Phishing, vulnerability, email security, and artificial intelligence are the topics that we'll cover in this week's review. In the current cybersecurity world, anyone can be a victim, therefore, we should keep ourselves updated on the threats that are out there. With this, we take a step further in increasing our security posture as an individual. Or, if you work for an organization, you can forward any of the articles that we cover to your IT department.

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

At the time of writing, Samsung has patched the vulnerability. Reading the article will cement the fact that Google Project Zero is full of talented researchers; no doubt. Adding that it bug required no-click makes it fun and dangerous. The following is a summary of the article, and you can read the entire at the provided link above:

  1. A Google Project Zero researcher uncovered a zero-click exploit targeting Samsung devices through a flaw in the APE decoder.
  2. The vulnerability, tracked as CVE-2024-49415, allows remote code execution on Android versions 12 to 14.
  3. The exploit is triggered via Google Messages with RCS enabled, affecting Galaxy S23 and S24 phones.
  4. Samsung patched the issue in December 2024, adding proper input validation.
  5. Another high-severity flaw in SmartSwitch was also patched, preventing local attackers from installing malicious applications.

WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables

The level of trickery cybercriminals are willing to go to just to get what they want is alarming. Here is what going on in this campaign, and you can read the article for the full story:

  1. Cybercriminals are using JavaScript skimmers to steal payment information from WordPress e-commerce sites by injecting malicious code into database tables.
  2. The skimmers activate on checkout pages, creating fake payment forms to capture credit card details.
  3. The malicious code is stored in the wp_options table, making it hard to detect by security tools.
  4. Stolen data is encrypted and sent to attacker-controlled servers to avoid detection.

How to Eliminate “Shadow AI” in Software Development

As a developer, if you don't know the consequences of using AI-generated code, you're better off without it. That's the lesson from the article. The article is aimed at CISOs, but we can all learn from it after reading it.

From the article:

What’s clear is that AI on its own is not inherently dangerous. It’s a lack of oversight into how it is implemented that reinforces poor coding habits and lax security measures. Under pressure to produce better software faster than ever, developer team members may try to take shortcuts in – or abandon entirely – the review of code for vulnerabilities from the beginning.

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

It's uncalled for that there are malicious Google Ads for Google Ads. Yes, you read that right. You might think that it's not possible, but it is. Here is what's going on, and you can read the article for the full details:

  1. Cybercriminals use fake Google Ads to target advertisers, aiming to steal their account credentials.
  2. The attackers create ads that mimic legitimate Google Ads, tricking users into visiting phishing sites.
  3. Victims are redirected to fake login pages where their Google account credentials are harvested.
  4. The campaign has affected users worldwide, with multiple geolocations being targeted.

Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes

It's quite a complicated issue and I am trying hard to find words to explain what's going on. The following excerpt explains what's going on:

The issue is relatively straightforward: when purchasing a failed startup’s domain, anyone can re-create old employee e-mail accounts and use them to access the different SaaS products the startup used.

While re-creating an old employee e-mail account does not provide access to the data stored by Google, it could grant access to data stored on services such as Slack, Zoom, ChatGPT, and others, on HR systems and interview platforms, and to direct messages on chat platforms.

Credits

Cover photo by Debby Hudson on Unsplash.

That's it for this week, and I'll see you next time.

Author Of article : Habdul Hazeez Read full article