Cyber Briefing - 2023.07.05
The latest in cybersecurity: Google, Ghostscript Bug, Firefox, IBM, Dell, Nucor Corporation, Indiana University, TikTok, Instagram, Pepsi, VMware, Encryption.
Welcome to?Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please?subscribe.
???Cyber Alerts
The Swedish data protection watchdog has issued a warning to companies about the use of Google Analytics, citing concerns over U.S. government surveillance. Following audits of four companies, the authority found that data transferred to the U.S. via Google's statistics tool is considered personal data and lacks adequate protection within the EU/EEA. As a result, fines were imposed on a telecom service provider and an online marketplace, while all companies were ordered to cease using Google Analytics.
The widely-used Ghostscript project, an open-source implementation of Adobe's PostScript and PDF formats, has been found to have a bug that allows malicious documents to execute system commands. This vulnerability arises from Ghostscript's handling of filenames for output, which can be exploited to send commands to the software's rendering engine. The issue has been addressed in the latest release of Ghostscript, but users are advised to update their installations and be cautious with accepting filenames from untrusted sources.
Mozilla has released Firefox 115 with fixes for a dozen vulnerabilities, including two high-severity use-after-free bugs. One of the flaws, tracked as CVE-2023-37201, involves a use-after-free flaw in WebRTC certificate generation, while the other, CVE-2023-37202, relates to a potential use-after-free issue in the SpiderMonkey JavaScript and WebAssembly engine. The update also addresses memory safety bugs and medium-severity vulnerabilities that could lead to various security risks, such as arbitrary code execution and URL spoofing. Mozilla has also released patches for Firefox ESR 102.13 and Thunderbird 102.13, addressing similar vulnerabilities.
IBM has issued security advisories addressing vulnerabilities in various products, including AIX, IBM Cloud Pak for Business Automation, IBM Db2, IBM OpenPages, IBM Robotic Process Automation, IBM Security Guardium, IBM Security Verify Governance, IBM Tivoli Netcool Impact, Watson AI Gateway for CP4D, Watson Discovery, and Watson Speech Services Cartridge. These updates are crucial to patching potential security flaws and protecting users' systems and data. Users and administrators are advised to review the provided web links and apply the necessary updates promptly.
Dell has recently published security advisories between June 26 and July 2, 2023, focusing on addressing vulnerabilities in its Networker product across multiple versions. The company has recognized the critical nature of these updates and encourages users and administrators to take immediate action by reviewing the provided web links and applying the necessary patches. By promptly addressing these vulnerabilities, users can ensure the security and integrity of their systems and protect against potential cyber threats.
Maine authorities revealed that Nucor Corporation, based in Charlotte, reported a cyberattack that exposed data of approximately 8,824 individuals between May 26 and June 1, 2023. The breach also impacts North Carolina residents, but the total number of affected individuals from that state is yet to be disclosed.The breach, which occurred due to an exploitation of a software vulnerability, affected Nucor and other companies, causing unauthorized access to sensitive data. Nucor swiftly responded by reporting the breach on June 3, immediately implementing a patch, and initiating an investigation into the incident. The company is now offering the affected individuals 24 months of Equifax credit monitoring with identity theft protection to mitigate potential risks.
A significant data breach at Indiana University has resulted in the exposure of over 248,300 records, including email addresses and full names. The breached database, which was shared on a leak forum, primarily consists of Indiana University email addresses, indicating that it potentially affects students, staff, or both. The leaked data, some of which is marked as fresh for 2023, poses a risk of fraud and highlights the ongoing dangers of personal information exposure.
In a major cyber attack, a comprehensive data set containing over 425,000 addresses of Swiss citizens abroad has been stolen and leaked on the darknet. The data, including postal and email addresses, originates from subscribers to the federal government magazine Swiss Review, with the breach being a by-product of a larger blackmail attack on Swiss publishing houses. As authorities investigate the incident, concerns rise about the security of state IT systems, including the reintroduced Swiss e-voting system, and the potential consequences of frequent cyber incidents on public trust.
领英推荐
A significant data leak has affected popular social media platforms, including TikTok, Instagram, and Yahoo. The leaked information includes a 178GB TikTok database, over 17 million records of Instagram accounts, and a Yahoo! database leak. The breach highlights the urgent need for users to prioritize their online security and protect their personal information through secure passwords and cautious online behavior.
Pepsi Bottling Ventures (PBV) has revealed a breach of its systems, potentially compromising staff data that occurred over six months ago. The unauthorized activity was reported on certain internal IT systems, with data being accessed and downloaded by an unknown party around December 23 last year. The breach may have exposed personal information of current and former employees, including home addresses, bank account details, passwords, PIN codes, social security numbers, passport information, and medical details. PBV has taken immediate action, reported the incident to law enforcement, suspended affected systems, and enlisted Kroll's services to monitor employees' financial and public identities for one year.
In a repeat attack, the SiegedSec hacking group claimed to have stolen 40GB of data from the City of Fort Worth's Department of Transportation & Public Works, alongside information from other companies. Despite officials denying being hacked, the group shared screenshots of the alleged stolen data, raising concerns about cybersecurity in the city with a population of nearly 1 million residents. SiegedSec stated that their motive was to make a statement, and while city officials downplayed the severity of the breach, questions remain about the extent of the cyberattack and the security of public information.
???Cyber News
VMware has collaborated with industry leaders to expedite the development of confidential computing applications during the 2023 Confidential Computing Summit. Confidential computing ensures data integrity and confidentiality, even on third-party infrastructure and in the cloud, through trusted execution environments. To simplify the creation of applications in this domain, VMware has introduced the Certifier Framework, an open-source project supported by AMD, Samsung, and the RISC-V Keystone community. The framework provides a standardized API for building and operating confidential computing applications, while the Certifier Service facilitates trust management and related services. By streamlining the development process, VMware aims to promote the adoption of confidential computing and enhance data security across multi-cloud and edge environments.
The latest battle in the ongoing crypto wars sees the UK and EU governments attempting to introduce backdoors into end-to-end encryption (E2EE) as a means to combat criminal activity. Liberal democracies are grappling with the EU's Child Sexual Abuse Regulation and the UK's Online Safety Bill, which could have far-reaching implications for the privacy of law-abiding citizens. Concerns have been raised about the requirement for encrypted message scanning capabilities, which would pose severe privacy and security risks, according to an open letter signed by 80 technologists and civil rights organizations. As the debate intensifies, Apple has urged the UK government to amend the bill to protect strong end-to-end encryption.
The U.S. Cybersecurity Infrastructure Security Agency has announced the appointment of combat veteran Cait Conley as one of the nation's top election security officials. With her extensive national security experience, Conley will collaborate with federal, state, and local officials to ensure the security of upcoming elections, particularly the 2024 presidential election. Her appointment comes after the departure of Kim Wyman, who joined the agency after the 2020 election and will now transition to the private sector. As threats to election integrity persist, Conley's military background and expertise will contribute to the ongoing efforts to protect voting systems and combat misinformation, aiming to restore public confidence in the electoral process.
Facebook, Instagram, and WhatsApp are facing the need to revamp their data collection practices in Europe following a ruling by the European Court of Justice. The court sided with Germany's anti-cartel watchdog, which argued that data privacy concerns could be considered in antitrust cases. The ruling primarily addressed Meta's ability to link data across platforms for targeted advertising, a key revenue source for the company. The decision is expected to have significant implications for the data economy's business models and may impact other tech giants like Google as well.
Subscribe?and Comment.
Copyright ? 2023?CyberMaterial. All Rights Reserved.
Follow CyberMaterial on: