Credit:AlexRuhl/Shutterstock.com12 29 May - 11 June 2019 Email us your security questions [email protected]
QHow worried
should we be
about the
WhatsAppsecurity
breach (seestory on
page8)?
Andrew Marsden,
FacebookAThe zero-day
vulnerab ility
discovered in
WhatsAppal lows hackersMicrosoft fixes critical flaw
in WindowsXP and 7
Microsoft has
released fixesfor
a criticalremote-
code execution
(RCE) flaw
affecting older
Windows
installations that
could allow malwareto spread
between machines without any user
interaction.
The vulnerability has been
described as ‘wormable’, which
means that any future malware
exploiting itcould spread from
machineto machine in a similarway
to the infamousWannaCry attack in- The flaw affects users running
older operating systems including
Windows 7, Windows XP and
Windows 2003.
“While we have observed no
exploitation of this vulnerability, it is
to eavesdrop onusers,read
their encrypted chats,turn
onthe microphon e and
camera,andinstal l spyware
to facilitate further
surveillance, suchas
browsingthrough the
victim’s photos andvideos,
accessing their contact list,
andsoon. What makes it
evenworse isthat to exploit
the vulnerab ility, all the
hacker need s to doiscallthe
victimonWhatsApp.
Reli ableinformation onthe
matterisinsh ort supply but
what isknown isthat a
specially crafted callcan
trigger a ‘buffer overflow’in
WhatsApp, allowinghackers
to take control of th e app
andexecute arbitrary code.Itseemstheattack
usedthismethod
not only to
snooponusers’
chats andcalls,
but alsoto
exploit
previously
unkn own
vulnerab ilitiesin
the operating system,
which allowed themto instal l
a spyware app onthe device.
Attemptsto exploit this
vulnerab ilityhave already
beenspotted inthe wild.
WhatsApp’s securi tyteam
was ableto block attacks
that usedthe vulnerab ility,
but detailsof how many
peoplewere spied onand
who they were have stillnotbeendisclosed.
Itisalsonot yet
fully clear which
spyware app
was being
instal led inthe
secondstage
of attack, but
someparties
suspect it might
bePegasus , the
spyware famo usfor its
supremely flexible
infection capabilities.
To protect yourself, our
bestsuggest ion at the
moment isto make sure
yourWh atsAppisupto
date. To dothat, goto the
AppleAppStore orGoogle
Play Store,lookfor
WhatsAppandhit Update.News about the latest threats and advice from security experts
Stay Safe OnlineSECURITY ALERT! |What’s been bothering us this fortnight
Security Helpdesk|Your questions answered by security specialistshighly likely that malicious actors will
write anexploit and incorporate it int o
their malware,” Microsoft said.
“Customers runningWindows 8 and
Windows 10 are not affected”.
A pa tch for Windows 7 is available
through automatic updates, while
Windows XP and 2003 users will also
receive a special fix dueto the se verity
of this issue. Microsoft said upgrading
to Wi ndows 10 is “the bestway to
address this vulnerability”.
bit.ly/microsoft4 76BritishTransport Police
website hit by hack
The email addresses
and phone numbers
of BritishTransport
Police (BTP)staff
have been leaked
after hackers
compromised the
newsroom section of
the policeforce’swebsite. The BTP confirmed itwas
recently “madeaware of a
cybersecurity threat”to its website,
which is hosted by an external supplier,
and entirely suspended its newsroom
section as a precaution,temporarily
replacing it with aTumblr feed.
“The Force has worked closely with
the NationalCyber SecurityCentre,
the National CrimeAgency and the
external supplierto understand the
nature of the threat and if there have
been anycompromises,” aBTP
spokesperson said.
Although the hackwas first thought
to have affected only the news section
of the site, early in vestigations have
revealed a “small number” ofBTP
employees’ email addresses and
telephone numberswere also exposed.
It is notyet clear whether hackers
specifically targetedBTP, or whether
its web pr ovider was caught up in
a non-targetedcyber-attack.
bit.ly/transport4 76THIS ISSUE’S EXPERT:
Alex Perekalin,
Security Expert
at Kaspersky
(www.kaspersky.co.uk)ckersby se ty