Cyber (In)Securities – Issue 100

CyAN

Welcome to our 100th edition of the Cybersecurity Advisors Network newsletter—newly renamed Cyber (In)Securities!

What began as a simple way to keep you informed has grown into a dynamic and evolving resource, all thanks to your engagement and feedback. Over time, we’ve refined our format (and our name!), and shared insights into the ever-changing world of cybersecurity—and we’re just getting started!

In the coming months, we’re excited to introduce new features, including member spotlights and in-depth interviews, giving you even more reasons to stay connected. Thank you for being part of this journey, and we look forward to sharing the next 100 issues with you.

Contents:

  1. Apple launches eSafety feature ahead of regulation
  2. Lazarus Group Exploits Chrome Zero-Day in Latest Campaign
  3. Threat Spotlight: The evolving use of QR codes in phishing attacks
  4. Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks
  5. Inside the U.S. Government-Bought Tool That Can Track Phones at Abortion
  6. VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability
  7. Encrypted Chat App ‘Session’ Leaves Australia After Visit From Police 
  8. The billionaire behind Trump’s ‘unhackable’ phone is on a mission to fight Tesla’s FSD
  9. Over 6,000 WordPress hacked to install plugins pushing infostealers
  10. Events/Meetings/Get-Togethers of Interest to CyAN Members:

1. Apple launches eSafety feature ahead of regulation

https://www.innovationaus.com/apple-launches-esafety-feature-ahead-of-regulation/

Apple has introduced a new eSafety feature in Australia to protect users from online abuse and harmful content. This launch comes ahead of regulations requiring tech companies to implement stronger safeguards, particularly for child safety. The feature includes enhanced parental controls and tools to block inappropriate content and interactions across Apple devices.

By proactively rolling out this feature, Apple aims to align with Australia’s regulatory expectations and strengthen its commitment to user privacy and security. The move signals a broader shift within the tech industry as companies anticipate tighter governmental oversight of online safety standards.

2. Lazarus Group Exploits Chrome Zero-Day in Latest Campaign

https://www.darkreading.com/cyberattacks-data-breaches/lazarus-group-exploits-chrome-zero-day-campaign

The Lazarus Group, a North Korean state-sponsored hacking group, has launched a new campaign exploiting a recently discovered Chrome zero-day vulnerability.

The group is using this flaw to target cryptocurrency and financial services sectors, aiming to steal sensitive data and funds. The vulnerability allows attackers to gain remote access to compromised systems, posing a significant threat to organisations relying on Chrome for their operations.

Security experts urge immediate updates to Chrome and heightened vigilance, as this campaign underscores the growing sophistication of nation-state cyberattacks and the importance of patching zero-day vulnerabilities quickly.

3. Threat Spotlight: The evolving use of QR codes in phishing attacks

https://blog.barracuda.com/2024/10/22/threat-spotlight-evolving-qr-codes-phishing-attacks

Barracuda researchers have highlighted a rise in phishing attacks that exploit QR codes to bypass traditional security measures. These attacks trick users into scanning malicious QR codes, which then direct them to fraudulent websites designed to steal credentials or deliver malware.

The evolving nature of these attacks makes them particularly dangerous, as they can often evade detection by security filters that focus on email links and attachments.

The report urges organisations to educate employees on the risks associated with QR codes and to implement enhanced security measures to detect and block these emerging threats.

4. Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks

https://thehackernews.com/2024/10/think-youre-secure-49-of-enterprises.html

A new report reveals that nearly half of enterprises are failing to implement fundamental cybersecurity practices, despite rising threats.

The study highlights gaps in areas like patch management, access control, and incident response, leaving organisations vulnerable to attacks. This widespread lack of basic security measures is alarming, given the increasing frequency and sophistication of cyber threats.

The report urges companies to prioritise strengthening their cybersecurity foundations, emphasising that even advanced security solutions are ineffective without solid baseline protections in place.

5. Inside the U.S. Government-Bought Tool That Can Track Phones at Abortion

https://www.404media.co/email/f4992514-a605-4579-9a75-3d0707758e03/?ref=daily-stories-newsletter

A new investigation reveals that U.S. government agencies have purchased a cyber tool capable of tracking mobile phones at sensitive locations, including abortion clinics.

The tool, sold by a data broker, collects geolocation data from mobile devices, raising significant cybersecurity and privacy concerns. The potential misuse of this data by law enforcement or other government bodies has sparked fears over surveillance and the ethical implications of tracking individuals in healthcare-related contexts.

This case highlights the growing intersection of cybersecurity, privacy, and surveillance, and the dangers of commercially available data being weaponised for monitoring sensitive activities.

6. VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

https://thehackernews.com/2024/10/vmware-releases-vcenter-server-update.html

VMware has released an important update for vCenter Server, addressing multiple critical vulnerabilities that could allow attackers to execute arbitrary code or escalate privileges. The flaws, affecting versions prior to the update, pose a significant risk to organisations using vCenter for managing virtualised environments.

Admins are urged to apply the patch immediately to mitigate the risk of exploitation, as attackers are increasingly targeting such vulnerabilities in enterprise environments. This update underscores the need for regular security maintenance in virtual infrastructure to safeguard against evolving threats.

7. Encrypted Chat App ‘Session’ Leaves Australia After Visit From Police 

https://www.404media.co/encrypted-chat-app-session-leaves-australia-after-visit-from-police-2/

Session, an encrypted chat app known for its privacy-focused approach, has moved its operations out of Australia following a visit from local police. The app’s developers expressed concern over increasing pressure from Australian authorities to compromise user privacy, fearing potential demands for backdoor access. This decision comes amid growing global scrutiny of encrypted communications and the tension between privacy rights and law enforcement.

Session’s departure highlights the challenges that privacy-centric apps face in jurisdictions with strict surveillance laws, sparking further debate over the balance between security and privacy.

8. The billionaire behind Trump’s ‘unhackable’ phone is on a mission to fight Tesla’s FSD

https://www.theregister.com/2024/10/21/odowd_tesla_trump/

Dan O’Dowd, CEO of Green Hills Software, has taken aim at Tesla’s Full Self-Driving (FSD) technology, calling it unsafe and a risk to public safety. O’Dowd claims the company is prioritising profits over safety, pushing out underdeveloped technology that endangers drivers and pedestrians. He also criticised former President Trump’s cybersecurity policies, arguing they failed to protect the U.S. from digital threats.

O’Dowd’s critique underscores broader concerns about the rapid development of autonomous driving technologies and the need for stronger cybersecurity measures.

9. Over 6,000 WordPress hacked to install plugins pushing infostealers

https://www.bleepingcomputer.com/news/security/over-6-000-wordpress-sites-hacked-to-install-plugins-pushing-infostealers/

More than 6,000 WordPress websites have been compromised, with hackers installing malicious plugins that push infostealer malware. The attackers are using these plugins to harvest sensitive data from site visitors, including login credentials and other personal information. This large-scale campaign exploits vulnerabilities in outdated or poorly secured WordPress installations, targeting both individual websites and larger platforms.

Website owners are urged to update their WordPress installations, review security settings, and remove any suspicious plugins to prevent further compromise. The attack highlights the ongoing risk of running outdated software and the importance of maintaining robust security measures.

Events/Meetings/Get-Togethers of Interest to CyAN Members:

Supply Chain Cybersecurity Summit, Middle East Edition

Dubai (AE), November 20-21

Mentorship and Allies: Building a Support Network for Women in Cyber

Sydney (AU), November 27