# Are You Down With RDP? - PSW #873
This week, we're diving into some of the most pressing security news that'll make you wonder how hackers manage to find and exploit vulnerabilities in our technology. From Remote Desktop Protocol (RDP) woes to a shocking hack on the Signal clone used by US government officials, we've got it all covered.
One of the biggest concerns this week revolves around RDP, which has been plagued with issues related to credentials that aren't really revoked as they should be. Imagine logging into your work computer or accessing your home network, only to discover that someone else has gained access because your password wasn't properly updated after a change. This is exactly what happened in one case, where hackers used compromised credentials to gain unauthorized access to sensitive data.
Another issue we're facing relates to bitmap caching on Remote Desktop Protocol. What's bitmap caching? It's a feature designed to improve performance by storing images in memory rather than having the computer constantly load and display them from the server. Sounds good, right? Well, this has led to some unexpected security vulnerabilities that could allow hackers to execute arbitrary commands on an RDP connection.
Moving on, we have MagicINFO Vulnerability Management - a system used for monitoring and managing vulnerabilities in IoT devices. But what happens when these systems themselves become vulnerable? It's like the old adage goes: "A house divided against itself cannot stand." In this case, a division between the security team and IT can lead to security gaps in systems. This isn't an isolated incident either; multiple such instances have been reported across various industries.
Now, let's talk about Airborne - vulnerabilities found within AirPlay, a feature used for wirelessly transmitting audio from your iPhone or iPad to speakers or headphones without the need for cables. What happens when something as seemingly safe and convenient like this becomes an entry point for hackers? In recent times, we've witnessed how these vulnerabilities have been exploited to gain unauthorized access to devices.
This week also saw news about "bring-your-own-installer" (BYII) - a trend where companies allow employees to install their own security software or tools. Sounds like a great idea until someone realizes that this could be used as an exploit by hackers. With the right tool, one malicious installer can turn what's supposed to be protection into a significant threat.
Lastly, there was news about a shocking hack on the Signal clone used by US government officials. What makes this story even more surprising is the fact that it involves a group of hackers known as "The DarkSide" - infamous for their high-profile cyber attacks in recent years.
While all these security incidents might seem alarming, there's an important point to remember: reporting vulnerabilities isn't always straightforward. Sometimes, simply identifying and reporting an issue can lead to the thing you're trying to fix becoming a problem itself. It's like being caught in a loop that makes it difficult to break free.
On the flip side of security breaches is the world of EDR (Endpoint Detection and Response) bypasses. These tools are designed to protect computers by monitoring their activity, but hackers have found ways to circumvent them. The magic behind this seems like something out of a spy thriller: hackers create custom software that allows them to mask malicious activity from these EDR systems.
Another recent development has been the discovery of an AI-powered slop vulnerability reporting tool. While it might sound like something beneficial, the reality is that using such tools can sometimes lead to misreporting and false positives.
Lastly, we have the surprising story of an iPhone being bricked with a single line of code. This isn't just a matter of a simple typo; this line of code somehow managed to cause irreparable damage to the device, leaving it unable to boot up again.
This week's episode covers some dark and intriguing corners of cybersecurity that remind us of how interconnected and vulnerable our technology is. From RDP woes to government hacks, we're constantly reminded of the need for vigilance in protecting ourselves from cyber threats.
Visit https://www.securityweekly.com/psw for all the latest episodes and stay up-to-date with the world's most pressing cybersecurity news!
For show notes, please see: https://securityweekly.com/psw-873