DEV Community

Cover image for Security news weekly round-up - 6th September 2024
Habdul Hazeez
Habdul Hazeez

Posted on

Security news weekly round-up - 6th September 2024

Introduction

Hello everyone, and welcome to the first edition of our security review for September 2024. In this week's edition, we'll review three articles

These articles are about the following:

  • Vulnerability
  • Artificial Intelligence
  • Malware

Bypassing airport security via SQL injection

When I saw the article's headline, I was immediately interested. I mean, SQL injection in a system used by an airport will be an interesting read. I was not disappointed, and it was more interesting because it was easy to exploit.

Here is the interesting bit from the article:

we noticed every airline had its own login page, such as Air Transport International (8C) being available at /ati. With only a login page exposed, we thought we had hit a dead end.

Just to be sure though, we tried a single quote in the username as a SQL injection test, and immediately received a MySQL error.

Using the username of ' or '1'='1 and password of ') OR MD5('1')=MD5('1, we were able to login to FlyCASS as an administrator of Air Transport International!

AI is growing faster than companies can secure it, warn industry leaders

I hope we heed the warning before it's too late. Despite this, Venture Capital is pumping lots of money into AI. A recent (and outrageous example) is SSI raising one billion United States Dollars.

The article is an interesting read and the following short excerpt should get you started:

Clinton warned that this rapid growth is pushing AI capabilities into uncharted territory, where today’s safeguards may quickly become obsolete.

SpyAgent Android malware steals your crypto recovery phrases from images

Threat actors can steal your money using methods that you and I might not even think about. This article is an example of securing or encrypting sensitive images on your mobile phone. However, there is no cause for alarm (unless you're in South Korea at the time of writing).

Here is how the malware works:

Once it infects a new device, SpyAgent begins sending the following sensitive information to its command and control (C2) server:

  • Victim’s contact list, likely for distributing the malware via SMS originating from trusted contacts.
  • Incoming SMS messages, including those containing one-time passwords (OTPs). Images stored on the device to use for OCR scanning.
  • Generic device information, likely for optimizing the attacks.

Credits

Cover photo by Debby Hudson on Unsplash.


That's it for this week, and I'll see you next time.

Top comments (0)