Week 16th Oct - 20th Oct 2023 (Week 42)

:tada: Welcome to this edition of ‘This Week in Cybersecurity.’ Together, let’s explore a topic that affects us all: cybersecurity and privacy in the digital age.

This week’s edition dives into the latest threats, trends and incidents that have shaped the cybersecurity landscape. From the fake Signal zero-day vulnerability propaganda and the persistence challenges posed by malware to emerging risks like AI-driven chatbots. Passbolt’s got it covered. So sit back, relax and enjoy these short summaries of the week.

Happy reading! :newspaper:

1. ENISA warns of rising AI manipulation ahead of upcoming European elections

ENISA (European Union Agency for Cybersecurity) warns of threats posed by AI chatbots and AI-enabled information manipulation in the lead up to the 2024 elections. ENISA’s Threat Landscape report highlights that the manipulation of information should be considered a threat to cybersecurity, noting that there has been a noticeable increase in the use of AI for malicious purposes. The report underscores the need for vigilance when consuming information. According to the report, state-nexus actors are increasingly targeting employees in key positions through spear-phishing emails and social networks. ENISA stresses the importance of ensuring the integrity of information and best cybersecurity practices, particularly to maintain confidence and trust in the EU electoral process.

Date: Oct 20, 2023
Source: Infosecurity Magazine
Author: Kevin Poireault
Tag: AI, Cyber Risk/Cyber Threats

2. Google-hosted malvertising leads to fake Keepass site that looks genuine

A malicious ad masquerading as a Keepass ad has been spotted being distributed on Google Ads. Keepass is an open source password manager that stores your data locally in an encrypted database. The well-disguised ad has fooled even some of the more cautious, security-savvy users. Clicking on the link listed on the ad took the user to a website that closely resembled the real Keepass site, but used an encoding scheme known as Punycode to fool visitors. This encoding scheme allows Unicode characters to be displayed in standard ASCII text. Highlighting the ongoing challenge of detecting potentially malicious ads or Punycode-encoded URLs, this is one of the many convincing attacks using similar methods. The ads ran for a number of days and were paid for by a Google-verified advertiser called “Digital Eagle.” There’s no replacement for vigilance and following secure practices: manually type the URL or inspect the TLS certificate. When downloading passbolt, only do so from its website (passbolt.com).

Date: Oct 19, 2023
Source: Ars TECHNICA
Author: Dan Goodin
Tag: Password Security, Password Manager

3. Google Play Protect introduces real-time-code-level scanning for Android malware

Google has announced that it’s enhancing Play Protect with real-time code-level scanning to detect new malicious apps before they are downloaded and installed on Android devices. Google Play Protect is a free, integrated threat detection service that will scan apps for Android devices, checking potentially harmful apps that are downloadable from the Google Play Store. This update will help users stay protected against polymorphic apps that use a variety of methods to avoid being detected. This feature is being rolled out in select countries, starting with India, to combat the evolving threat of Android malware.

Date: Oct 19, 2023
Source: The Hacker News
Author: Newsroom
Tag: Mobile Security, Tech

4. Biometrics under the EU AI Act

The European Parliament has been debating the regulation of biometric artificial intelligence systems since June 2023, with institutions in the EU taking varying approaches. The EU’s General Data Protection Regulation (GDPR) has one definition related to biometrics, while the proposed AI Act introduces several biometric-related definitions. There is a discrepancy in the treatment of biometric systems, particularly in biometric categorization. Real-time remote biometric identification has been the subject of debate, with a range of views on bans and exemptions. While the European Parliament suggests that biometric data should be considered high-risk, the GDPR only categorises it as a special category of data when it’s being used for unique identification. Discussions are ongoing, and the final version of the EU AI Act is not expected until the end of the year.

Date: Oct 18, 2023
Source: IAPP
Author: Nora Santalu
Tag: AI, Data Protection

5. Over 40,000 admin portal accounts use ‘admin’ as a password

Security researchers have discovered that IT administrators are using weak passwords, including default passwords such as ‘admin’, to protect access to critical portals, leaving enterprise networks vulnerable to cyber attacks. This data was collected over a period of a few months – analysing over 1.8 million administrator credentials using Threat Compass, a threat intelligence solution. It identified the top 20 authentication credentials that are “limited to known and predictable passwords” for admin portals, emphasising the use of strong and unique passwords for each account, use of a password manager, use of an endpoint and detection response solution, and avoiding cracked software to improve security.

Date: Oct 17, 2023
Source: Bleeping Computer
Author: Ionut Ilascu
Tag: Password Security, Data Protection

6. Signal debunks online rumours of zero-day security vulnerability

Over the weekend, unfounded rumours about an unpatched security vulnerability in the Signal messaging app began circulating on social media. These rumours suggested that hackers could use the app’s “Generate Link Previews” feature to seize control of smartphones. Signal denied any evidence of a vulnerability, with Signal’s President claiming that the rumours were simply the work of a disinfo campaign due to a lack of substantiated sources or details. While the rumours appear to be baseless, it’s important to use good privacy practices, update apps regularly and configure privacy settings.

Date: Oct 16, 2023
Source: Bitdefender
Author: Graham Cluley
Tag: Vulnerability, Tech


That’s it for the ‘This Week in Cybersecurity’ roundup. :heart: :tada:

Lets join together in this mission to keep the community informed, safe, and secure by sharing any information or news articles you find interesting in the ‘In the News’ section of the passbolt community and connecting.

Remember to vote for the article you find most interesting and would like to see featured in the next cybersecurity news roundup video below :white_check_mark: :

  • :one: ENISA warns of information manipulation by AI
  • :two: Fake Keepass site
  • :three: Google’s Play Protect with real-time-code scanning
  • :four: EU AI Act
  • :five: Weak admin passwords
  • :six: Signal fake rumours
0 voters