Welcome to the CyberCure Bi-Weekly podcast transcript.
Everyone knows by now that most of the instant messaging apps like whtsapp or telegram are not secured and governments try to find solutions for that, France goverment declared during April on a new secured messaging app that will be used by the goverment, in the statement they said this app is more secured than Telegram.
It took less than a day till a security researcher found that the app authentication module have a problem that allows anyone to signup and join groups that are supposed to be secured. they quickly fixed this vulnerability and declared that it still plans to require its use in lieu of WhatsApp and Telegram, for any informal communications between government employees, agencies and some handpicked non-governmental organizations.
Remember that we covered supply chain attacks and how useful they are for attackers ? In Taiwan, As many as half a million computers might have installed malware disguised as an update from electronics giant ASUS after the Taiwanese company’s server was hacked, according to cybersecurity firm Kaspersky Lab.
The original malware then went on to install backdoors on up to 500,000 Windows computers which would allow the hackers to launch even more malware later on. and got the name ShadowHammer while The Taiwanese company denied its server was compromised.
This case shows once again the big impact chain attacks may have on corporations,home users and countries. According to security experts, the best solution is to become proactive and more vigilant in vetting of apps and updates. Instead of blindly accepting every possible update, machines may need to integrate additional layers of security which can prevent such attacks.
In response to other supply chain attacks, the U.S. has already created a so-called “supply chain task force” to monitor the situation.
In today’s world, products are manufactured and assembled outside of the United States, and so the U.S. is stepping up its oversight of how these products are made.
Once again, Like in other supply chain attacks, we see a possible cyber attack that might have happened and effected hunders of thousands of people and thats while the vendor who supposedly got attacked denying they got attacked.
That’s it for this podcast, stay safe and see you in the next podcast.
Don’t forget to visit www.cybercure.ai for the latest podcasts on cyber intelligence.