Week 9th Oct - 13th Oct 2023 (Week 41)

:wave: Welcome to this edition of ‘This Week in Cybersecurity.’Together, let’s explore a topic that affects all of us: cybersecurity and privacy in the digital age.

This week’s edition explores the latest threats, vulnerabilities, and solutions – offering you valuable insights to safeguard against the evolving challenges in the digital world. From record-breaking DDoS attacks and new advancements of passkeys to requesting data brokers to delete your personal data, it’s all covered. Let’s dive in!

1. Facebook copyright scam intensifies, users left stranded

Users are reporting an increase in copyright infringement scams on Facebook, resulting in locked accounts and little help from the platform to regain access. Scammers send fake copyright infringement notices to steal login credentials, sometimes renaming their accounts to “Meta Copyright Infringement.” As a result, victims have experienced credit card fraud, lost pictures, and lost access to their accounts. The scam involves users receiving fake copyright notices via Messenger and email. Users are advised to remain vigilant, enable login notifications, use two-factor authentication in Facebook’s security settings, and avoid clicking on unknown links.

Date: Oct 13, 2023
Source: Cybernews
Author: Justinas Vainilavičius
Tag: Hack, Cyber Risk/Cyber Threats

2. Europe mulls open sourcing TETRA emergency services’ encryption algorithms

The European Telecommunications Standards Institute (ETSI) is considering open sourcing the encryption algorithms used to secure emergency radio communications, after security flaws were discovered in July. Terrestrial Trunked Radio (TETRA) is used for secure radio communications in Europe, the UK and other countries. This protocol is used by government agencies, law enforcement, and others. TETRA has recently been the subject of vulnerabilities. The ETSI Technical Committee will discuss whether these algorithms should be made public in the interests of transparency and security in emergency communications systems.

Date: Oct 12, 2023
Source: The Register
Author: Jessica Lyons Hardcastle
Tag: Encryption, Tech

3. Californians can scrub personal info sold to advertisers with first-in-US laws

California Governor Gavin Newsom has signed the Delete Act (SB 362) into law, allowing Californians to request the deletion of their personal data from all data brokers in the state. The new law reinforces that all data brokers must register with the California Privacy Protection Agency (CPPA) and simplifies the process for Californians to have data removed. Data brokers who do not comply will face fines or penalties. The bill has faced opposition from advertising companies that rely on consumer data. With this law the goal is to give consumers greater control over their personal data and privacy. However, concerns remain about the enforcement of the law and exceptions made for certain companies. The state has until 2026 to implement the Delete Act.

Date: Oct 11, 2023
Source: The Guardian
Author: Johana Bhuiyan
Tag: Data Protection, Data Privacy

4. Resurgence of LinkedIn Smart Links identified in sizable credential phishing campaign

The Cofense Phishing Defence Centre (PDC) reports a resurgence in phishing campaigns using LinkedIn Smart Links or “slinks” to bypass the security email gateway (SEG) and deliver credential phishing. These Smart Links are tied to LinkedIn Sales Navigator services and may originate from newly created or compromised LinkedIn business accounts. In 2023, a large-scale campaign targeting Microsoft Office credentials was observed. Smart Links exploit trust in the LinkedIn domain to bypass security systems. The campaign has targeted various industries, particularly finance and manufacturing. Employees are urged to remain vigilant and to avoid clicking on emails from unknown people or suspicious links.

Date: Oct 11, 2023
Source: Cofense
Author: Nathaniel Raymond
Tag: Cyber Risk/Cyber Threats, Password Security

5. Cloud giants sound alarm on record-breaking DDoS attack

AWS, Cloudflare, and Google have recently reported a huge increase in distributed denial of service (DDoS) attacks using a zero-day vulnerability called HTTP/2 Rapid Reset. Google experienced a massive attack that peaked at 398 million per second, surpassing last year’s 46 million per second. The vulnerability, tracked as CVE-2023-44487, has a high severity rating of 7.5 out of 10. The vulnerability overwhelmed websites by allowing attackers to make thousands of requests and immediately cancel them. Despite the nature of the attack, HTTP/2 Rapid Reset remains an optimisation of an older attack method called asymmetric query attacks.

Date: Oct 10, 2023
Source: Cybersecurity Dive
Author: David Jones
Tag: Vulnerability, Cyber Risk/Cyber Threats

6. Google makes passkeys the default sign-in method for all users

Google is making passkeys the default sign-in method for all users, replacing traditional passwords. Passkeys are a secure alternative for login that allows users to sign in using biometrics, PINs, or a physical security key for authentication. This reduces the risk of phishing or other security threats such as credential stuffing or keylogger malware amongst others. Passkeys are stored in two parts, on the app or website’s server and on the owner’s device, making remote hacking nearly impossible, as it requires physical access to the user’s device even in the event of a server breach. Google has been a major proponent of passkeys and is pushing for widespread adoption. What are your thoughts on passkeys? Leave a comment below.

Date: Oct 10, 2023
Source: Tech Crunch
Author: Carly Page
Tag: Password Security, Authentication

7. GNOME Linux systems exposed to RCE attacks via file downloads

A memory corruption vulnerability in the open source libcue library allows attackers to execute arbitrary code on Linux systems running the GNOME desktop environment. The flaw (CVE-2023-43641) is exploited by maliciously crafted .CUE files in the ~/Downloads folder, which are automatically parsed by the Tracker Miners metadata indexes. The researchers have demoed a proof-of-concept video and admins are advised to patch systems in order to mitigate this security risk, as it could affect widely used Linux distributions such as Debian, Ubuntu, Fedora, and others.

Date: Oct 9, 2023
Source: Bleeping Computer
Author: Sergiu Gatlan
Tag: Vulnerability, Cyber Risk/Cyber Threats


:newspaper: That’s a wrap on ‘This Week in Cybersecurity’ news recap. :newspaper:

These incidents are a reminder to be vigilant when downloading unknown attachments or clicking online links, update software regularly, use strong passwords (better yet, use a password manager), and take proactive measures to protect your data.

Share any interesting articles you stumble across in the ‘In the News’ section of the passbolt community and connect with the rest of the community.

Remember to cast your vote for the article you find most interesting and would like to see featured in the next monthly cybersecurity videos below :white_check_mark:

  • :one: Facebook’s copyright infringement scam
  • :two: ETSI’s open sourcing encryption algorithms
  • :three: California’s Delete Act
  • :four: LinkedIn smart link phishing campaign
  • :five: Cloud giants faced massive DDoS attacks
  • :six: Google passkeys sign-in
  • :seven: GNOME Linux systems
0 voters