The Daily Decrypt
The Daily Decrypt
Super Bowl Cybersecurity, Raspberry Robin Evolution, RustDoor macOS Threat, AI Underground Surveillance

Cybersecurity and Infrastructure Security Agency (CISA) teams up with the NFL to tackle cybersecurity at the Super Bowl, making a defense play that extends beyond the field. Dive into the shadows with us as we explore the stealthy advances of Raspberry Robin malware, leveraging Discord and new exploits to breach systems. Shift gears to the macOS landscape, where RustDoor backdoor emerges as a sophisticated threat. Then, join us underground on the London Tube, where AI surveillance trials spark debate over privacy and safety. Finally, we unravel the evolving menace of MoqHao Android malware, highlighting the relentless pace of cybercriminal innovation. Stay vigilant with us on the digital frontier, where cybersecurity is not just a strategy but a necessity.

Featured Topics and Original Articles:

  1. CISA’s Cybersecurity Touchdown at the Super Bowl
  2. AI Surveillance on the London Underground
  3. RustDoor MacOS: A Stealthy Threat
  4. Raspberry Robin Malware’s Tactical Evolution
  5. The Evolving Threat of MoqHao Android Malware

Listen and Learn: Join us as we dissect these pressing cybersecurity issues, offering insights into how individuals and organizations can navigate the complexities of the digital age. Whether it’s the excitement of the Super Bowl or the daily commute on the London Underground, security is omnipresent and paramount. Stay informed, stay secure, and let’s protect our digital world together.

Thanks to Jered Jones for providing the music for this episode.

Good morning, everyone. Today is Monday, February 12th, and you’re listening to the daily decrypt. Yesterday was a pretty big day for television fans. I believe Taylor swift. Made an appearance, um, at the sports game.

So congratulations to Taylor swift for winning the super bowl.

We’re going to quickly talk about the CSUs cybersecurity touchdown at the super bowl. We’re going to be discussing AI surveillance at the London [00:01:00] underground. I’m gonna be talking about RustDoor which is a MacOS vulnerability.

Raspberry Robin.

And the evolving threat of the MoqHao Android malware.

Okay, so up first, this past. Weekend we had the Superbowl. And CISA.

Which is the cybersecurity infrastructure security agency. Has launched a NFL wide campaign called secure our world. And they’re teaming up with the NFL to boost cybersecurity awareness. Not only at the Superbowl. But throughout the entire season with 32 of the NFL teams committing. To promoting cybersecurity tips.

This is pretty cool.

It’s becoming more and more important to discuss ways to stay safe online. So we’re really glad that the NFL is partnering with CISA. To get the word out there. You’ll be [00:02:00] shocked to hear their recommendations.

Which are as follows.

Adopt strong passwords.

Enable multi-factor authentication.

Be vigilant against phishing.

And keep your software up to date.

These messages appeared on screens throughout Allegiant stadium. They appeared on the jumbo Tron. They appeared on posters. I believe they even. I had an ad. On the Las Vegas sphere. So, this is huge. This is going to be great. We know how much you guys love hearing lectures about how to stay safe online. And we know how much you love ignoring them.

We’re so excited for you to watch the Superbowl and get more of those lectures. The lectures won’t stop. Until you follow that advice.

This campaign is not only coming.

As a result of.

The huge breach on major Las Vegas casinos last year.

But also because regular citizens lost over a billion dollars last year due to cyber crime. So we need to [00:03:00] start cracking down on this for your safety, for the economy.

For many reasons at a macro level.

So I have some friends who have spent between 10 and $80,000 to get to go to Allegiant stadium. For the super bowl. To see Taylor swift.

To get a cybersecurity lecture that they couldn’t get from me. And maybe they’ll even see some sports. So all in all, I think that’s pretty worth it.

So the London underground is testing AI surveillance to detect crimes unsafe behaviors. And fare evasion. With a pilot at Willis, then green tube station.

The system uses live CCTV and machine learning to issue over 44,000 alerts, including 19,000 in real time to station staff for behaviors like weapon brandishing, falling on the tracks and fare dodging. Okay, well, that’s great. They’re not just worried about. The money that they’re losing, but they’re also worried about your [00:04:00] safety.

