Unsettling New Warning in Chrome Incognito Mode Reveals Ongoing Tracking
An updated warning page for Incognito mode went live on Canary, a version of Chrome primarily used by developers, as first spotted by MSPowerUser on Tuesday. The new text confirms your data will be collected by websites and Google while browsing in this mode. This change has yet to hit the latest version of Chrome, but it’s likely to come soon.
In November 2023 Court Services Victoria (CSV) reports their network had been hacked and that audio-visual recording of some hearings had been accessed. The article also shared that maybe hearings prior to November 2023 could have been accessed but they could be certain. The breach only effect one network so CSV isolated and disabled it.
As of this week no one has claimed responsibility, and the investigation is ongoing. CSV released a statement updating the users, ensuring them that things are unaffected.
This article discussed the need to move from traditional passwords to passwordless identification , Challenges paused by passwords(Vulnerable to brute force attacks ) and rise of Quantum computers which pose a risk to current encryption algorithms push the need to adapt to passwordless mechanisms such as passkey which is adapted by big tech companies like Microsoft, Google, Amazon, and Bitwarden. Passkey let a user sign into their account without typing in a username and password but using their fingerprint, face scan, or a device screen lock instead and are stronger and more secure than passwords, cannot be guessed, and are resistant to phishing,
Big Tech drives the shift beyond passwords | Cybernews
This article goes on to show how business can use the NIST 800-55: Measurement of guide for information security and how the two frameworks, Cybersecurity framework and risk management framework intertwine and is intended to help organizations move form general statements about risk level towards a sharper picture founded on hard data. It is intended for people to understand their risk and communicate effectively with it instead of posting data and not having an idea on what it is.
The team then developed a new draft in response to public requests and feedback forms. It then shows you how to take security data and the uncertainty of such data and how to put it all into effective use. “We want people to be able to figure out the process of what to measure”. For example, if you want to measure response times on security incidents, these publications will help you gather that information then be able to present it in a way that makes sense.
A new wave of a phishing campaign titled “I can’t believe he is gone. I’m gonna miss him so much,” lead to a credential-stealing website. Through hacked accounts, threat actors are mass-posting these malicious posts leading users to websites that steal your credentials through a fake Facebook login page. This has been seen through utilizing either a text link or a fake video link that lead to websites that have fake Facebook login pages. Although this campaign started 2-3 months ago, this is still an ongoing issue.
“Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years”
An advanced cyber espionage group, UNC3886, previously associated with exploiting vulnerabilities in VMware and Fortinet appliances, has now been linked to abusing a critical zero-day vulnerability (CVE-2023-34048) in VMware vCenter Server since late 2021. The vulnerability (with a CVSS score of 9.8!) allowed unauthorized access to vCenter Server. Mandiant’s report highlighted that UNC3886 utilized this zero-day to gain privileged access, enumerate ESXi hosts, and install malware, ultimately exploiting another VMware flaw (CVE-2023-20867). The group has a history of using zero-days for undetected operations. VMware users are urged to update to the latest version to mitigate potential threats.
Topic – Just ten groups were responsible for nearly half of all cyberattacks last year
This article by SecurityScorecard basically stated that nearly half (44%) of all cyber incidents in 2023 were attributed to ten prominent threat actors. The research identified trends such as the targeting of supply chains, with 98% of organizations using compromised third-party software. Notable threat actors included the Russian-backed АРТ28 group and the Cobalt Group. The report highlighted that most infrastructure used by threat groups was concentrated in China (24%) and Russia (15%), though threat actors operated globally. The IT and tech industries were the primary targets of cyberattacks, followed closely by critical infrastructure like telecoms and government institutions. The study also revealed a correlation between a country’s GDP and its exposure to cyber risks, emphasizing the importance of managing cyber threats for economic prosperity. Northern Europe received the highest cybersecurity score (82.97), while Central Asia had the lowest (71.73). SecurityScorecard CEO Dr. Aleksandr Yampolskiy emphasized the need for precise measurement and clear KPIs to enhance cyber resilience and renew trust in the digital ecosystem.
