Welcome to this week’s newsletter, where we explore a common subject that affects us all: cybersecurity and privacy in the digital age. 
In this week’s newsletter we’ve scoured important news ranging from potential google cloud platform’s attack to LastPass hack, to Facebook ads for social engineering attempts to new AI DuckAssist service. So sit back, have a coffee, relax and we’ve got you covered with the latest trends.
Experts reveal Google Cloud Platform’s blind spot for data exfiltration attacks
A news report from Mitiga suggests that malicious actors can potentially exploit the Google Cloud Platform (GCP) to exfiltrate sensitive data. The report states that there is not enough transparency in GCP’s storage access log in regard to file access and read events but instead grouped them as a single “Object Get” activity. As a result, this could enable an attacker to get access (through social engineering methods) without being detected as there is no difference between malicious and genuine user activity. Google provided some mitigation recommendations which ranges from Virtual Private Cloud (VPC) to using organisation restriction headers to limit cloud resource requests.
| Date: | Mar 6, 2023 |
|---|---|
| Source: | The Hacker News |
| Author: | Ravie Lakshmanan |
| Tag: | Social engineering, Cloud Computing, Data breach |
LastPass hack caused by an unpatched Plex software on an employee’s PC
LastPass disclosed that the ‘second attack’ following the August security breach was caused by the failure to update Plex software on the home computer of one of its devOps engineer. The attacker hacked by exploiting the deserialization flaw in Plex Media Server on Windows. The vulnerability, tracked as CVE-2020-5741, allows the attacker to execute arbitrary python code. This incident proves the importance of patch management. Making sure that you regularly update software and applications is a way to protect yourself against vulnerabilities and security threats.
| Date: | Mar 7, 2023 |
|---|---|
| Source: | Security Affairs |
| Author: | Pierluigi Paganini |
| Tag: | Hack, Data breach |
SYS01stealer: New threat using Facebook ads to target critical infrastructure firms
Cybersecurity researchers have found a new information stealer dubbed as SYS01stealer targeting government employees, businesses and other sectors. The threat actors used Google ads and fake Facebook accounts to lure victims into downloading malicious files. The attack is designed to steal sensitive information like login data, cookies, business account information, etc. Therefore it is imperative to verify before downloading any files, check for phishing attempts and be alert to better protect ourselves against such attacks.
| Date: | Mar 7, 2023 |
|---|---|
| Source: | The Hacker News |
| Author: | Ravie Lakshmanan |
| Tag: | Social engineering, Data breach, Hack, Cyber Risk/Cyber Threats |
Acer confirms server intrusion after miscreant offers 160GB cache of stolen files
Acer has confirmed an incident of unauthorised access after a miscreant put up a sale of 160GB database of Acer’s confidential information on a hacking forum. The company spokesperson confirms it suffered a breach in one of its document servers. The threat actor took screenshots as proof and said they were selling to the highest bidder in exchange for a hard-to-trace cryptocurrency Monero (XMR). However, Acer states that no customer data is affected in any way.
| Date: | Mar 8, 2023 |
|---|---|
| Source: | The Register |
| Author: | Jessica Lyons Hardcastle |
| Tag: | Data breach, Hack, Cyber Crime |
DuckDuckGo’s new Wikipedia summary bot: “We fully expect it to make mistake”
DuckDuckGo announced DuckAssist, an AI-powered factual summary service powered by technology from Anthropic and OpenAI. It provides brief summaries of information sourced from Wikipedia and other related sites. These “instant answers” are available as a wide beta test for DuckDuckGoo’s browser extension and browsing apps. From a privacy standpoint, DuckDuckGo says that DuckAssist is “anonymous” and will not share search and browsing history with anyone. The company also notes that DuckAssist may produce erroneous results and it may occasionally make mistakes.
| Date: | Mar 9, 2023 |
|---|---|
| Source: | ars TECHNICA |
| Author: | Benj Edwards |
| Tag: | Tech, AI, Enterprise |
How the FBI proved a remote admin tool was actually a malware
The FBI has announced that it seized a website worldwiredlabs.com, used to sell a malware called NetWire by marketing it as a legitimate remote administration tool. The site is used to commit international money laundering, fraud and computer crimes. The FBI, in their experiment, confirmed that the owners of NetWire never bothered to check that its customers were using it for legitimate purposes on computers they owned or controlled. This malware is designed to spy on computers and cellphones.
| Date: | Mar 10, 2023 |
|---|---|
| Source: | Tech Crunch |
| Author: | Lorenzo Franceschi-Bicchierai |
| Tag: | Cyber Risk/Cyber Threats, Cyber Crime |
Any other interesting news of the week? Share it below. We’d love to include it in our weekly newsletter.
Share your thoughts and experiences, add relevant cybersecurity news, ask questions, and connect with others who are passionate about online security. 