Looking back at August…

One of the most important information related to cyber security pertains to August release of a patch for the Stagefright vulnerability, to which almost all versions of the Android OS from versions 2.2 to version 5.1 are vulnerable. The existence of Stagefright had been made public at the end of July and it is estimated that vulnerable device number in hundreds of millions. The vulnerability enables the attacker to cause arbitrary code execution by sending a specially crafted MMS. The released patch has unfortunately been shown to be incomplete, the result of which is that even updated devices are still vulnerable.
Another interesting vulnerability which also affects a mobile platform (in this case iOS) is called Ins0mnia. The vulnerability enables malicious applications to circumvent OS security controls and run in the background without users knowledge (and – for example – collect sensitive information). Ins0mnia affects even non-jailbroken devices and has been patched in the iOS 8.4.1 update.
One further August news story has been connected to Apple products – creation of the Thunderstrike 2.0 proof-of-concept worm which is able to infect firmware of Macs. Given the location of infected memory, it is highly problematic to detect the infection from the OS and removal of the worm requires firmware to be re-flashed.
Another newly discovered (however 18 years old) attack vector also exploits vulnerability connected to computer hardware. A vulnerability in Intel x86 processors enables an attacker to install rootkit into memory location used by SMM (System Management Mode – a privileged mode used outside of normal OS execution).
One final interesting news comes from the Czech Republic and concerns signing of a sectoral agreement about cyber security education between commercial and governmental entities.