Like if someone falls on the tracks, AI can recognize that as a safety hazard and get someone over there, hopefully before a train comes.

Experts worry about the ethical implications, potential expansion to facial recognition. And the lack of public awareness about the trial.

And those things concern me too. It’s only a fine line from using AI. To detect crimes and to detect all these things to now tracking you and your face.

And feeding that information to. Big banking to Amazon, to all these people that want your data, Facebook, et cetera.

I’m sure that London is not doing a great job of advertising this. So it’s really important to stay up to date on this news. By sharing this podcast with them. So if you know anyone in London, go ahead and send this to them. The London underground is going to start watching. Yeah.

Apple Mac OS users find themselves at the center of a sophisticated cybersecurity threat.

A new rust based backdoor rust is just a programming language [00:05:00] and it’s been code named rust door by bit defender.

This threat has been around since November of 2023. So it’s not new, but it is just coming to fruition. Rust door masquerades as an update for Microsoft visual studio, which is pretty clever because.

For some reason, certain things need Microsoft visual studio to run effectively on your Mac. And. By the time you realize that that’s what’s missing, you’re frustrated.

And you just click download you, Google, Microsoft visual studio update, and you click the first thing and you click download and you walk away because it’s like, 20 gigabytes. Of data that has to download over the next hour. It’s so frustrating. I’ve done it way too many times.

So attackers have realized this and they’ve bought Google ad space for Microsoft visual studio probably duplicated the website.

So it looks exactly the same with the download button you’re going there. You’re clicking. Download.

And you’re getting malware.

So, yeah. Be careful, especially for downloading Microsoft [00:06:00] visual studio.

On a Mac.

Raspberry Robyn. Which is a fun name is the name of malware. Used as sort of initial foothold during breaches. So it. It historically has been distributed using USB keys or malicious downloads. But it’s continually evolving. And it’s now harnessing one day exploits for escalated privilege. Hinting at either an exploit market purchase or in-house development by its operators.

So we’ve talked about zero days before on this podcast. So as a reminder, a zero day is something that was built into the initial software. So when something is released, There’s a vulnerability in there that the developers don’t even know about. So that’s, what’s called a zero day. Uh, one day is when the developers find [00:07:00] out about that vulnerability.

Now we’re in this weird limbo, which is called a one day. Where the developers know and are working on developing a patch, which will come to you via a security update.

And now all bad actors also know about this vulnerability. So they’re hustling to get out an exploit. For this vulnerability and it’s sort of a race between the developers trying to fix it and the bad actors trying to exploit it. So. Raspberry Robin has successfully exploited. What’s called a one day, which we just discussed.

And it has become harder and harder to detect and analyze because it employs anti analysis and obfuscation techniques. It is also now using discord. For a platform to distribute this malware instead of a USB key.

And introduces what’s called PAE exec. For lateral movement and a refined command and control method using a list of tour addresses to maintain communications stealth. So there’s a lot in there. But [00:08:00] over the past couple of weeks doing this podcast, I’ve seen discord being used for a lot of things. Uh, I know I am clicking these server, join links all the time and join servers and then leave them. I’m going to be joining less servers moving forward. And I’ll be very picky about the ones that I do decide to join.

And finally we’ve got the evolving threat of the MoqHao Android malware. So this malware. Has been around for a few years, but. As of recently it now executes automatically on infected devices. So there’s no user action required.

The malware is like to roaming mantis, a Chinese cyber crime group focused on financial gain.

And it starts with SMS messages containing fraudulent links. So maybe you have a package [00:09:00] coming in. Today and you get a message from someone, saying your package has been delayed. Click the link. That’s how you get it.

As soon as it’s downloaded, it demands risky permissions from the phone.

In July of 22. Sequoia. Reported over 70,000 Android devices in France were compromised.

So. How can you prevent this? Like CISA said at the Superbowl, be vigilant with phishing links. Make sure your devices are up to date. And.

If you notice any weird slowdowns on your devices Turn it off. Turn it back on again. Maybe even reset it.

Alrighty, that’s it for today, guys. Thanks for listening. We hope you enjoyed this new format, bringing you a little bit more news in a little bit shorter of a format.

Thanks for tuning in and we will talk to you tomorrow. [00:10:00]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.