Cyber News

This Week in Cyber: 27th November 2023 – 1st December 2023

In today's rapidly changing technological landscape, cybersecurity has become a hot topic for organisations, governments, and individuals – and rightly so. The continuous surge in cyber threats, news that cyber criminals are becoming more sophisticated and ever-expanding networks and endpoints makes it more vital than ever that people stay up to date with the latest developments in the field.

This blog post explores the most noteworthy cybersecurity news stories of the week, offering insights into significant events, the latest research and notable security incidents. By shedding light on these topics, we aim to enhance awareness and understanding of the ever-evolving world of cybersecurity.

Gmail And Photo Content Deletions Start Imminently

Google has announced the commencement of the deletion process for inactive accounts, starting on December 1, targeting content across Gmail, Photos, Docs, and Drive. Given the vast user base, with 1.8 billion Gmail users and even more utilising Google Photos, the impact is expected to be significant. Previous reports suggested that even a 1% deletion rate would affect between 18 and 20 million accounts. What does this mean for cybersecurity?

Our CTO, Elliott Wilkes, told Forbes: “It is well-known within the cybersecurity community (and within cybercriminal communities) that users share passwords across accounts. When one of the sites is compromised and has a data breach, attackers grab the leaked username, email, and password combinations and then try those for other sites.”

Web App Security Issues Thrive Around Peak Shopping Seasons

A survey published this week has revealed the prevalence of personally identifiable information (PII) needlessly being stored within ecommerce applications responsible for processing customer payments. Although these issues warrant year-round attention, the heightened activity during the Christmas/Black Friday shopping season exacerbates security concerns.

Good cyber hygiene is always important when it comes to reducing individual risk. As always, our experts advise thinking before you click emails and links that look too good to be true to avoid phishing attacks.

Analyst Comments: During the Christmas period, cybercriminals exploit the heightened online activity and shopping enthusiasm by employing various tactics. They take advantage of increased online transactions to target sensitive information like credit card details, capitalising on shoppers' distractions during the holiday hustle. Using impersonation scams, they create fake holiday-themed websites and phishing emails to trick individuals into divulging personal and financial information. Gift card scams, malicious advertisements, data breaches, and ransomware attacks further contribute to the holiday cyber threat landscape. To safeguard against these risks, members of the public and organisations need to be hyper-vigilant and ensure they are aware of the increased activity around this festive period.

Okta Warns That Customers Are at Risk of Phishing Attacks After Hack

Software security firm Okta has issued a warning to its corporate and government customers that, last month, hackers successfully infiltrated its computer systems, leaving some of their 18,000 customers exposed to potential phishing attacks.

The breach occurred within Otka's technical support management system, known as Otka Help Sector. The attackers gained unauthorised access to this system and obtained the names and email addresses of all customers who utilised it for assistance in managing the Otka software. This software is integral for controlling access to sensitive computer systems and applications across the customers' computing infrastructure. The security breach has raised concerns about the vulnerability of the affected customers to phishing threats.

Analyst Comments: Unfortunately, data breaches like these always raise the risk of vulnerable customers being targeted in social engineering attacks. Cybercriminals can use the stolen personal information to convince victims that certain emails and phishing attempts are authentic. These personalised social engineering attacks are much more likely to succeed.

Phishing emails are, undoubtedly, becoming more sophisticated, putting email security at the forefront of many business leader’s minds. In a recent All Talk No Tech video, ACDS Criminologist and Cybercrime Advisor Paige Mullen candidly explores phishing and BEC attacks – and how to avoid them.

Ardent Hospital ERs Disrupted in 6 States After Ransomware Attack

Ardent Health Services, a healthcare provider operating 30 hospitals across six U.S. states, disclosed earlier this week that its systems had been hit by a ransomware attack. After the incident, the healthcare provider had to take its entire network offline, notify law enforcement, and hire external experts to investigate the attack's extent and impact.

Analyst Comments: This was an incredibly disruptive ransomware attack, with the provider having to take its entire network offline. Incidents like this on the healthcare sector can have devasting impacts and can cost lives. The critical nature of patient data and the potential disruption to healthcare services make this sector particularly appealing to cybercriminals, who may exploit vulnerabilities, target IoT devices, and seek to compromise regulatory compliance.

It appears that every week news breaks on a new attack targeting hospitals or healthcare providers. The healthcare industry proves a popular target for cybercriminals given how many assets they have connected to networks, many of those assets are unknown, especially legacy ones. Asset discovery and management tools, like our Attack Surface Management tool, are crucial for all cybersecurity stacks to mitigate risk.

Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below -

CVE-2023-42916 - An out-of-bounds read issue that could be exploited to leak sensitive information when processing web content.

CVE-2023-42917 - A memory corruption bug that could result in arbitrary code execution when processing web content.

Analyst Comments: It is always so easy to just ignore the notifications for updates; you have to sit there and wait for the update to happen and for your device to restart… who has time for that? Well, let's face it, it doesn’t often take much longer than 5 minutes or so, and that is no time at all for increased protection. By running out of date software, you are opening the door for cybercriminals to easily walk inside and create havoc. The updates are released for a reason, and most often, to protect against exploited zero-day vulnerabilities. The WebKit rendering engine is used by every third-party browser that’s available for IOS and iPadOS, making it a lucrative and broad attack surface. Apple has now remediated 19 actively exploited zero-days since the start of 2023.

ChatGPT Turns 1!

Yesterday, ChatGPT celebrated its first anniversary. Across the cybersecurity space, experts have been weighing in on the platform’s first year, as well as the effect of AI on cyber in general.

Analyst Comments: It's been quite a year, hasn't it? ChatGPT has become an integral part of many industries, and it has brought many positive changes. However, as the technology continues to evolve, the world will have to keep up with it. Unfortunately, cybercriminals have started using AI to carry out their malicious activities more efficiently, and this has caused a lot of concern. We've seen countless cases of phishing emails being generated by ChatGPT which are becoming increasingly sophisticated. Organisations need to ensure that they are implementing sufficient cyber security measures to protect against the ever-evolving AI-assisted malicious activity.

In today's constantly evolving cybersecurity landscape, it is vitally important to stay informed about the latest advancements in the industry. By keeping an eye on relevant news and information, leaders can make well-informed decisions, proactively implement security measures, and effectively protect against cyberattacks. A vigilant mindset, adoption of best practices, and utilisation of cutting-edge technologies are essential components in our collaborative endeavours to build a secure digital future.