Okta finally (well, a few months ago) admits that ALL of its non-government customers were affected by the Breach in October. My questions would be: what went wrong in their security and risk planning that allowed this breach to happen in the first place?
Company called VF Corporation, which owns clothing brands like Dickies, North Face, and Vans, experienced a data breach in December. Personal information of 35.5 million customers was exposed, but the exact details of what data was stolen are still not clear. The company had to temporarily shut down some computer systems, causing disruptions to its operations. It kicked out the cyber attackers on December 15, but there are still some minor ongoing impacts. The company assured that sensitive information like account passwords, Social Security numbers, and credit card details were not taken. However, the investigation is still ongoing, and details about the stolen customer information are still yet to be disclosed.
Link:https://www.darkreading.com/cyberattacks-data-breaches/massive-data-breach-vf-35m-vans-retail-customers
Medibank hack: Russian sanctioned over Australia’s worst data breach
Medibank, one of the largest Australian Health Insurance organizations, has been breached by Russian criminals in what is being called “Australia’s worst data breach”. The breach compromised the data of millions of users and customers, including high ranking officials including the prime minister.. In response, Australia has sanctioned Russia and promised prosecution and retaliation on those responsible. This article is interesting, not only due to its clear connection to cyber security, but also because it highlights a topic we discussed in our last class, that being organized gangs or targeted attacks by cyber criminals
NIST Identifies Types of Cyberattacks That Manipulate Behavior of AI Systems
I find this very interesting that an AI system can malfunction if an adversary finds a way to confuse its decision making. Adversaries can deliberately confuse or even “poison” artificial intelligence (AI) systems to make them malfunction — and there’s no foolproof defense that their developers can employ. Computer scientists from the National Institute of Standards and Technology (NIST) and their collaborators identify these and other vulnerabilities of AI and machine learning (ML) in a new publication.. This “evasion” attack is one of numerous adversarial tactics described in a new NIST publication intended to help outline the types of attacks we might expect along with approaches to mitigate them.
This article is about AI and it’s use to improve how genuine a scam email looks. Usually with scam emails, it’s pretty obvious to us when something is a scam. But based off this article, due to AI it would be difficult to recognize phishing messages. This isn’t something that would take decades to take effect, rather due to a recent assessment, it’s almost guaranteed that AI would increase the number and impact of cybersecurity attacks over the next two years. This will specifically be done through generative AI, which is what generates the messages. This in turn would make it easier for more cybercriminals to enter the space. Because of this cybersecurity experts have said that there needs to be stronger action and that everyone needs to fundamentally change how they approach the idea of ransomware.
Two malicious packages, warbeast2000 and kodiak2k, have been discovered on the npm package registry, and use GitHub to store stolen Base64 encrypted SSH keys from developers. Both packages execute post-install scripts aimed at accessing private SSH keys.
Michael Obiukwu says
Unsettling New Warning in Chrome Incognito Mode Reveals Ongoing Tracking
An updated warning page for Incognito mode went live on Canary, a version of Chrome primarily used by developers, as first spotted by MSPowerUser on Tuesday. The new text confirms your data will be collected by websites and Google while browsing in this mode. This change has yet to hit the latest version of Chrome, but it’s likely to come soon.
https://gizmodo.com/google-chrome-incognito-mode-privacy-warning-changed-1851172178
Ikenna Alajemba says
A cyberattack that diverted ambulances from hospitals in East Texas on Thanksgiving Day is more widespread than previously known and has also forced hospitals in New Jersey, New Mexico and Oklahoma to reroute ambulances, hospital representatives said.
https://www.cnn.com/2023/11/27/politics/cyberattack-hospital-diverts-ambulances/index.html
Erskine Payton says
Erskine Payton
In the News Article- Week 1
MIS 5214
Temple University
https://courts.vic.gov.au/news/court-services-victoria-cyber-incident
In November 2023 Court Services Victoria (CSV) reports their network had been hacked and that audio-visual recording of some hearings had been accessed. The article also shared that maybe hearings prior to November 2023 could have been accessed but they could be certain. The breach only effect one network so CSV isolated and disabled it.
