In 2011, Apple made ALAC opensource, publicly sharing it online, while continuing with improvements on a proprietary version including security updates which have never been updated into the opensource version.
Since then, mobile makers have taken this opensource software and integrate it in their products, and the assumption is that none takes time to take a deeper look at security issues that it might contain.
According to Check Point, these weaknesses when abused enables an attacker to remotely control your device to get access to your data and turn on/off your camera:
"RCE attacks allow an attacker to remotely execute malicious code on a computer. The impact of an RCE vulnerability can range from malware execution to an attacker gaining control over a user’s multimedia data, including streaming from a compromised machine’s camera"
In addition, an attacker can gain access to user conversations and media data if so desired by changing the applications permissions.
When Check Point contacted the two largest global mobile makers, they acknowledged the security weaknesses and released security fixes in December 2021.
If you have recently updated your device operating system to show a security patch level of December 2021, your device is protected against this attack. Otherwise, you need to update your device as soon as possible, especially devices that handle confidential and sensitive business data.
On your android device, navigate to Settings > About device > Software Info > Android security partch level is at bottom as photo below. To update android device, settings > software update > Download updates manually. Install software updates when downloaded to enjoyed enhanced security.
Quick steps to limit success of an attack from unpatched devices:
- Take backups of critical business data, test that they work and be restored, and keep them offline.
- Take critical business data off vulnerable devices, until they are updated with security fixes.
- Limit vulnerable devices from accessing your critical business data, that you do not let attackers to make you pay to get your critical business data back.
- Update vulnerable devices as soon as possible to close this completely down as an entry an attacker can use to disrupt your business.
- Prepare with a handy list of ransomware decryptors and removal tools that enable you to recover your data without paying ransom.
- Put in place cybersecurity basics: phishing practice, business guidelines, watch out for frequent sextortion emails, and social media platforms where attackers are lurking.
Read more:
Comments
Post a Comment