security subjects going from essential to cutting edge - including more unstable situations defying associations today. For the 2021 CISO Challenge, Cynet has gathered a gathering of senior CISOs, specialists, and analysts to build up this all-new trial of cutting-edge network safety abilities. The opposition on the site will stay open for about fourteen days, during which time anybody can join and endeavor to address the inquiries, which change from fundamental to progressively refined. There will be a sum of 25 inquiries, with everyone dependent on genuine situations, as opposed to straightforward random data. Questions will cover consistency and guideline, hazard evaluation and the executives' estimations and measurements, danger and weakness the board, just as situations and moral contemplations that most InfoSec pioneers face in the field. The test begins on May fifth at 8 am Eastern Daylight Time (EDT) and closes on May 21st at 11:59 pm (EDT). The site will stay open after the challenge for anybody to test their insight, however not for a prize. It is intended to be a great route for security pioneers to all the more likely comprehend their degree of information and find what holes, assuming any, they have in their order of network safety administration. Since this is a serious occasion, it will permit competitors to perceive how they perform comparative with other people who have acknowledged the demand. The $5,000 thousand prizes will be introduced toward the finish of the challenge. "The CISO Challenge will be a fiery occasion in a cutthroat air, where InfoSec pioneers have the chance to gauge facing the best in the business," said Eyal Gruner, Cynet CEO and Co-Founder. "The challenge goes past the reading material and permits CISOs to do what they specialize in when the pressing factor is on." Cynet is reacting to the business' requirement for more noteworthy cooperation and backing for CISOs at sub-Fortune 2000 associations. The CISO Challenge is intended for Infosecurity pioneers at associations where the dangers are critical, however, assets are restricted and require more elevated levels of mechanization to guarantee fruitful and productive activities. About Cynet Cynet empowers any association to put its network safety on autopilot, smoothing out and mechanizing their whole security tasks while giving upgraded levels of perceivability and assurance, paying little heed to the security group's size, ability or assets and without the requirement for a multi-item security stack. It does as such by locally merging the fundamental security advances expected to give associations exhaustive danger assurance into a solitary, simple to-utilize XDR stage; robotizing the manual cycle of examination and remediation across the climate; and giving a day in and day out proactive MDR administration - checking, examination, on-request investigation, episode reaction and danger chasing - at no extra expense.

Read More