As of this week no one has claimed responsibility, and the investigation is ongoing. CSV released a statement updating the users, ensuring them that things are unaffected.
Mariam Hazali says
This article discussed the need to move from traditional passwords to passwordless identification , Challenges paused by passwords(Vulnerable to brute force attacks ) and rise of Quantum computers which pose a risk to current encryption algorithms push the need to adapt to passwordless mechanisms such as passkey which is adapted by big tech companies like Microsoft, Google, Amazon, and Bitwarden. Passkey let a user sign into their account without typing in a username and password but using their fingerprint, face scan, or a device screen lock instead and are stronger and more secure than passwords, cannot be guessed, and are resistant to phishing,
Big Tech drives the shift beyond passwords | Cybernews
Jeffrey Sullivan says
NIST Offers Guidance on Measuring and Improving Your Company’s Cybersecurity Program | NIST
https://www.nist.gov/news-events/news/2024/01/nist-offers-guidance-measuring-and-improving-your-companys-cybersecurity
This article goes on to show how business can use the NIST 800-55: Measurement of guide for information security and how the two frameworks, Cybersecurity framework and risk management framework intertwine and is intended to help organizations move form general statements about risk level towards a sharper picture founded on hard data. It is intended for people to understand their risk and communicate effectively with it instead of posting data and not having an idea on what it is.
The team then developed a new draft in response to public requests and feedback forms. It then shows you how to take security data and the uncertainty of such data and how to put it all into effective use. “We want people to be able to figure out the process of what to measure”. For example, if you want to measure response times on security incidents, these publications will help you gather that information then be able to present it in a way that makes sense.
Kenneth Saltisky says
A new wave of a phishing campaign titled “I can’t believe he is gone. I’m gonna miss him so much,” lead to a credential-stealing website. Through hacked accounts, threat actors are mass-posting these malicious posts leading users to websites that steal your credentials through a fake Facebook login page. This has been seen through utilizing either a text link or a fake video link that lead to websites that have fake Facebook login pages. Although this campaign started 2-3 months ago, this is still an ongoing issue.
https://www.bleepingcomputer.com/news/security/watch-out-for-i-cant-believe-he-is-gone-facebook-phishing-posts/
Nicholas Nirenberg says
“Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years”
An advanced cyber espionage group, UNC3886, previously associated with exploiting vulnerabilities in VMware and Fortinet appliances, has now been linked to abusing a critical zero-day vulnerability (CVE-2023-34048) in VMware vCenter Server since late 2021. The vulnerability (with a CVSS score of 9.8!) allowed unauthorized access to vCenter Server. Mandiant’s report highlighted that UNC3886 utilized this zero-day to gain privileged access, enumerate ESXi hosts, and install malware, ultimately exploiting another VMware flaw (CVE-2023-20867). The group has a history of using zero-days for undetected operations. VMware users are urged to update to the latest version to mitigate potential threats.
URL: https://thehackernews.com/2024/01/chinese-hackers-silently-weaponized.html
Chidiebere Okafor says
Topic – Just ten groups were responsible for nearly half of all cyberattacks last year
This article by SecurityScorecard basically stated that nearly half (44%) of all cyber incidents in 2023 were attributed to ten prominent threat actors. The research identified trends such as the targeting of supply chains, with 98% of organizations using compromised third-party software. Notable threat actors included the Russian-backed АРТ28 group and the Cobalt Group. The report highlighted that most infrastructure used by threat groups was concentrated in China (24%) and Russia (15%), though threat actors operated globally. The IT and tech industries were the primary targets of cyberattacks, followed closely by critical infrastructure like telecoms and government institutions. The study also revealed a correlation between a country’s GDP and its exposure to cyber risks, emphasizing the importance of managing cyber threats for economic prosperity. Northern Europe received the highest cybersecurity score (82.97), while Central Asia had the lowest (71.73). SecurityScorecard CEO Dr. Aleksandr Yampolskiy emphasized the need for precise measurement and clear KPIs to enhance cyber resilience and renew trust in the digital ecosystem.
