New Hak5 Video: Crucial Cybersecurity Topics Discussed

In this new video from @hak5, several crucial cybersecurity topics are addressed, providing a detailed overview of the latest threats and innovations in the field.

Is the iPhone Really Unhackable Now? The video begins with a provocative question: Is the iPhone really unhackable now? This question is explored through recent security innovations introduced by Apple, notably the "Memory Integrity Enforcement" (MIE) technology. This technology, based on ARM's Memory Tagging Extensions (MTE), aims to prevent unauthorized memory access. By using keys to identify out-of-bounds memory access attempts, MIE blocks these attempts, thereby enhancing the iPhone's security. Apple has worked closely with ARM to improve this technology, making attacks more difficult to execute. Unlike Google, which offers a similar but optional feature, Apple has enabled MIE by default, providing an unprecedented level of security.

Supply Chain Attacks Another major topic covered is the recent supply chain attack that affected over 150 packages, including a popular color manipulation package and a Crowdstrike package. This attack, aimed at stealing cryptocurrencies, was quickly discovered, limiting the attackers' gains to less than $1,000. The malware used, a computer worm, scanned host computers for credentials, exfiltrated data via GitHub repositories and GitHub Actions, and spread to other packages. The GitHub repositories created by the worm bore names inspired by "Shy Halude," a character from the Dooms franchise. The malware established persistence by injecting a GitHub Actions workflow file via a B64-encoded bash script, exfiltrating secrets from the repositories to a command and control point.

Data Leak on China's Great Firewall The video also reveals a massive data leak concerning China's Great Firewall. Published by Enlay Hack Vista, this 600 GB leak includes source codes, documents, conversations, and raw operational data. The documents come from groups like G Edge Network and Mesa Lab, involved in the maintenance and research of the firewall. Researchers discovered that the technology used is also applied in other countries such as Myanmar, Pakistan, Ethiopia, and Kazakhstan.

Changes in Android Security Bulletins Google has made major changes to how Android Security Bulletins (ASB) are published. Now, the monthly ASBs will only contain vulnerabilities deemed high risk or critical, while others will be published quarterly. Google has adopted a new risk-based update system, allowing OEMs to receive early notifications about vulnerabilities and manage updates more effectively. Although Google has not officially confirmed these changes, sources close to the process have validated them.

Practical Implications The information presented in the video has important practical implications. For iPhone users, MIE technology offers enhanced security, making attacks more difficult. Developers and companies must be vigilant against supply chain attacks, securing their repositories and monitoring suspicious activities. The data leak on China's Great Firewall provides valuable insights into censorship and surveillance mechanisms, useful for researchers and digital rights advocates. Finally, the changes in Android Security Bulletins require OEMs and users to adapt to ensure continued security.

To learn more, watch the full video: https://www.youtube.com/watch?v=gX-_4IRLIkk