This Week’s Top 5 News July 2023 | 01

With every passing day there are new cybersecurity events that have the potential to impact you or your company. We have rounded up five top cybersecurity news stories to help keep you up to date with cybersecurity issues around the world. From acts of espionage to simple code errors that could leak your private data.
Here are our top five new stories from the past week:

1. Silentbob Campaign: Cloud-Native Environments Under Attack

Cybersecurity experts have discovered an early-stage attack framework, potentially part of a large-scale campaign targeting cloud-native environments. Named Silentbob, the infrastructure primarily features a cloud worm designed to exploit exposed JupyterLab and Docker APIs for Tsunami malware deployment, resource hijacking, and worm infestation. The operation is believed to be linked to the notorious cryptojacking group TeamTNT, although an “advanced copycat” possibility remains. Following an attack on its honeypot in June 2023, Aqua Security identified four malicious container images designed to detect exposed Docker and Jupyter Lab instances and launch a cryptocurrency miner and Tsunami backdoor. Aqua’s investigation also uncovered 51 actively exploited servers with exposed JupyterLab instances. For more about this story click here

 

2. Instagram’s Twitter Alternative ‘Threads’ Launch Halted in Europe Over Privacy Concerns

Meta’s upcoming Twitter competitor, Instagram Threads, will not be launched in the European Union due to privacy concerns, as reported by Ireland’s Data Protection Commission (DPC). Threads, a text-based conversation app set for launch on July 6, 2023, allows Instagram users to engage in discussions. The App Privacy section indicates that the app will collect a broad range of user data. While DPC hasn’t explicitly blocked Threads’ launch, Meta is proceeding cautiously due to the EU’s strict privacy protections. This development mirrors Google’s decision to delay its AI chatbot Bard’s launch in the EU and coincides with Twitter’s policy changes aimed at enhancing platform security. For more about this story click here

 

3. Swedish Data Protection Authority Warns Companies Against Google Analytics Use

Sweden’s data protection authority has cautioned companies against using Google Analytics due to potential U.S. government surveillance risks. This follows audits against four companies, CDON, Coop, Dagens Industri, and Tele2, initiated by the Swedish Authority for Privacy Protection (IMY). The IMY deemed that the data transferred to the U.S. via Google’s tool is personal and the companies’ technical security measures are insufficient. Fines were imposed on Tele2 and CDON for inadequate data anonymization. CDON, Coop, and Dagens Industri have been instructed to stop using Google Analytics. These actions stem from concerns about U.S. intelligence agencies accessing data stored on U.S. servers. For more about this story click here

 

4. CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added eight actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog. These include six flaws affecting Samsung mobile devices and two impacting D-Link devices. The addition of the D-Link vulnerabilities follows a report on threat actors employing IoT device flaws to propagate malware. The exploitation of the Samsung device flaws is unclear, although they may have been used in highly targeted attacks by commercial spyware vendors. Federal Civilian Executive Branch agencies must apply necessary fixes by July 20, 2023, to secure their networks against potential threats. For more about this story click here

 

5. Unpatched WordPress Plugin Flaw Could Let Hackers Create Secret Admin on 200,000 Sites

Around 200,000 WordPress websites are under threat due to an unpatched critical vulnerability in the Ultimate Member plugin. The flaw, labelled CVE-2023-3460 with a CVSS score of 9.8, affects all versions of the plugin. Unauthenticated attackers could exploit this vulnerability to create new user accounts with administrative privileges, gaining full control of affected sites. The issue arises from insufficient blocklist logic that enables attackers to modify user meta values and gain administrative access. While partial fixes have been issued, they remain incomplete, leaving the vulnerability exploitable. Users are advised to disable the plugin until a comprehensive patch is released. For more about this story click here

 

There are many ways cyber criminals will look to exploit your integral IT systems to access data or create chaos within your business for their own personal gain.
Here at DIESEC, we have experts on hand waiting to help you with all of your cybersecurity needs, from ensuring your system is safe and secure to teaching your employees how not to fall victim to social engineering ploys.

For more information please contact us now!