Category: Uncategorized

What Happened On Friday, WhatsApp announced that a sophisticated hacking operation linked to Paragon’s Graphite spyware targeted its users. According to Meta's security team, the threat actors employed a "zero-click" exploit to compromise user accounts without any interaction.  "WhatsApp has disrupted a spyware campaign by Paragon that targeted a number of users, including journalists and members of civil society," a company spokesperson told The Guardian. "We've reached out directly to people who we believe were affected. This [incident] is the…

In today’s connected enterprise, a wide range of wireless devices – from authorized network hardware to personal technologies – pose a growing and often invisible security risk. Attackers can exploit these devices to infiltrate networks, making comprehensive wireless security essential for organizations across all sectors. From corporate data centers and cloud infrastructure to classified environments, unmonitored wireless devices can be gateways for data breaches, eavesdropping, and unauthorized access. Bastille Networks offers a cutting-edge solution designed to secure the entire wireless…

As the threat landscape evolves, insider threats remain a significant challenge for Chief Information Security Officers (CISOs) and cybersecurity teams. Insiders, including employees, contractors, or trusted partners, can misuse privileged access to harm organizations, and the growing use of wireless devices, such as smartphones, laptops, and IoT gadgets, adds a layer of complexity to this challenge. “Insider Threats” today include compromised systems and user devices with RF interfaces. Wireless technologies have expanded the attack surface, creating opportunities for insider threats…

On December 17, 2024, Brian Contos spoke with Brett Walkenhorst, Bastille Networks's Chief Technology Officer, recording a quick Ask Me Anything video about the recent wireless attack that Veloxity disclosed. The conversation explores the "Nearest Neighbor Attack," an innovative wireless attack strategy highlighting how attackers bypass traditional proximity-based security assumptions. It delves into the attack's mechanics and implications and discusses how Bastille Networks’ solutions address these challenges. Volexity states, "The Nearest Neighbor Attack effectively amounts to a close access operation,…

A recent industrial espionage case in South Korea highlights how insider threats can leverage physical and wireless vulnerabilities to exfiltrate highly sensitive intellectual property. The incident, which South Korean prosecutors value at over $180 million in damages, demonstrates why organizations need comprehensive visibility into all potential data exfiltration channels, including personal cell phones. The Incident The Seoul Eastern District Prosecutors’ Office indicted a former Samsung Display researcher for allegedly stealing trade secrets related to automated factory operations and leaking them…

In a joint cybersecurity advisory released October 10th, 2024, the FBI, NSA, UK NCSC, and other Western intelligence agencies warned that Russia's Foreign Intelligence Service (SVR) continues to successfully breach private sector and government networks worldwide using a combination of traditional network attacks and concerning new wireless intrusion techniques. The Wireless Vulnerabilities The advisory highlights 24 specific vulnerabilities that network defenders should remediate to protect themselves against active exploitation from SVR (also known as APT-29, Midnight Blizzard, and Cozy Bear).…

Joint reports from Microsoft Threat Intelligence and Black Lotus Labs disclose details of a years-long hacking campaign by the Russian FSB-linked group Secret Blizzard. Through a sophisticated multi-stage campaign, the group successfully compromised and repurposed Pakistani cyber operations infrastructure in Afghanistan and Indian networks, through a sophisticated multi-stage campaign. The Heart of The Investigation: Hardware Hack While tracking the activity of Pakistani state-affiliated group "Storm-0156", Black Lotus Labs researchers discovered a C2 server designed to control a suite of deployed…

Americans should stop unencrypted texting on their iPhones or Androids Executive Summary A confluence of troubling developments has emerged as U.S. officials reveal that Chinese state hackers remain deeply embedded in telecommunications systems. Meanwhile, due to the ongoing breach, the FBI and CISA have taken the unprecedented step of warning Americans to abandon standard text and voice messaging in favor of encrypted communications. This move represents a fundamental shift in how organizations approach personal and corporate wireless device security. The…

INTRODUCTION TO DOD AND FEDERAL WIDS REQUIREMENTSDOD and Federal WIDS (Wireless Intrusion Detection System) requirements, such as those of the Secretary of Defense Memo of June 30th 2023 relating to the safeguarding of classified national security information (CNSI) from the threats posed by personal and portable electronic devices within SCIFs and SAPFs, cannot be met with handheld detection solutions for practical, technical, and regulatory reasons. Our breakdown explains the challenges in more detail:CHALLENGES IN MEETING DOD AND FEDERAL WIDS REQUIREMENTS…

In today's interconnected world, wireless technology is an integral part of corporate infrastructure. As businesses continue to rely on wireless networks for daily operations, the importance of securing these networks has never been more critical. Employees and visitors bring wireless devices into corporate facilities. Visiting wireless devices may be unwittingly compromised or used by bad actors to compromise corporate assets and networks, exfiltrating voice and data or introducing threats and vulnerabilities to corporate systems. This is where Wireless Threat Intelligence…