Archive for September 15, 2024

With iOS 18, Thieves Who Want To Steal Your iPhone Might As Well Not Even Bother

Posted in Commentary with tags on September 15, 2024 by itnerd

iPhones for a long time now have had something called Activation Lock. What that does is it basically locks the phone so that if the phone gets stolen, it cannot be sold and reactivated. That’s led to two things. One is scams such as this one, or this one that are meant to get you to remove activation lock so that the thief can resell your phone. The second thing are phones being dismantled for their parts since individual parts aren’t affected by activation lock.

Apple is going solve the latter problem, or at least try to. And to their credit, they did announce this months ago. Though that announcement did fly under the radar at the time:

Apple will also extend its popular Activation Lock feature to iPhone parts in order to deter stolen iPhones from being disassembled for parts. Requested by customers and law enforcement officials, the feature was designed to limit iPhone theft by blocking a lost or stolen iPhone from being reactivated. If a device under repair detects that a supported part was obtained from another device with Activation Lock or Lost Mode enabled, calibration capabilities for that part will be restricted.

Enter BetaProfiles who noted that the RC (Release Candidate) of iOS 18 had this feature enabled. Thus everybody who updates their iPhone to iOS 18 will get this feature. And in the process, make their phones less valuable to thieves. I suspect that there will be a further increase in scams as thieves who want to cash in on stealing iPhones will try to go that route to cash in on their ill gotten gains. But any deterrent to stop phone thefts is a good thing.

Leave a comment »

TTC To End Free WiFi In Subway Stations…. I Can Argue This Both Ways

Posted in Commentary with tags on September 15, 2024 by itnerd

News filtered out at the end of last week that the TTC is going to kill off their free WiFi service in the subway system at the end of the year. Here’s the reason why:

The TConnect system was launched more than a decade ago and the transit agency says concerns over the age of the technology and infrastructure related to reliability/performance along with security for users were behind the decision to discontinue the free service.

“We’ve also seen a 65 per cent drop in use of TConnect since 5G connectivity for all carriers was introduced,” TTC spokesperson Stuart Green tells CityNews.

“And then there’s the cost – $17 million to upgrade the infrastructure to address performance and security issues does not feel like a wise investment. We think our customers would rather see that money spent on our core business – safe and reliable transit service.”

Green says they will continue to work with Rogers to build out the 5G network and enhance connectivity on the TTC while improving the customer experience.

If Rogers completes the 5G rollout, which I am pretty sure that they will as they have the Federal Government holding their feet to the fire, then this is a complete non-issue. Besides, there’s this:

So you might think I am all for this decision. Right? Well. Not quite. The other side of this is that you would have to use 5G or 4G LTE data instead. And since Toronto is part of Canada, and Canada has some of the highest prices on planet Earth for cellular data, that is going to hurt low income people who may not be able to afford a cell phone plan with a lot of data. And there’s the fact that Rogers 5G rollout in the subway isn’t scheduled to be done until 2026. If the the TTC pulled the plug then, I think it would be less of an issue. But the fact that they’re doing it at the end of the year makes this an immediate problem for those on lower incomes. Finally, GO Transit is aggressively rolling out free WiFi on their buses and trains. And both are overseen by the agency that runs Transit in the Greater Toronto Area which is Metrolinx. Which means you have one transit provider who has free WiFi, and one that doesn’t. That doesn’t seem consistent to me.

I don’t know what the right answer is, but my feeling is that the TTC might want to do a rethink of this as I am not sure that they have thought this through completely and taken into account all the various angles of them killing WiFi in the subway system.

1 Comment »

Fortra Discovers Sophisticated QR Code Phishing Campaign That Targets Office 365 Users

Posted in Commentary with tags on September 15, 2024 by itnerd

Global cybersecurity software and solutions provider Fortra has discovered a sophisticated QR code phishing campaign specifically targeting Microsoft Office 365 users across various industries, including finance and healthcare. In this campaign, employees are tricked into scanning a QR code sent through a blank email. That code redirects them to a highly personalized phishing page tailored to look like their company’s Office 365 login portal.

Now at this time, I don’t have a link to send you to read this document on for yourself. But here’s how the campaign works:

  • The target, because this is a targeted attack, gets an email that contains a PDF. The PDF claims it is an “Enhanced Bonus Distribution Strategy” from HR and requests that the user scan a QR code to access the document.
  • Embedded in the QR code was a phishing redirect link that takes the user to a fake Microsoft Identity Verification Check. Upon analyzing the source code of this page, it was discovered two base64 encoded strings. One decoded string is a URL for a site hosting an email list with n290,000 emails in it, and the other goes to the Office365 phishing attack. It was also discovered in the same code that if the users email address is in the email list, they are permitted to continue to the next part of the phish.
  • The background of the Office365 phishing site changes to reflect the company name based on the users email domain. If the users email address is not found in the list, they are given four chances to input their email and then redirected to a random Wikipedia article. The user is given four chances so the attacker can harvest extra email addresses.

Why this matters:

  • QR code phishing attacks are becoming more prevalent due to the reliance on remote and hybrid work environments, which often use QR codes for authentication, document sharing, and security. While often perceived as convenient or harmless, they are now being weaponized to bypass traditional email security measures.
  • The phishing campaign was designed specifically to exploit Office 365, a platform used by over a million companies globally. With over 290,000 email addresses targeted in this attack, this finding represents a major security risk for companies relying on Office 365.
  • The high level of personalization in the phishing attacks can easily trick even trained employees, increasing the risk of credential theft and data breaches.
  • QR codes are under the radar for many cybersecurity protocols, as most rely on anti-phishing tools that scan links in emails, creating blind spots for security teams.

Thus the take home message is that scanning QR codes is becoming a risky endeavour. Thus if you get one from via email from someone that you don’t know, or that you don’t expect, your best course of action is to perhaps delete it and report it to your IT department as it might be dangerous.

1 Comment »