Want to feel like James Bond? Check out this easy-to-use encrypted flash drive.
Losing hardware is a pain, but everything is replaceable. Â
Allowing data to fall into someone else’s hands is the ultimate headache. Once your data is out there in the wild, it’s game over.
The “solution” is to encrypt your data. But the problem with that solution is that unless the encryption is easy and foolproof, users are going to sacrifice data security for convenience.
If you want easy-to-use high security encryption, then you need hardware that’s aimed at professionals, and that hardware doesn’t get much better than the Apricorn Aegis Secure Key 3.0.
Apricorn Aegis Secure Key 3.0 tech specs:
No software â so there’s nothing to keylog or to hack.
OS agnostic â the device is completely cross platform compatible.
Onboard keypad â all authentication takes place within the device itself.
All data, passwords and encryption keys are 256-bit encrypted at rest.
No host computer is involved in setup, authentication or encryption.
Forced enrollment â no default PINs ensures that data is not put at risk by employees who fail to change a factory set PIN before deployment.
IP68 rated against water and dust damage.
Separate administrator and user access.
Read-only options that can be enforced by the administrator or set by the user if allowed by policy.
Highly configurable with policy such as time out values, data recovery PINs, and programmable PIN lengths.
Brute force PIN attack protection.
Extruded aluminum enclosure with protective sleeve.
FIPS 140-2 Level 3 validated.
Can be automatically configured remotely using Apricorn’s Aegis Configurator tool.
Up to 195MB/s read speed/162MB/s write speed.
Super Speed USB 3.2 (backwards compatible with USB 3.0, 2.0 and 1.1)
Capacities ranging from 30GB to 2TB.
“For an added level of security, there’s also the ability to set a self-destruct PIN to quickly wipe the drive of its contents yet make it seem like it is fully working.”
Many experts often overlook hardware based security and its vital importance in establishing a secure workspace.
When it comes to cybersecurity, everyone likes to talk about software and the dangers that it poses. However, people often overlook hardware-based security and its vital importance in establishing a secure workspace. This is attributed to a general lack of knowledge when it comes to hardware security and how it works. So, itâs time to bust some myths that you might think are true when it comes to hardware security.
Myth #1: We never hear about hardware-based attacks, they donât exist!
Just because you donât hear about the problem frequently, it doesnât mean that it doesnât exist. Usually, cyberattacks that make the headlines are those involving large corporations that have fallen victim to a software-based attack carried out by infamous cybercrime syndicates. These stories are juicy and scandalous and entice audiences to read the article, generating more clicks onto the media outletâs website. Additionally, many businesses choose to withhold information pertaining to hardware-based attacks as it indicates insufficient physical security, which reflects negatively upon the business. Another reason why you donât often hear about hardware-based attacks is that enterprises who fall victim to them are oblivious to it. When an enterprise gets breached, the natural assumption is that it was due to a software vulnerability or phishing scam. Such misunderstanding, coupled with a lack of resources to detect a hardware attack tool, results in the attack method getting misconstrued.
However, that is not to say that hardware-based attacks donât receive any media attention. A great example that receives public resonance concerns ATMs. These cash dispensing machines are becoming a go-to target for cybercriminals because of the instant payout. Instead of using brute force attacks on ATMs, cybercriminals can now just attach a hardware attack tool, known as a Black Box, to the internal computer to trick it into releasing cash through a MiTM attack. Since 2021, Black Box attacks have been on the rise and have amounted to losses of 1.5 million Euros in Europe alone.
Myth #2: We have security measures in place, and all our employees use VPNsâ we are protected!
Yes, your security measures like NAC, IDS/IDP, firewalls and VPNs definitely provide some level of protection. However, malicious actors are continually evolving and finding new attack methods, which means exploiting blind spots, one of which is the hardware domain. Existing security solutions lack visibility into the Physical Layer (Layer 1), leaving them unfit to defend against, let alone identify, hardware-based attack tools. These malicious devices are designed to evade detection by operating on the Physical Layer and mimic human-like commands and executions, making them extremely dangerous as they can carry out a variety of harmful attacks without any obstacles in their way. If you are unable to determine all your assetsâ hardware information within 10 seconds, you are, in fact, not protected.
Myth #3: âWe donât use USBs, so why should it concern usâ
Thatâs a line weâve heard many times before, but hereâs the thing: you do, and it should!
Sure, your organization might not use flash drives and there might be some authorization capabilities in EPS/EDR solutions that block phones, keyboards and mice with certain VID/PIDs. Thatâs great, but what about the keyboards employees use to type? And the mice they use to navigate? Correct, those are USBs. They might be authorized, but that doesnât mean they canât get impersonated by a covert spoofing device. So long as there are HIDs in the work environment, there is the risk that one (or more) may be illegitimate. And without Physical Layer visibility, thereâs no mechanism in place to determine whatâs legitimate or not.
Myth #4: Why would anyone want to hack us; we arenât an interesting target?
