Week 4th Sep - 8th Sep 2023 (Week 36)

:wave: Welcome to this edition of ‘This Week in Cybersecurity’ where we delve into a subject that affects us all: cybersecurity and privacy in the digital age.

In this week’s edition, we’ve curated interesting news articles covering topics like X collecting biometric data, emerging hacking devices, the UK’s decision to concede the controversial clause in the Online Safety Bill, and a security update from Apple. Keep yourself informed with these short summaries that follow. :female_detective:

Stay vigilant, stay safe! :muscle:

1. Apple rushes to patch zero-day flaws exploited for pegasus spyware on iPhones

Apple has released emergency security updates for iOS, iPadOS, macOS and watchOS to address two zero-day vulnerabilities that have been exploited by Pegasus Spyware created by the NSO Group. The flaws include a validation issue in the wallet (CVE-2023-41061) and a buffer overflow issue in the Image I/O component (CVE-2023-41064). These flaws can be weaponised as part of a zero-click iMessage exploit chain, BLASTPASS, to deploy Pegasus on fully patched iPhones running iOS 16.6. It is therefore vital to update to the latest versions to mitigate such attacks.

Date: Sep 8, 2023
Source: The Hacker News
Author: THN
Tag: Spyware, Vulnerability

2. UK government backs down on anti-encryption stance

The UK government has backtracked on the controversial clause in its Online Safety Bill that would force tech companies to scan users’ messages. The clause would have allowed Ofcom to force messaging providers to perform client-side scanning, which is essentially scanning messages before they are end-to-end encrypted to check for child sexual exploitation and abuse (CSEA) content. This clause of the bill has been criticised by tech giants such as Whatsapp and Signal who have threatened to withdraw from the UK if it was passed - citing: privacy concerns, massive government outreach, and inaccuracy in scanning technology. The government noted that Ofcom will not use its powers until its "technically feasible” to do so, which could potentially take years to implement.

Date: Sep 7, 2023
Source: Infosecurity Magazine
Author: Phil Muncaster
Tag: Encryption, Data Privacy

3. Mac users beware: Malvertising campaign spreads Atomic Stealer macOS malware

A malvertising campaign was discovered distributing an updated version of macOS stealer malware called Atomic Stealer (or AMOS), suggesting active maintenance by the author. Originally introduced in April 2023, it’s now evolved with expanded information-gathering capabilities that target gamers and cryptocurrency users. The campaign uses a fraudulent TradingView website to distribute the malware. In a fake prompt, it asks users to enter their passwords, harvesting the data stored in iCloud Keychain and web browsers. AMOS also targets Firefox and Chrome browsers, bypassing GateKeeper protection to exfiltrate sensitive information.

Date: Sep 7, 2023
Source: The Hacker News
Author: THN
Tag: Malware, Cyber Risk/Cyber Threats

4. Hacking device Flipper Zero can spam nearby iPhones with bluetooth pop-ups

Hackers can now use a low-cost hacking tool to spam iPhones with pop-ups that prompt users to connect to a nearby AirTag, Apple TV, Airpods, and other Apple devices. A security researcher demonstrated the attack using a small device called Flipper Zero, which can perform wireless attacks on devices in its range, such as iPhones, car keyfobs, RFID cards, and more. It uses a denial-of-service attack that disrupts iPhones useability. Flipper zero relies on Bluetooth Advertisement broadcasting. To mitigate these attacks, make sure that bluetooth devices connecting to your phone are legitimate and valid.

Date: Sep 6, 2023
Source: Tech Crunch
Author: Lorenzo Franceschi-Bicchierai
Tag: Vulnerability, Tech

5. Atlas VPN zero-day vulnerability leaks users’ real IP address

A zero-day vulnerability was discovered in Atlas VPN affecting the Linux client, which allows the website to expose a user’s real IP address by exploiting an unauthenticated API endpoint. The vulnerability was demonstrated by a reddit user in a proof of concept and was confirmed by Amazon Cybersecurity Engineer, Chris Partridge. This flaw bypasses CORS protection on web browsers and could reveal users’ real IP addresses, compromising their privacy. Atlas VPN is aware of the issue and Linux users are advised to take precautions.

Date: Sep 5, 2023
Source: Bleeping Computer
Author: Bill Toulas
Tag: Vulnerability, Cyber Risk/Cyber Threats

6. India warns of malware attacks targeting its Android users

India has warned its citizens about an advanced malware, called DogeRAT, targeting Android users. The malware is distributed via social and messaging platforms masquerading as legitimate apps such as ChatGPT, Opera Mini, YouTube, Netflix, Instagram. DogeRAT is capable of accessing sensitive data such as contacts, messages and banking details. The malware can hijack infected devices, initiate unauthorised payments and even capture photos and keystrokes. Therefore, it’s imperative to remain vigilant when downloading any apps from unverified third-party platforms and opening unknown links or attachments.

Date: Sep 5, 2023
Source: Tech Crunch
Author: Jagmeet Singh
Tag: Malware, Cyber Risk/Cyber Threats

7. X (Twitter) to collect biometric data from premium user to combat impersonation

X, formerly known as Twitter, updated its private policy. The update will include the collection of premium users’ biometric data to tackle impersonation. This aims to improve safety, security and identification and will go into effect on September 29, 2023. Premium users have the option to provide a government-issued ID or a picture for their biometric data. The policy update also allows collection of all users’ employment and education history for potential job recommendation and tailored ads. However, it’s unclear how it plans to collect data and for how long it will retain it. X did confirm that data collection will pertain only to public information and not private messages.

Date: Sep 4, 2023
Source: The Hacker News
Author: THN
Tag: Data Privacy, Data Protection


That’s a wrap on ‘This Week in Cybersecurity’ news roundup. :clap:

We hope you’ve enjoyed reading these short summaries of the latest cybersecurity development. These incidents are a reminder to remain vigilant and keep yourself informed to better arm yourself against the evolving threats in the digital world.

Share any interesting articles you come across in the ‘In the News’ category of the community to earn a community badge.

Vote for the most interesting story to be featured in the monthly “This Month in Cybersecurity” video. :video_camera:

Vote below :white_check_mark: for the article(s) you’d like to see featured:

  • :one: Apple security patch
  • :two: UK backtracked on anti-encryption
  • :three: Atomic Stealer macOS malware
  • :four: Flipper Zero hacking device
  • :five: Atlas VPN vulnerability
  • :six: DogeRat malware
  • :seven: X to collect biometric data
0 voters