Researchers have discovered at least 18 vulnerabilities affecting Exynos modems used in multiple versions of Samsung, Pixel and Google smartphones. These flaws can be exploited to gain access to personal and confidential data on the mobile device, but also to use the access to steal MFA codes to gain privileged access to applications.
These vulnerabilities empower hackers to covertly gain access to these smartphones. 4 out of 18 of the security flaws allow hackers to compromise the phone remotely using just the victim’s phone number.
It’s important to note that attackers would need some privileged access to a mobile network operator or local access to the device to exploit them. Previous reports show that plants or recruited bad actors withinb Service Providers have been assisting malicious threat actors in installing malware on victim devices for some time now.
These critical exploits are covered in CVE-2023-24033.
Acreto Ecosystem security is technology for any IP based assets, including mobile phones and tablets. This includes access control, isolation and full inline threat prevention.
Moreover, Acreto delivers uniform and consistent security for all of an organization’s technologies regardless of the type of technology, location, connected network or ownership.
This includes:
Access Technologies Organization or BYOD Devices – Mobile Phones & Tablets – Internet-of-Things (IoT) – Internet-of-Medical Devices (IoMD) Offices Third-Party |
Application Delivery Technologies Data Centers Clouds SaaS Applications |
About Acreto
Acreto delivers full-stack cybersecurity without products, logistics or significant security expertise. It creates and consolidates the best of cybersecurity into a single plug-and-play platform with automated updates to stay ahead of threats. Acreto activates enterprise-grade security instantly, so organizations can run safely, easily, and without interruption.
Chinese nation-state attackers are actively exploiting a critical Fortinet bug to steal credentials and create network access that bypasses the firewall.
Fortinet has issued a patch that addresses the path transversal vulnerability in FortiOS, tracked as CVE-2022-41328. The vendor indicated that miscreants were using this flaw in an attempt to attack large organizations, steal their data, and cause OS or file corruption.
In a more detailed report released today, cyber security researchers at Mandiant security pinned the blame on Chinese hackers – with the FortiOS zero-day vulnerability, and “multiple” bespoke malware families.
These threat actors operate under the name UNC3886 and are known for multiple cyber espionage attacks. This group is suspected of stealing credentials and sensitive data in order to support Beijing’s goals, but no official attribution has been made.
There are two different attack paths that the suspected Chinese criminals have used to compromise Fortinet devices. The first path occurred when the threat actor initially gained access to the Fortinet ecosystem while the FortiManager device was exposed to the internet, using the CASTLETAP backdoor.
A second novel malware, named THINCRUST, was used when FortiManager devices weren’t exposed to the internet. To get around Fortinet’s firewall policies, the threat group used a traffic redirector (TABLEFLIP) and a reverse shell backdoor (REPTILE) on the FortiManager device.
In these attacks, the attackers hijacked the victim’s network creating backdoors as well as controlling all access in and out.
Cyber Insurance carriers have been using Acreto for the past few years to easily mitigate a variety of vulnerabilities in Fortinet, Watchguard and other Internet facing security tools. The Acreto platform is always up-to-date and deploys in under 30 minutes. Most importantly, it deploys transparently without the need to rip-and-replace your existing products in order to become secure.
About Acreto
Acreto delivers full-stack cybersecurity without products, logistics or significant security expertise. It creates and consolidates the best of cybersecurity into a single plug-and-play platform with automated updates to stay ahead of threats. Acreto activates enterprise-grade security instantly, so organizations can run safely, easily, and without interruption.
Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.
Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.
Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.
Interested in seeing Acreto SASE+Plus in action? Let’s start with some basic information.