Welcome to this week’s edition of ‘This Week in Cybersecurity’ where we explore a common subject that affects us all: cybersecurity and privacy in the digital age.
Join us as we provide to you some interesting cybersecurity news articles of the week. Stay up-to-date by reading these short summaries about the latest threats, vulnerability, data breaches and best security practices. These incidents show the importance of always updating to the latest versions, having strong passwords, and staying vigilant in downloading any unknown attachments. Lets dive in!
An Akamai report shows that a financially motivated campaign is targeting vulnerable SSH servers to covertly create a proxy network. The attacker leverages SSH for remote access, running malicious scripts that enlist victim servers to peer-to-peer (P2P) proxy networks. Proxyjacking allows the threat actors to leverage the victim’s unused bandwidth to covertly run different services as a P2P node. This way the attacker can monetise the extra bandwidth and reduce the chance of discovery. Akamai emphasises strong security practices to prevent such attacks.
|Date:||Jun 30, 2023|
|Source:||The Hacker News|
|Tag:||Cyber Risk/Cyber Threats, Vulnerability|
Meta is letting people in the European Union (EU) directly download apps through Facebook ads, in order to compete with Google and Apple’s app stores. Taking advantage of EU’s Digital Markets Act (DMA) which will come into effect next spring which requires Apple and Google to open their mobile platforms to alternative methods of downloading apps. Meta will begin the pilot program with a few Android app developers later this year, which will bring about higher conversion rates for their app install ads. Even Microsoft has expressed interest in launching an alternative app store for games on iOS and Android in Europe when DMA comes into effect.
|Date:||Jun 29, 2023|
The Brave browser will introduce measures against websites that engage in port scanning or access other network resources to obtain personal information. The new Brave version 1.54 will automatically block port scanning, as most websites scanned visitor’s ports without providing notice or consent. The new version will also curb the websites access to local resources but users can add a particular site to the allow list if they give the green light. Brave’s browser approach enables it to block requests to localhost resources but also still maintaining a compatibility path for sites that users trust.
|Date:||Jun 29, 2023|
|Tag:||Data Privacy, Data breach|
The NPM (Node Package Manager) registry has a security lapse called “manifest confusion” which allows attackers to hide malware in dependencies or perform malicious script execution during installation. The inconsistency between the package’s manifest information on the NPM registry and the actual ‘package.json’ file in the publishing package could potentially lead to cache poisoning, unknown dependencies, execution of unknown scripts and also downgrade attacks. The platform is aware of this problem but hasn’t taken any steps in addressing it. It is advised that developers are to manually read the package.json for increased trust.
|Date:||Jun 28, 2023|
|Tag:||Software Security, Vulnerability|
The UK’s encryption-busting Online Safety Bill is facing tremendous backlash as secure messaging apps are planning for an exodus. The Bill would allow Ofcom, the U.K. 's communications regulator, to require tech giants to scan for child sex abuse material (CSAM) which goes against data privacy and end-to-end encryption. Many big tech companies like Apple, Signal and Whatsapp to name a few have all stated their reservations against the bill. However, companies that failed to comply with the bill will receive a hefty fine plus prison time for top execs.
|Date:||Jun 27, 2023|
|Tag:||Data Privacy, Cyber Risk/Cyber Threats|
Security firm Aqua Security Software has uncovered a significant vulnerability called RepoJacking that affects millions of GitHub repositories. Repojacking allows the attackers to execute code within the organisation’s internal or customer environment. Many high profile companies like Google and Lyft have been targeted. The attackers take advantage of the renaming feature on GitHub, creating a link between old and new repository names, to execute malicious code. The security firm has warned that more repositories are vulnerable to attacks.
|Date:||Jun 26, 2023|
|Tag:||Vulnerability, Cyber Risk/Cyber Threats|
We conclude ‘This Week in Cybersecurity’. We hope you’ve enjoyed these short summaries of the latest development of the week. As always, our goal is to inform you and encourage you to implement secure measures to stay safe online.
Feel free to share any interesting news article you come across in the “In the News” category of passbolt community forum and earn “In the News” badge for it. Lets engage with the rest of the community and add this badge to your collection.