3 May 2023

Android device migration

The exchange of smartphones has a significant complication in transferring data to the new device. To overcome this problem, Cloning applications were introduced to overcome this problem, which will clone the entire device to the new one. This includes applications, photos, personal data, mail accounts, and even session data of applications. However, CloudSEK’s researchers found that many applications do not invalidate or revalidate the session after this data migration to a new device. Threat actors are aware of this and use this lack of validation with highly privileged migration tools to copy to their devices, which can result in impersonation. As per the migration experiment conducted by CloudSEK, WhatsApp transferred the secret keys to the new device, which resulted in the application not asking for 2FA. “Researchers conducted an experiment using two Realme devices. After the data was transferred from the victim’s device to the attacker’s device, the two applications (Whatsapp and Whatsapp Business) were accessible on both devices via the same account.” Even though the victim had activated WhatsApp 2FA, it wasn’t asked on the new (attacker’s) device, and now both devices could send messages via the same account. However, the replies from the user on the other end will only be received on the device which sent the last message. A threat actor gaining access to this kind of vulnerability can impersonate a person and WhatsApp and send messages on the victim’s behalf. Once the migration is completed, WhatsApp will receive messages on the device to which the last message was sent. In such cases, the victims will only be able to know if they log on to Web WhatsApp and look for conversations. Threat actors can bypass this easily if they delete the messages. Meta owns WhatsApp. However, the same Meta-owned Instagram did not have this vulnerability, as it logged out all accounts when migrated to a new device. As these applications do not invalidate or revalidate session cookies, threat actors can manipulate victims into installing Stealer Log malware that records users’ activities and sends them back to their servers which can be used to gain unauthorized access to victims’ accounts. Once attacker steals the cookies not validated by the applications, they can use anonymous browsers to use stolen cookies resulting in the impersonation of network location and GPS. Checking for unusual activity on their accounts and their device Keeping the device locked when not in use Do not leave the devices in the public places Enable Two-factor authentication for the applications. Read the rest of this exclusive interview in our latest issue here. Never miss a story… Follow us on:  Security Buyer  @SecurityBuyer  @Secbuyer Media Contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Android device migration Read More »

Integri

Inner Range Integriti software update

Inner Range’s latest upgrades to its Enterprise-level system, and its integrated security access control system, inception, feature system warning and product support improvements. Version 23 of Integriti includes enhancements to system warnings, translation architecture and improvements such as firmware updates and installation packages which will make Integriti easier to use and more efficient. Redesigned System Warnings The user interface for viewing and dealing with outstanding system warnings has been redesigned to increase the visibility of problems in the system so they can be resolved more easily. Potential problems in the system will be immediately noticeable so they can be looked at quickly, which will prevent long term issues. All system warnings are now grouped into one of three top-level categories: hardware, system health, integration, and a summary for each is displayed at the top of the system warning dialog, making it easy to identify which areas of the software has problems. The system warnings can be filtered down by type and category. They can also be suppressed to allow those caused by known factors to be removed from the dialog until they are ready to be addressed. On upgrading to v23.0 all existing system warnings will be deleted, but warnings which are still applicable will be automatically regenerated over time after starting Integriti services and reconnecting to Controllers. Translating Integriti Software This has received several improvements to help in translating the Integriti software for use in different cultures. Updates include simplifying the selection of the translation language for the software, right-to-left support, and support for translating Integriti software integrations. The improvements will offer more flexibility at multi-lingual sites, allowing the Integriti language to differ from the system language. Right-to-Left Support Any language which is usually written from right-to-left will now display in a right-to-left format in Integriti. Translation files can be generated and loaded in the same way as the Integriti software, with individual integration template files being made available with all new integration releases. Integrations will automatically use the same translation language as the Integriti software. Further improvements The Navigation Tree will be sorted alphabetically by default, with site/keywords grouped at the top and all hardware grouped at the bottom. Firmware will be automatically updated with the latest available versions as new versions of Integriti are installed. Added support for Duo 2FA and formal support for Microsoft Authenticator to authenticate operators logging into Integriti clients. The option to automatically delete visitors, and their associated users, after they have checked out. Tim Northwood, Inner Range’s Sales Director, said: “One of the things we pride ourselves on is providing our integrators and tech support with effective solutions to quickly deal with any problems which arise. “The latest Integriti updates have been developed to speed up processes, make it more accessible to everyone, and to allow our technicians and integrators to work remotely and solve issues far more quickly than if they had to be on site.” Inception’s latest release, version 5.1.0, includes updates for OSDP reader management, reports, output control, area arm notifications, calendars, Ethernet Bridges, and other fixes. New features and updates include French Canadian translation and the option to change addresses of OSDP readers to improve the two-way communication between access control systems. Read the rest of this exclusive interview in our latest issue here. Never miss a story… Follow us on:  Security Buyer  @SecurityBuyer  @Secbuyer Media Contact Rebecca Morpeth Spayne, Editor, Security Portfolio Tel: +44 (0) 1622 823 922 Email: editor@securitybuyer.com

Inner Range Integriti software update Read More »

Scroll to Top