Weekly Cybersecurity Digest: Top 5 News Stories in the Digital Sphere

1. Meta Fined €91 Million for Password Storage Breach

The Irish Data Protection Commission (DPC) has fined Meta €91 million for a security breach that exposed user passwords.

Key Points:

• Data Breach: In March 2019, Meta mistakenly stored user passwords in plaintext.
• GDPR Violations: Meta violated four articles of the General Data Protection Regulation (GDPR).
• Failure to Notify: Meta failed to promptly report the breach to the DPC.
• Lack of Security Measures: Meta did not have proper technical measures to protect user passwords.
• Impact: Millions of Facebook and Instagram users were affected.

Read More

2. Fake Crypto Wallet App Steals $70,000

A malicious app called "WalletConnect" disguised itself as a legitimate crypto wallet tool. It tricked users into signing malicious transactions that stole their cryptocurrency.

Key Points:

• Steals Crypto: The app stole $70,000 from over 150 users.
• Targets Mobile Users: The app targeted users in Nigeria, Portugal, and Ukraine.
• Disguised as Legitimate: The app appeared as a legitimate tool on the Google Play Store.
• Bypasses Protections: The app used clever techniques to avoid detection.
• Dangerous Consequences: Users who fell victim to the scam lost their cryptocurrency.

Read More

3. Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

A new set of vulnerabilities has been discovered in the CUPS printing system that could allow hackers to execute commands on Linux systems. These vulnerabilities affect CUPS versions 2.0.1 and earlier. These vulnerabilities can be exploited by attackers who have network access to vulnerable systems. Some systems may not be vulnerable by default. Organizations can reduce the risk of exploitation by disabling or removing the cups-browsed service and blocking UDP port 631.

Key Points:

• Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177.
• Impact: Hackers could exploit these vulnerabilities to execute commands on vulnerable systems.
• Affected Systems: CUPS is used on many Linux distributions, including RHEL, Debian, Fedora, and Ubuntu.
• Patches: Patches are being developed and will be released soon.

Read More

4. ChatGPT Flaw Could Allow Long-Term Spyware

A security flaw in ChatGPT could have allowed hackers to install spyware on users' devices. To protect yourself from the ChatGPT vulnerability, regularly review the memories ChatGPT stores about you and delete any suspicious or incorrect ones. Additionally, be cautious of clicking on suspicious links or downloading files from unknown sources.

Key Points:

• Memory Function Vulnerability: The memory function in ChatGPT could be exploited to store malicious instructions.
• Persistence: This could allow hackers to continuously monitor user conversations and steal data.
• Malicious Sites and Documents: Hackers could trick users into visiting malicious websites or downloading infected files.
• Patch Available: OpenAI has fixed the vulnerability in ChatGPT version 1.2024.247.

Read More

5. Microsoft Warns of New Ransomware Threat Targeting Hybrid Cloud Environments

A new ransomware threat actor called Storm-0501 is targeting U.S. organizations. They're using a variety of techniques to gain access to networks and deploy ransomware.

Key Points:

• Targets: Government, manufacturing, transportation, and law enforcement sectors.
• Ransomware: Uses the INC ransomware to encrypt data and demand a ransom.
• Attack Methods: Exploits vulnerabilities, steals credentials, and uses remote tools to access networks.
• Data Exfiltration: Steals data using tools like Azure Storage Explorer and AzCopy.
• Persistence: Establishes backdoors to maintain access to networks.

Read More

Stay ahead of the curve!?? Follow us on LinkedIn and Subscribe to our newsletter ?? for the latest cyber security updates, insightful articles, and exclusive content to help you navigate the ever-changing threat landscape. Don't forget to check out our Website ?? to make your cyberspace safe and secure ??, and join our growing community on Instagram ?? for bite-sized cyber security tips and trends. ?? ??