Thatâs where youâre wrong. In todayâs day and age, almost anything that has data is of value and there is someone out there who wants to access it, no matter how mundane it could be. Not all hackers target large nuclear facilities or governmental institutions; the risk is usually too high for most cybercriminals. Your company, however, is a prime target â thereâs data and itâs accessible. Whether the perpetrator wants to steal information for monetary gain, access it to gain a competitive advantage, or encrypt it in a ransomware attack, your company provides that opportunity and a hardware attack tool can do the job.
In short, every enterprise is a target for malicious actors; it can happen to anyone for any number of reasons. The important thing to remember is that you can prepare and build your companyâs resistance to these attacks by gaining visibility on the Physical Layer through hardware-based security.
About the author: Julien Katzenmaier, Content Writer at Sepio
Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely hack them.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of multiple security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers which are used by over 1.5 million vehicles.
An attacker can exploit the flaws to remote disruption of critical functions of the impacted vehicles.
âCISA has released an Industrial Controls Systems Advisory (ICSA) detailing six vulnerabilities that were discovered in MiCODUS MV720 Global Positioning System Tracker. Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control the global positioning system tracker.â reads the advisory published by CISA. âThese vulnerabilities could impact access to a vehicle fuel supply, vehicle control, or allow locational surveillance of vehicles in which the device is installed.â
The MiCODUS MV720 GPS Tracker is a popular vehicle GPS tracker manufactured in China, which is used by consumers for theft protection and location management, and by organizations for vehicle fleet management.
The flaws were discovered by BitSight researchers, they have been tracked as CVE-2022-2107; CVE-2022-2141; CVE-2022-2199; CVE-2022-34150; and CVE-2022-33944.
Researchers from BitSight who discovered the issues reported that threat actors could hack into the tracker to potentially cut off fuel, physically stop vehicles, or track the movement of vehicles using the device.
MiCODUS is used today by 420,000 customers in multiple industries, including government, military, law enforcement agencies, and Fortune 1000 companies.
CVE-2022-2107 (CVSS score: 9.8) â The use of hard-coded credentials may allow an attacker to log into the web server, impersonate the user, and send SMS commands to the GPS tracker as if they were coming from the GPS ownerâs mobile number.
CVE-2022-2141 (CVSS score: 9.8) â Improper authentication allows a user to send some SMS commands to the GPS tracker without a password.
CVE-2022-2199 (CVSS score: 7.5) â A cross-site scripting vulnerability could allow an attacker to gain control by deceiving a user into making a request.
CVE-2022-34150 (CVSS score: 7.1) â The main web server has an authenticated Insecure Direct Object References (IDOR) vulnerability on parameter âDevice ID,â which accepts arbitrary Device IDs without further verification.
CVE-2022-33944 (CVSS score: 6.5) â The main web server has an authenticated IDOR vulnerability on POST parameter âDevice ID,â which accepts arbitrary Device IDs.
Experts found a sixth issued that has yet to receive a CVE (CVSS score: 8.1) â all devices ship preconfigured with the default password 123456, as does the mobile interface. There is no mandatory rule to change the password nor is there any claiming process. The setup itself does not require a password change to use the device. We observed that many users have never changed their passwords.
The analysis of the sector usage on a global scale revealed significant differences by continent in the typical user profile. Most North American organizations using flawed MiCODUS devices are in the manufacturing sector, while those in South America are government entities. MiCODUS users in Europe belong to diverse sectors, ranging from finance to energy.
BitSight recommends users immediately cease using or disable any MiCODUS MV720 GPS trackers due to the severity of the flaw, at least until the vendor will address the issues.
âIf China can remotely control vehicles in the United States, we have a problem,â said Richard Clarke, internationally renowned national security expert and former presidential advisor on cybersecurity. âWith the fast growth in adoption of mobile devices and the desire for our society to be more connected, it is easy to overlook the fact that GPS tracking devices such as these can greatly increase cyber risk if they are not built with security in mind. BitSightâs research findings highlight how having secure IoT infrastructure is even more critical when these vulnerabilities can easily be exploited to impact our personal safety and national security, and lead to extreme outcomes such as large-scale fleet management interruption and even loss of life.â
Researchers highlighted the risks that a nation-state actor could potentially exploit the above vulnerabilities to gather intelligence on entities operating in the military or one of its supplies. Data such as supply routes, troop movements, and recurring patrols could be revealed by exploiting these flaws-
âAlthough GPS trackers have existed for many years, streamlined manufacturing of these devices has made them accessible to anyone. Having a centralized dashboard to monitor GPS trackers with the ability to enable or disable a vehicle, monitor speed, routes and leverage other features is useful to many individuals and organizations. However, such functionality can introduce serious security risks. Unfortunately, the MiCODUS MV720 lacks basic security protections needed to protect users from serious security issues. With limited testing, BitSight uncovered a multitude of flaws affecting all components of the GPS tracker ecosystem.â concludes the report. âBitSight recommends that individuals and organizations currently using MiCODUS MV720 GPS tracking devices disable these devices until a fix is made available. Organizations using any MiCODUS GPS tracker, regardless of the model, should be alerted to insecurity regarding its system architecture, which may place any device at risk.â
These days security of car is very essential. Thieves are finding more ways of stealing cars and other four wheeler vehicles. In this book we have given details about the anti-theft system which will help to car owners to secure their cars. This system is efficient and affordable. This system gives more advantages than other anti-theft system. Main feature of this system is that owner will gate information if the car is being stolen and the location of car (longitude and altitude).
Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.
Researchers from cybersecurity firm Binarly discovered 16 high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.
An attacker can exploit these vulnerabilities to implant a firmware that survives operating system updates and bypasses UEFI Secure Boot, Intel Boot Guard, and virtualization-based security.
Impacted devices include multiple HP enterprise devices, including laptops, desktops, point-of-sale systems, and edge computing nodes.
âBy exploiting the vulnerabilities disclosed, attackers can leverage them to perform privileged code execution in firmware, below the operating system, and potentially deliver persistent malicious code that survives operating system re-installations and allows the bypass of endpoint security solutions (EDR/AV), Secure Boot and Virtualization-Based Security isolation.â reads the analysis published by Binarly.
Below is the list of vulnerabilities discovered by the researchers:
âBinarly believes that the lack of a knowledge base of common firmware exploitation techniques and primitives related to UEFI firmware makes these failures repeatable for the entire industry. We are working hard to fill this gap by providing comprehensive technical details in our advisories. This knowledge base is crucial for developing effective mitigations and defense technologies for device security.â, said Alex Matrosov, Founder and CEO at Binarly.
The most severe of the vulnerabilities discovered by the researchers are memory corruption issues affecting the System Management Mode (SMM) of the firmware. An attacker could trigger them to gain arbitrary code execution with the highest privileges.
Connected cars create opportunities to deliver enhanced customer experiences. At the same time, they also have the potential to provide high cost and revenue benefits. This is true for connected car companies, OEMs, suppliers and insurers (and much, much more).
However, car companies havenât really explored the opportunities to monetize customer data adequately. We can probably attribute this to cybersecurity threats and a mad rush to market. But as the industry evolves and accelerates adoption, we must address these concerns now.
According to Allied Market Research, experts forecast the worldwide connected car market to be worth $225.16 billion by 2027. As we strive to achieve continuous connectivity, whatâs the best approach to secure it? How do we keep drivers and their data safe from threat actors?
Before we dive into the solution, letâs look at some of the connected car challenges.
The Apple AirTag has been available for just a couple of weeks and hacking community is already working on it to demonstrate that how to compromise it.
âThe German security researcher Stack Smashing tweeted today (via The 8-bit) that he was able to âbreak into the microcontroller of the AirTagâ and modified elements of the item tracker software.â reported the 9to5Mac website.
âA microcontroller is an integrated circuit (IC) used for controlling devices usually via a microprocessing unit, memory, and other peripherals. According to AllAboutCircuits, âthese devices are optimized for embedded applications that require both processing functionality and agile, responsive interaction with digital, analog, or electromechanical components.â
Now, the German security researcher Stack Smashing claims that he was able to hack the Apple device breaking into its microcontroller and modifying its NFC URL for Lost Mode.
The researcher explained that has found a way to modify the tracker software running on the tag, he was able to modify its NFC URL.
Smashing published a video PoC of the hack, it shows two Apple AirTag devices and one of them was hacked by the researcher.
The regular item tracker used in the test opens the Find My website, while the modified one opens an arbitrary URL that was chosen by the expert.
Yesss!!! After hours of trying (and bricking 2 AirTags) I managed to break into the microcontroller of the AirTag! đ„łđ„łđ„ł
Researchers at SentinelLabs say that they found various exploitable bugs in one of Dellâs Windows kernel drivers, which they reported back in December 2020.
There were five related bugs, now collectively dubbed CVE-2021-21551.
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.
The next Windows PC you buy could come with an advanced security co-processor that will protect your data from being stolen by hackers.
The next Windows PC you buy could come with an advanced security co-processor that will protect your data from being stolen by hackers. Building on work it started with the Xbox One, on Tuesday Microsoft announced the existence of Pluton. Itâs a new project the company is working on with both AMD and Intel, as well as Qualcomm, to create x86 and ARM CPUs that integrate a dedicated security component.
At its simplest, Pluton is an evolution of the existing Trusted Platform Module (TPM) you find in many modern computers. TPMs store security-related information about your operating system and enable features like Windows Hello. However, for all the additional security they add to PCs, they still have vulnerabilities. As security researchers have shown, itâs possible for hackers to attack the bus interface that allows the TPM and CPU to communicate with one another.
Thatâs where Pluton comes into the picture. By integrating the TPM into the CPU, Microsoft says itâs able to close off that avenue of attack. When the first slate of Pluton-equipped CPUs and computers start making their way out to consumers, Microsoft says theyâll emulate TPM chips so that they can take advantage of existing APIs and provide Windows users with immediate usefulness. The end goal is for Pluton-equipped CPUs to protect your credentials, encryption keys and personal data. In that way, it will be similar to the T2 and Titan M security chips Apple and Google offer, but with the added advantage of being there for the entire Windows ecosystem to use.
