A series of simultaneous explosions of handheld pagers in Lebanon and Syria injured at least eight people, including members of Hezbollah, amid rising tensions with Israel. The explosions are believed to be a sophisticated attack attributed to Israel, targeting Hezbollah members who were warned against carrying electronic devices. Hospitals are on alert for emergency patients, and the Health Ministry has advised people to avoid pagers.
From Dark Reading, a new covert channel attack method, “Pixhell,” can exploit air-gapped networks by transmitting data using sound waves generated from LCD screens. This attack requires control over devices on both sides of the air gap and can transmit information via inaudible high-frequency sounds. While physical air gaps adequately protect most organizations, sensitive sites may need additional measures to counter such covert attacks, including unidirectional gateways and increased distances between systems to reduce the feasibility of exploitation.
A security researcher, Benjamin Harris, exploited a rogue WHOIS server by acquiring the expired domain dotmobiregistry.net. This enabled him to generate counterfeit HTTPS certificates and track email activity. His server received millions of queries from major entities, highlighting vulnerabilities in the trust of WHOIS systems. Harris populated the database with fake data, allowing him to manipulate certificate authority processes and potentially intercept communications.
It’s not all bad news. CISA has released new checklists to assist state and local election administrators in enhancing cybersecurity and physical security for election systems ahead of the presidential election. Recommendations include activating multi-factor authentication, separating election networks, ensuring encrypted backups, and utilizing cyber hygiene tools to address evolving threats.
The Cybersecurity Maturity Model Certification (CMMC) rollout by the Pentagon includes developing training and tools for program managers to properly mark controlled unclassified information (CUI). A recent inspector general report highlighted inconsistencies in CUI marking, which could pose risks under CMMC requirements. The phased rollout of CMMC will take three years, during which contractors must identify their CUI. The DoD is focused on preventing data theft by adversaries and is working to enhance training and tools for consistent CUI application.
Why do we care?
Today, there is a lot about unusual attack vectors. A reminder: most will not be victims of this kind of attack. I wanted to make the audience aware of these. That said, much more of the broad industry interacts with defense than you might think. Don’t think about fighter jets. Consider the company that makes the bolts that hold a plane together. There will be ever increasing reach of CMMC, and I predicted recently that this will become the broad standard beyond defense. It’s time to start considering it if you’re not in defense.