Week 12th June - 16th June 2023 ( Week 24)

:rocket: :heart: Welcome to this week’s edition of ‘This Week in Cybersecurity’ where we explore a common subject that affects us all: cybersecurity and privacy in the digital age. :heart:

This week we’ve curated news articles that show how different countries are now more prone to attacks ranging from Turkey’s population data breach to Switzerland’s and US’s cyberattack targeting the federal agencies. Stay up-to-date with the latest developments all around the world with these short summaries and be informed. :newspaper: :partying_face:

Reddit says it won’t force subreddits back open (but will it?)

Reddit is facing controversy over its response to the subreddit blackout (which is a protest by thousands of subreddits to Reddit’s decision to charge third-party developers with a large fee for API access). Reddit claimed that it will respect the subreddit blackout but its intentions are not clear. The company also stated that it will replace moderators who support blackout with those who would reopen the subreddits. This has raised many questions about whether it violates Reddit’s moderator Mode of Conduct rules. However, it plans to allow its users to vote out moderators who have overseen the protest. Despite the ongoing blackout, the top communities remain open.

Date: Jun 16, 2023
Source: The Verge
Author: Sean Hollister
Tag: Enterprise, Tech

US government agencies hit in global cyberattack

Multiple US federal government agencies and many companies and organisations have been hit in a global cyberattack by Russian cybercriminals that exploits a vulnerability in MOVEit software that companies and agencies used to transfer data. The attack is attributed to the Clop ransomware gang that claimed to demand a multimillion-dollar ransom. The US Cybersecurity and Infrastructure Security Agencies (CISA) is working urgently to understand impacts and ensure timely remediation.

Date: Jun 15, 2023
Source: CNN
Author: Sean Lyngaas
Tag: Ransomware, Cyber Risk/Cyber Threats

EU votes to ban AI in biometric surveillance, require disclosure from AI systems

The European Union has voted for stricter regulations on AI, including a ban on the use of AI in biometric surveillance and requires OpenAI’s ChatGPT to reveal when content has been generated by AI. The “AI Act” law aims to protect EU citizens from potential threats linked to AI. The new draft will also include banning companies from scraping biometric data from social media for facial recognition training purposes. The proposed regulations have received tremendous support from many companies. The final version of the AI Act is expected only till the end of the year.

Date: Jun 15, 2023
Source: Ars TECHNICA
Author: Benj Edwards
Tag: AI, ChatGPT

Switzerland under cyberattack

The Swiss Federal Administration websites are/were under DDoS attacks recently owing to the gang group, Noname057(16), a pro-Russian hacker group, as a response to Switzerland adopting a new EU sanctions package against Russia. Some of the websites that were hit by the attack included the Swiss Parliament’s, federal railways, Grenchen and Geneva airports, Geneva tourism, etc., which compromises their system and steals sensitive data. These incidents show the growing cybersecurity threat targeting Switzerland.

Date: Jun 14, 2023
Source: Helpnet Security
Author: Helga Labus
Tag: Cyber Risk/Cyber Threats, Vulnerability

Microsoft releases updates to patch critical flaws in Windows and other software

Microsoft has rolled out fixes for its Windows operating system and other software components as part of the Patch Tuesday updates for June 2023. The patch was for 73 flaws, out of which 6 were rated as critical. Out of the fixes, the most important one was the CVE-2023-29357 (CVSS score: 9.8) which is a flaw in SharePoint Server that could be exploited by an attacker to gain administrator privileges. Therefore, always remember to update to the latest versions to mitigate possible cyber attacks.

Date: Jun 14, 2023
Source: The Hacker News
Author: Ravie Lakshmanan
Tag: Vulnerability, Software Security

Spotify fined €5 million for GDPR violation

Spotify, which has its headquarters in Sweden, has been fined €5 million for non-compliance with GDPR regulations, as the streaming service did not comply with the obligation of users having the right to get access to all their data and information. The Swedish Data Protection Authority (IMY) imposed the fine following a complaint made by noyb and litigation over inaction. The complaint was made based on Spotify failing to meet the request for access to user data which is in violation of Article 15 GDPR. The case also involved a complaint filed in the Netherlands by Bits of Freedom.

Date: Jun 13, 2023
Source: NOYB
Tag: Data Protection, Data Privacy

Entire population of Turkey had personal data exposed online

The personal and financial details of roughly 85 million people in Turkey were exposed in a website named “Sorgu Paneli”. The website offers users access to full names, addresses, phone numbers and financial information which leaves them in danger of identity theft and risks of fraud. The website remains inaccessible for now but could be accessed through different platforms. The breach seems to be linked to the earlier breach of the country’s e-government system. However, it is unclear who is behind the attack. Users are advised to stay vigilant and report any suspicious activities to the authorities.

Date: Jun 12, 2023
Source: Restore Privacy
Author: Heinrich Long
Tag: Cyber Risk/Cyber Threats, Data breach


That’s it for this week. We hope you’ve enjoyed reading these short summaries. Let us know in the comment section below if you have any interesting articles you come across and let’s keep each other informed of the latest cybersecurity and data privacy developments. :partying_face: :tada:

Missed out on last week’s updates? Fret not! Visit ‘In the News’ category of Passbolt community forum to catch up with the :newspaper:.

:heart: Thank you for your participation! :heart:


As the MOVEit issue grows in the United States the US government has issued a $10 million bounty.




I wish man… I am maybe one step above a noobie.

I wish all the Pro’s good luck :four_leaf_clover: