There are many reports on security trends and summaries, but at Telefónica Tech we want to make a difference. The Innovation and Lab team has just launched our own Cyber Security report that summarises the highlights of the second half of 2022.
Its philosophy is to offer a global, concrete, and useful overview of the most relevant data and facts about Cyber Security, and it is designed to be consumed by both professionals and amateurs in a simple and visually attractive way.
The aim of this report is to summarise the Cyber Security information of the past months in order to help the reader, understand the risks of the current landscape.
The information gathered is largely based on the compilation and synthesis of internal data, cross-checked with public information from sources we consider to be of high quality. The following are some of the points that are important to us.
The second half of 2022 has been characterised by several attacks on large companies that have caused a lot of talk.
Uber, for example, which used a very human way of circumventing the second authentication factor: the “fatigue” of the administrator by receiving dozens of messages asking for confirmation of access, in a short period of time and also at inappropriate times.
Another high-profile attack on LastPass has once again called into question the security of using cloud-based password managers. Many other companies and even countries have suffered attacks, although we have only seen them reflected in their consequences: the leaks. In the last half of 2022. Cisco, Microsoft, Toyota, Revolut And even the personal data of the Chinese population has been leaked.
Regarding Android, it releases a set of patches every month, usually within the first week.
In total, 256 patches have been released to fix various vulnerabilities spread across the six bulletins. Of those 256 patches, 14 fix vulnerabilities that have been rated as critical and could facilitate remote execution of arbitrary code.
This brings to almost 500 the number of vulnerabilities patched in 2022. Similar to last year but less serious overall.
Concerning iOS, the second half of 2022 closed with 167 unique vulnerabilities patched, around thirty of which are considered high-risk, with the possibility of executing arbitrary code.
Some of them affecting the operating system kernel itself. This brings to a close 2022 with 261 bugs patched. The annual number of bugs has continued to grow since the peak of 2017.
Governments sometimes need to rely on large organisations to help them carry out their work. When a threat involves knowing the identity or having access to the data of a potential attacker or a victim in danger, the digital information stored by these companies can be vital to the investigation and avert a catastrophe.
Apple publishes a comprehensive report every six months on what data is requested by governments, which data is requested and to what extent the requests are fulfilled. We update here some data that we have extracted from the information published by Apple for the first half of the year 2021 (the latest published by Apple) on the activities and requests from governments to the company.
This semester, the German government is the one that has generated the most requests for information about devices.
Threats study by indicator
We have conducted, in collaboration with Maltiverse, a ranking study of the indicators of compromise detected on their platform. In other words, to indicate interesting attributes of maliciousness detected in IP addresses, domain names and URLs over the last six months.
We have studied 650,000 urls categorised as malicious. About 20% of the IPs have been seen performing some kind of brute force against authentication systems. This means, for example, making thousands of requests with username and password combinations against an SSH server.
🔵 Download the full report here (PDF)
Photo: True Agency / Unsplash