Zoom calls exposed to eavesdropping

Aug 14 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that reckons cybercriminals should be forced to do National Service. 74% of pensioners think ALL young people should ๐Ÿ˜ณ๐Ÿ˜ฌ๐Ÿ˜‚

Todayโ€™s hottest cyber security stories:

  • ๐Ÿ’ป Zoom flaws expose users to eavesdropping hackers ๐Ÿ‘‚

  • ๐Ÿšซ Flaws in CyberPower, Dataprobe products leave data centres in the lurch ๐ŸŒ

  • ๐Ÿ‘ฎโ€โ™‚๏ธ Cumbria police accidentally published the salaries of 2,000+ employees ๐Ÿ˜‚

Loose links sink ships ๐Ÿšข

๐Ÿšจ BREAKING NEWS: Security Alert! ๐Ÿšจ

Multiple ๐Ÿ”’ vulnerabilities revealed in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) ๐Ÿ˜ฑ. The findings, presented by SySS security researcher Moritz Abrell at Black Hat USA conference, highlight serious risks ๐Ÿ›ก๏ธ.

๐ŸŒ The vulnerabilities lie in Zoom's ZTP, an IT admin tool to manage VoIP devices centrally. No client-side authentication during config file retrieval ๐Ÿ•ต๏ธโ€โ™‚๏ธ allows attackers to potentially download malicious firmware ๐Ÿ˜ˆ from a rogue server.

Meanwhile, AudioCodes VoIP phones with improper authentication issues can expose sensitive info like passwords and config files ๐Ÿ˜ฎ.

๐Ÿ” This combo of flaws creates a powerful attack chainย ๐Ÿ“œ that could be exploited for full remote control over devices. The impact? Eavesdropping on rooms and calls ๐Ÿ“ž, pivoting through devices, attacking corporate networks ๐Ÿ’ป, and even building a botnet ๐Ÿค– of infected devices.

โš ๏ธ As Moritz Abrell warns, this highly scalable attack poses a significant security riskย ๐Ÿ†˜. Similar to the German cybersecurity company's findings on Microsoft Teams, where external attackers could make unauthorised calls through victims' phone lines ๐Ÿ“ต.

I came across ZZZ money club during the crypto market bull run when everyoneโ€™s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.

The group is very active and everyone in this private discord group is very chatty and helpful.

Its run by Yourfriendandy and Decadeinvestor, you can find them here on YouTube, both top guys with great content.

If you are interested in joining the group you can through the link below.

More like CyberPower-outage and Dataprobed ๐Ÿ˜

๐Ÿ” Uh-oh! Critical Vulnerabilities Discovered! ๐Ÿ”

๐Ÿ”ฅ CyberPower's PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe's iBoot Power Distribution Unit (PDU) are at risk ๐Ÿ˜ฑ. Wow, catchy names! ๐Ÿ˜

Nine vulnerabilities (CVE-2023-3259 to CVE-2023-3267) with severity scores from 6.7 to 9.8 have been identified, creating a potential nightmare for data centres ๐ŸŒ.

๐Ÿค– Threat actors could exploit these weaknesses to gain unauthenticated access, leading to catastrophic damage ๐Ÿ˜“. The dangers include shutting down entire data centres, data theft, or launching massive attacks on an unprecedented scale.

๐Ÿ›ก๏ธ Trellix security researchers warn that an attacker could chain these vulnerabilities, gaining full access to the systems. Both products are susceptible to remote code injection, creating backdoors or entry points to the broader network ๐Ÿšช๐Ÿ”“.

๐ŸŒŸ The findings were presented at the DEFCON security conference, and while no evidence of abuse exists, it's essential to act. The vulnerabilities have been addressed in PowerPanel Enterprise software version 2.6.9 and Dataprobe iBoot PDU firmware version 1.44.08042023. ๐Ÿ†•

๐Ÿ”‘ Key Vulnerabilities: ๐Ÿ”‘

  • Dataprobe iBoot PDU: Untrusted data deserialization, OS command injection, buffer overflow, hard-coded credentials, authentication bypass by alternate name.

  • ย CyberPower PowerPanel Enterprise: Hard-coded credentials, improper neutralisation of escape sequences, improperly implemented security checks, OS command injection.

๐Ÿ’ฅ The risks are enormous! Successful exploitation could lead to data centre shutdowns with a "flip of a switch," ransomware, DDoS attacks, or even cyber espionage.

Protect your critical infrastructure and take immediate action! ๐Ÿšจ๐Ÿ”’๐Ÿ›ก๏ธ

๐Ÿ—ž๏ธ Extra, Extra! Read all about itย ๐Ÿ—ž๏ธ

Each fortnite, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ’ฐ Daily Dough: Bite-sized investing ideas, wisdom, news, and trends you need to grow your dough!

  • ๐Ÿ“ˆย ProductivityGlide: A bite-sized email for your most productive day yet!

  • ๐Ÿซย AI Marketing School: The latest AI Marketing tools, techniques, and news delivered biweekly.

Let us know what you think!

โ€˜Ello, โ€˜ello, โ€˜ello. Whatโ€™s all this then? ๐Ÿ‘€๐Ÿ˜‚

๐Ÿท I smell bacon; I smell pork. Run little piggy, Iโ€™ve got a fork! ๐Ÿท

๐Ÿ˜ฑ Cumbria Police, another British police force in the doghouse, reveals a massive data breach. ๐ŸšจNames and salaries of over 2,000 employees, including covert and sensitive roles, were accidentally published online. ๐Ÿ™ˆ Apologies issued. Nice one, chaps!

While not as severe as the recent PSNI scandal, it's still embarrassing.ย ๐Ÿ˜ณ The PSNI breach was extremely serious because officers there face heightened dangers, some not even telling their friends and families that they work for the police because of the threat of terrorist attack.

The leaked info affected 1,304 officers, 756 staff, and 52 police community support officers. Human error is to blame, says the force, and they've taken steps to prevent future breaches. ๐Ÿ’ช

The ICO was notified, reviewed the situation, and advised no further action needed. So, same as what happens when you call them about your stolen bike or literally anything else then: no action.

But retweet something vaguely offensive and youโ€™ll be in cuffs before you know it. But thatโ€™s neither here nor thereโ€ฆ ๐Ÿ‘€

๐Ÿ•ต๏ธโ€โ™‚๏ธ The privacy watchdog was satisfied with the measures taken to manage the breach, anyway.

Thatโ€™s all for today, folks. Stay informed, stay safe! ๐Ÿš“๐Ÿ’ป ๐Ÿค๐Ÿ”

So long and thanks for reading all the phish!

Recent articles