Computer Club Wiki

The Cyber Security SIG will use virtual presentations with audio to keep members informed of cyber events until on site meetings are resumed. The virtual presentations will be posted on the Cyber Security's web site under MEETING NOTES as usual. There is too much going on in cyber to suspend news and warnings. Use the MEETING NOTES and Cyber Security News Archive to stay informed and aware.

The Presentation covered:

Kia and Hyundai auto thefts via USB charger cable and Honda key fob replay attacks

Amazon Drive to cease operation December 2023

Google Pixel 6a fingerprint unlock June security patch

US Court system breach Federal Data Center protections

Equifax “coding error”

Business Email Compromise Number 1 attack HUGE financial losses

Pegasus Spyware Congress actions against spyware

Port of Los Angeles attacks and defenses on the increase

Apple traffic routed through Russia

SHARPEXT

Microsoft Windows RDP account lockout Good and Bad

Microsoft VBA Macro disable

August in Cyber land

MV720 automotive tracking device PLEASE READ

28 listed Android wallet draining apps

More on smart thermostats

McDonalds use of customer information

QR Codes what they can do

and more …

Sun City Computer Club Cyber Security SIG

April 7, 2022

Current Issues Microsoft & Okta investigating attack from Lapsus$ FBI investigating 5 US energy firm scans Apple service Outage 3/21/2022 Google Maps outage 3/18/2022 Altered software for selected attacks – geopolitical OpenSSL infinite loop MicroTik routers C&C proxies Russia state actors

exploit PrintNightmare & default MFA

Ransomware speed 100,000 files

LockBit – 4 minutes 9 seconds
Babuk  -  6 minutes 34 seconds
  . . . .
Maze  -  1 hour 54 minutes

Kaspersky Labs security FinFisher shuts down

Apple Beta Security Updates Settings > General > VPN & Device Management iOS Beta (or similar) Remove that profile Restart Update Apple digital IDs Apple digital IDs Security & privacy

Over physical IDs

Arizona Soon? Colorado Connecticut Georgia Hawaii Iowa Kentucky Maryland Mississippi Ohio Oklahoma Territory of Puerto Rico Utah

Apple digital IDs iPhone 8 or later iOS 15.4 Apple watch series 4 or later watchOS 8.4 Wallet App

Drivers License  or  State ID
Add to iPhone and Apple Watch
Add to iPhone

Logon to state DMV to authorize Take selfie Scan Front & Back Secure transfer to state agency State defined head or other movements TSA using NFC readers NOT a substitute for having license in owners' possession Apple digital ID Apple digital ID Browser in the Browser Perfect? Convincing?

simulate Single Sign On
Sign in with {Google | Facebook | Apple| Microsoft }

Browser in the Browser Exact & correct domain name Right site? Check Check URL? Check Check for look-a-like characters? Check

Ready to use templates

10 days to in-the-wild detect ATM Switch Attack

US Critical Infrastructure

Bill passed 3/10/2022
“substantial cyber incident”  3 days
ransom paid  24 hours

“Strengthening America Cybersecurity Act” Removed from defense policy bill Then passed with unanimous vote What do they know? CISA has 2 years to publish rules in Federal Register Goal Whole of government response

Critical Infrastructure Presidential Policy Directive 21, section 2242, subsection b Chemical, Commercial facilities, Communications, Critical manufacturing, Dams, Defense industrial base, Emergency services, Energy, Financial services, Food and agriculture, Government facilities, Healthcare and public health, Information technology, Nuclear reactors, Materials and waste, Transportation systems, Water and wastewater Subpoena power Civil or Criminal penalty? Current Issues Dell Bios bugs

5 security weaknesses

Insyde software’s InsydeH20 HP Unified Extensible Firmware Interface

UEFI

CVE-2022-14415 CVE-2022-24416 CVE-2022-24419 CVE-2022-24420 CVE-2022-24421 CVE rating 8.2 Persistent firmware implants NOT detected by TPM

Current Issues AcidRain malware wipes Viasat satellite modems GPS jammers disrupting commercial airliners and others Facebook Messenger Microsoft Power Toys v0.57.0 Hackers using EDRs

Emergency Data Requests
sans judge’s signature

Ukrtelecom cyber attack Chrome OS 100.0.4896.75 Hydra shutdown

  Largest darknet marketplace
  US & German joint operation

Elon Musk Twitter “deal” 241 words Wyze internet connected web cams Wyze Internet connected web cams BitDefender attempts 3 years Helpful ↔ Harmful YOU – shared secret key

send ID 0x2710  client to camera
crypto magic
client sends result as ID 0x2712
encrypted channel

THEM – just send 0x2712

AND SD card contents simple XOR Got one? Got 1st gen?

Chrome OS Version 100 New App launcher

Chrome OS version 100 Editing with Voice Dictation

  After Dictation activation
  Everything key + D

Create personal GIFs Updated Android Container

Android Runtime for Chrome (ARC)
to
Android Runtime for Chrome VM

Chrome OS Creating Personal GIFs Current Issues DeadBolt ransomware

  Seeks backup first

Alexa? Delete everything …

Settings > Alexa Privacy > Manage Your Alexa Data
Enable deletion by voice
“Alexa, delete what I just said”
“Alexa, delete everything I said today”
Helpful <-> Harmful

Alexa, drop in

Device name  -  All devices
Confirmation tone
OTHER HOMES

Alexa Drop In setup Alexa App

Devices > Echo & Alexa > Drop In
Enable
Allow Drop In

Alexa Calling & Messaging BOTH parties must setup Smart Speakers Video Calling Hands Free “announce I am on my way home” “Call for help” Emergency Contacts Captioning Whisper mode Pair with Bluetooth Beer Goggles Skills Borat RAT malware Remote Access Trojan (RAT) Spyware Ransomware Builder, feature modules, server certificate DDoS Record audio & video Take control mouse and/or keyboard Screen captures Modify system settings Stealing and/or deleting files Modification Reverse proxy Browser manipulations

Car Key Fobs RollJam attack Yeahbut Honda still replay success why?

Little testing
even less accountability or regulation

And garage doors shift registers Cyber Security SIG updates Cyber Security SIG web site to use ANNOUNCEMENTS Cyber Security SIG updates Announcements will usually be links Click on link for more information Example:

Mobile App Sun City CA From Apple Store and/or Google Play Store Search Sun City Community Association Open Sun City Community Association App Sign in with your Community Association credentials

Open Menu button Select the CA site

Current Issues MLB to use Pitch Calling system SCCCCyber@gmail.com

To unsubscribe click this link: https://sctxcompclub.net/doku.php?id=cyber_security_sig_presentations&do=subscribe