The podcast discusses several cybersecurity threats, including a malware-laced snail mail campaign in Switzerland and a new Wi-Fi based infiltration attack called 'Nearest Neighbor'. The US Department of Justice's proposed solution to Google's monopoly in the search business is also presented, which involves the company divesting ownership of Android and Chrome. The podcast highlights the increasing sophistication and evolving tactics of cybercriminals.
Malware Snail Mail Campaign
• 00:00:05 Hackers in Switzerland used physical snail mail to deliver malware disguised as a severe weather warning app. The QR code in the letter led victims to a third-party app containing the Copper or Octo malware, designed for Android devices. The campaign was likely targeted due to the low number of reports and the relatively expensive nature of sending physical mail for malware delivery.
Google Monopoly
• 00:01:46 The Department of Justice considers Google a monopoly in the search business and proposes a solution involving the divestiture of Android and Chrome. This aims to break Google's control over key distribution channels and prevent it from maintaining a monopoly. The DoJ has also proposed conditions that prevent Google from re-entering the browser market for five years.
Nearest Neighbor Attack
• 00:02:51 A new Wi-Fi based attack, 'Nearest Neighbor', bypasses MFA to access enterprise systems. The attackers used password spray attacks and exploited nearby systems with VPN access without MFA requirements. By hopping between networks and using dual-home systems, they gained access to the target organization's network. This attack, believed to have started in February 2022, uses a daisy-chain method to infiltrate networks.