Week 24th April - 28th April 2023

:tada: Welcome to this week’s newsletter, where we explore a common subject that affects us all: cybersecurity and privacy in the digital age. :heart:

This week we bring you the latest, most interesting news on cybersecurity. From the U.S. DHS creating an AI task force to Google Authenticator’s cloud synchronisation update (and why we shouldn’t enable this feature yet). With increasing cyber attacks and their potential implications, it’s imperative that we stay up-to-date with the latest security news to better protect ourselves and adopt proactive measures.

China revises law to include certain cyberattacks as ‘acts of espionage’

China has recently revised the 2014 counterespionage law that would allow people to be charged as spies on grounds of cyberattacks on critical infrastructure or government bodies. The expanding counterespionage law will allow Chinese authorities to conduct investigations on companies operating in China including disclosing their information content, suspend service, delete programs and restrict contents. This law is expected to bring about tension between China and other countries.

Date: Apr 26, 2023
Source: The Record.
Author: James Reddick
Tag: Cyber Risk/Cyber Threats

Microsoft probes complaints of Edge leaking URLs to Bing

An issue identified by a redditor shows a bug in Microsoft’s Edge browser that sends URLs users visit back to the Bing API which allows the company to monitor online activities. The issue seems to be linked to the Edge’s collection feature. If users want to disabled the feature they should go to the “Privacy, search, and services” tab on the “Settings” page and untick the “Show suggestions to follow creators in Microsoft Edge” box near the bottom of the page. Soon after the issue was made public, Microsoft responded that it’s investigating the issue and will take appropriate action to rectify it.

Date: Apr 26, 2023
Source: The Register
Author: Tobias Mann
Tag: Cyber Risk/Cyber Threats

Charming Kitten’s new BellaCiao malware discovered in multi-country attacks

An Iranian state-sponsored APT group known as Charming Kitten has been targeting victims in various countries with a malware known as BellaCiao which delivers the payload onto the victim machine based on a command received from an actor-controlled server. In their research, Bitdefender Lab has discovered that the attackers have been able to customise this malware to target specific victims and steal the victims information including company names and IP addresses. Weaponising vulnerabilities is increasing day by day.

Date: Apr 26, 2023
Source: The Hacker News
Author: Ravie Lakshmanan
Tag: Malware, Cyber Risk/Cyber Threats

Why you shouldn’t turn on Google Authenticator’s cloud sync feature

Earlier this week, Google introduced support for syncing two-factor authenticator codes via Authenticator. With this feature Authenticator will sync the one-time two-factor authentication that it generates to the user’s Google account. But, with this feature comes some loopholes and they’re pretty big ones. It’s been advised to keep this feature turned off for now because the data being synced is not end-to-end encrypted. Which means when an intruder gains access to a Google account, they’ll have access to the one-time codes too. Until Google remedies this, it’s important to check that cloud syncing is disabled for the Google Authenticator app to keep your data secure.

Date: Apr 26, 2023
Source: gHacks
Author: Martin Brinkmann
Tag: Password Security, Authentication

Exploit released for 9.8-severity PaperCut flaw already under attack

The print management software, PaperCut, has been under attack with their latest flaw being exploited by malware. The security firm Huntress revealed it discovered threat actors are exploiting CVR-2023-27350, with a severity range of 9.8 out of 10 on unpatched servers. Threat actors have exploited the vulnerability to install remote management software and malware known as Truebot that steals personal information and other sensitive data. Huntress showed that 900 out of 1000 windows machines with PaperCut installed still remain unpatched. It’s vital that organisations using PaperCut have the correct versions.

Date: Apr 25, 2023
Source: Ars TECHNICA
Author: Dan Goodin
Tag: Malware, Data Privacy

New all-in-one “EvilExtractor” stealer for windows system surface on the dark web

A network security company Fortinet FortiGuard Labs has discovered that a new, all-in-one malware termed as EvilExtractor is being marketed by threat actors on the dark web. EvilExtractor is used to steal files and data from Windows systems. The malware is known to extract personal information and use it in phishing email campaigns. It can also act as ransomware by encrypting files on the target system. One way to mitigate against potential attacks is to prevent downloading any unknown attachments and keeping software updated at all times.

Date: Apr 24, 2023
Source: The Hacker News
Author: Ravie Lakshmanan
Tag: Cyber Risk/Cyber Threats, Malware

DHS task force will examine how to use AI to protect US homeland security

The U.S. Department of Homeland Security (DHS) will establish a task force to determine proper AI use. And how to use AI technology like the ChatGPT in sectors that protect the country. It considers both the benefits and the potential risks that AI can bring. Some examples of this is deploying AI in The DHS systems to screen cargo for any items that are produced using forced labour, to detect shipping of fentanyl to the U.S., stopping the flow of "precursors chemical” used to produce hazardous drugs. This is an attempt to increase the government’s investment in AI development while mitigating the risks that come with it.

Date: Apr 21, 2023
Source: CNBC
Author: Lauren Feiner
Tag: Cyber Risk/Cyber Threats, AI


That’s all for this week ‘In The News’. We hoped you enjoyed this installation and the summaries of these interesting articles. Let us know if you found the selection useful and informative. As always, our goal is to provide you with the latest trend in the ever-evolving landscape of online security. Remember to take necessary precautions to protect your data, use strong passwords, continue using a password manager, and be cautious when clicking links or downloading from unknown sources.

Have any interesting articles in mind? Feel free to share them in passbolt’s “In The News’” category of the community forum. Share your thoughts and let’s start a conversation. Thanks for reading and we’ll see you next week with more updates on online security. :partying_face: :tada:


Here’s another interesting article of the week:

Summary: Researchers at Trend Micro have discovered a new version of the ViperSoftX information-stealing malware that has a broader range of targets including more cryptocurrency wallets to now target password managers like KeePass and 1Password by attempting to steal data stored in their browser extensions. It also discovered that the malware can now infect different browsers like Brace, Edge, Opera, Firefox besides Chrome. The newer version of the malware now has stronger code encryption and features that easily evades security software.