Link – https://www.techradar.com/pro/security/just-ten-groups-were-responsible-for-nearly-half-of-all-cyberattacks-last-year
Kelly Conger says
Okta finally (well, a few months ago) admits that ALL of its non-government customers were affected by the Breach in October. My questions would be: what went wrong in their security and risk planning that allowed this breach to happen in the first place?
Link – https://techcrunch.com/2023/11/29/okta-admits-hackers-accessed-data-on-all-customers-during-recent-breach/
Alex Ruiz says
Company called VF Corporation, which owns clothing brands like Dickies, North Face, and Vans, experienced a data breach in December. Personal information of 35.5 million customers was exposed, but the exact details of what data was stolen are still not clear. The company had to temporarily shut down some computer systems, causing disruptions to its operations. It kicked out the cyber attackers on December 15, but there are still some minor ongoing impacts. The company assured that sensitive information like account passwords, Social Security numbers, and credit card details were not taken. However, the investigation is still ongoing, and details about the stolen customer information are still yet to be disclosed.
Link:https://www.darkreading.com/cyberattacks-data-breaches/massive-data-breach-vf-35m-vans-retail-customers
Andrew Young says
Medibank hack: Russian sanctioned over Australia’s worst data breach
Medibank, one of the largest Australian Health Insurance organizations, has been breached by Russian criminals in what is being called “Australia’s worst data breach”. The breach compromised the data of millions of users and customers, including high ranking officials including the prime minister.. In response, Australia has sanctioned Russia and promised prosecution and retaliation on those responsible. This article is interesting, not only due to its clear connection to cyber security, but also because it highlights a topic we discussed in our last class, that being organized gangs or targeted attacks by cyber criminals
Link: https://www.bbc.com/news/world-australia-68064850
Samuel Omotosho says
NIST Identifies Types of Cyberattacks That Manipulate Behavior of AI Systems
I find this very interesting that an AI system can malfunction if an adversary finds a way to confuse its decision making. Adversaries can deliberately confuse or even “poison” artificial intelligence (AI) systems to make them malfunction — and there’s no foolproof defense that their developers can employ. Computer scientists from the National Institute of Standards and Technology (NIST) and their collaborators identify these and other vulnerabilities of AI and machine learning (ML) in a new publication.. This “evasion” attack is one of numerous adversarial tactics described in a new NIST publication intended to help outline the types of attacks we might expect along with approaches to mitigate them.
https://www.nist.gov/news-events/news/2024/01/nist-identifies-types-cyberattacks-manipulate-behavior-ai-systems
Hashem Alsharif says
https://www.theguardian.com/technology/2024/jan/24/ai-scam-emails-uk-cybersecurity-agency-phishing
This article is about AI and it’s use to improve how genuine a scam email looks. Usually with scam emails, it’s pretty obvious to us when something is a scam. But based off this article, due to AI it would be difficult to recognize phishing messages. This isn’t something that would take decades to take effect, rather due to a recent assessment, it’s almost guaranteed that AI would increase the number and impact of cybersecurity attacks over the next two years. This will specifically be done through generative AI, which is what generates the messages. This in turn would make it easier for more cybercriminals to enter the space. Because of this cybersecurity experts have said that there needs to be stronger action and that everyone needs to fundamentally change how they approach the idea of ransomware.
Akintunde Akinmusire says
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
https://thehackernews.com/2024/01/malicious-npm-packages-exfiltrate-1600.html
Two malicious packages, warbeast2000 and kodiak2k, have been discovered on the npm package registry, and use GitHub to store stolen Base64 encrypted SSH keys from developers. Both packages execute post-install scripts aimed at accessing private SSH keys.