Stop using public USB charging ports to avoid ‘juice jacking’

Apr 12 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that sticks its nose where it’s not wanted like Biden in Belfast.

Today’s hottest cyber security stories:

  • FBI: Stop using public USB charging ports to avoid ‘juice jacking’
  • Highly classified U.S. intel re Ukraine war appears on Telegram
  • iPhone a friend and ask them the iOS 16.4 update

DON’T GET DRAINED BY ‘JUICE-JACKERS’

We’re not talking about gangs of roided-up meatheads roaming the streets looking to rob you or do something else onto you 🤨. No folks, the latest cybercrime wave sweeping the nation (the USA, to be precise) is a little more subtle, but arguably just as devastating.

The FBI in Denver has warned people not to use public USB charging ports in airports, hotel rooms, and the like and instead to always bring your own USB cord and plug into an electrical outlet.

This is to avoid what’s known as ‘juice jacking’. This is when ‘bad actors’ (hackers/scammers) manage to gain access to victims’ electronic devices and wreak havoc by stealing credit card details and anything else they can get their grubby mitts on.

Whether the FBI in Denver thinks people are particularly at risk of being ‘juice-jacked’ in Denver isn’t abundantly clear at this juncture.

The FCC website cautions against allowing a complimentary USB charge to deplete your finances. To avoid this, it is advised that patrons bring their own USB cord and connect it to a wall socket or a portable charger. USB-C cables and wireless charging options are also recognized as more reliable alternatives.

In the event that one must use a public USB charging port, specialists recommend remaining vigilant for indicators of phone tampering such as rapid battery depletion, overheating, and altered settings. In general, experts recommend treating one’s phone as if it were a credit card and adopting comparable protective precautions.

Tony Coulson, the Executive Director of the Cybersecurity Center at California State University at San Bernardino, asserts that, “You don’t just go anywhere and start plopping your debit card in.”

So, be careful out there guys and don’t forget your chargers, including the plug!

LOOSE ZIPS SINK SHIPS

Well, it looks like the Americans have been caught with their pants down, again! The Ukrainian Security Service, or SBU if you’re fancy, discovered that their own agents in Belarus went rogue and attacked a Russian surveillance plane.

The Americans were listening in, of course, and added this juicy piece of intel to a highly classified slide on the war in Ukraine. And what happened next? Well, it seems like someone hit the “upload to the internet” button and over 50 classified reports were leaked for all to see. Bravo, America, bravo.

Apparently, the leaked files include all sorts of top-secret military assessments and CIA reports on global issues. And where did they show up first? On Telegram, that’s right, the messaging app that’s as popular in Russia as vodka. And some were even published on Discord, the chat site for video-game enthusiasts. Who knew gamers had such a thirst for classified information?

Sure, some of the files had been doctored to make it seem like Ukraine was taking more of a beating than they actually were, but the rest seemed legit. Even former American and European intelligence officials thought so.

The Pentagon practically shrugged its shoulders and said, “Yup, those are probably ours.” The Biden administration was not amused and is currently investigating the source of the leak.

They’re also taking a closer look at how this kind of sensitive info is distributed. Good luck with that, guys.

To make matters worse, Ukraine is gearing up for a counter-offensive, and now everyone knows exactly what they’re capable of.

Thanks for the intel, America! Maybe next time, keep it on a need-to-know basis.

YUP, IF YOU DON’T HAVE AN IPHONE, WELL, YOU… WON’T HAVE TO WORRY ABOUT THIS AT ALL

Here are the key facts about the two security vulnerabilities present in the latest Apple iPhone update:

  • The iOS 16.4 update released last month came with two security vulnerabilities
  • These could allow hackers to infiltrate the device and ‘execute arbitrary code’
  • Apple has released iOS 16.4.1 to all compatible handsets to fix the issues

Hey there, iPhone users! If you don’t want to be the victim of some sneaky cyber-attack, you better update your device ASAP. Apple just dropped iOS 16.4.1, and it’s a doozy.

Apparently, the previous software update, iOS 16.4, had a couple of nasty little vulnerabilities that left your device open to attack. Yikes! But fear not, dear Apple fans, because the geniuses over at Apple have fixed the issue with this latest update.

And it’s not just the iPhone that’s affected. Mac and iPad users, listen up! The same security flaws were also present in the older versions of your software. So, Apple has come through with updates for macOS Ventura 13.3.1 and iPadOS 16.4.1.

But what exactly were these vulnerabilities, you ask? Well, according to Apple, they could have allowed hackers to get into your device and “execute arbitrary code.” And we all know that arbitrary code is never a good thing.

So, take our advice and get that update installed pronto!

So long and thanks for reading all the phish!

Recent articles