Cybersecurity Weekly: VoLTE encryption attack, Alexa bugs, Android flaws

August 18, 2020 by Sam Fay

A new attack lets hackers decrypt VoLTE encryption to spy on phone calls. Amazon Alexa bugs allowed hackers to install malicious apps. Flaws in Samsung phones exposed Android users to remote attacks. All this, and more, in this week’s edition of Cybersecurity Weekly.


1. New attack lets hackers decrypt VoLTE encryption to spy on phone calls

Last week, a team of academic researchers presented a new attack called ReVoLTE, that could let remote attackers break the encryption used by VoLTE voice calls and spy on targeted phone calls. The method allows an attacker to eavesdrop on the encrypted phone calls made by targeted victims.
Read more »


2. Amazon Alexa bugs allowed hackers to install malicious apps

Cybersecurity researchers disclosed severe security vulnerabilities in Amazon’s Alexa virtual assistant that could render it vulnerable to a number of malicious attacks. The exploits could have allowed an attacker to remove/install skills on the targeted victim’s Alexa account, access their voice history and acquire personal information through skill interaction.
Read more »


3. Flaws in Samsung phones exposed Android users to remote attacks

New research disclosed a string of severe security vulnerabilities in the Find My Mobile app that could have allowed remote attackers to track victims’ real-time location, monitor phone calls and messages and delete data stored on the phone. The flaws were addressed by Samsung after flagging the exploit as a high-impact vulnerability.
Read more »


4. Critical flaws affect Citrix Endpoint Management

Citrix released patches last week for multiple new security vulnerabilities affecting its Citrix Endpoint Management, also known as XenMobile. According to Citrix, there are a total of five vulnerabilities that affect on-premise instances of XenMobile servers used in enterprises to manage all apps, devices or platforms from one central location.
Read more »


5. Emotet malware strikes U.S. businesses with COVID-19 spam

The Emotet malware began to spam COVID-19 related emails to U.S. businesses after not being active for most of the pandemic. Before going dark in February 2020, the Emotet malware was commonly spamming COVID-19 themed spam to distribute malware in other countries already affected by the pandemic.
Read more »


6. Hacker leaks data for U.S. gun exchange site on cybercrime forum

On August 10th, a threat actor posted databases that they claim contain 195,000 user records for the, 45,000 records for their video site, 15,000 records from the hunting site, and 24,000 user records from the Kratom site
Read more »


7. CISA warns of phishing campaign with loan-relief lure

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency issued a warning about an in-progress phishing campaign using the Small Business Administration COVID-19 loan-relief program as bait. The still-unknown malicious actor spoofed the SBA’s loan-relief page and is using the fake site to steal credentials.
Read more »


8. Instagram retained deleted user data despite GDPR rules

For several months following the launch of GDPR, Instagram kept copies of deleted pictures and private direct messages on its servers even after someone removed them from their account. The Facebook-owned service acknowledged the slipup and awarded a security researcher $6,000 for finding the bug.
Read more »


9. Critical flaws in WordPress quiz plugin allow site takeover

A plugin designed to add quizzes and surveys to WordPress websites patched two critical vulnerabilities last week. The flaws can be exploited by remote, unauthenticated attackers to launch varying attacks, including fully taking over vulnerable websites. The plugin, Quiz and Survey Master, is actively installed on over 30,000 websites.
Read more »


10. Security gap allows eavesdropping on mobile phone calls

Cybersecurity researchers were able to decrypt the contents of telephone calls if they were in the same radio cell as their target, whose mobile phone they then called immediately following the call they wanted to intercept. They exploited a flaw that some manufacturers had made in implementing the base stations.
Read more »

Posted: August 18, 2020
Sam Fay
View Profile