Weekly Cybersecurity News
Ayushman Singh
Community Manager
We share this week’s important news of current events in the world of cybersecurity that directly or indirectly impact our lives as well as operations of businesses, various institutions and organizations, and governments-nation states in this highly digitalized and interconnected world.
Europol Issues Urgent Call Against E2EE on Meta’s Platforms:
Europol and European police chiefs are expressing concerns about the deployment of end-to-end encryption (E2EE) on Meta’s platforms, fearing it could hinder law enforcement’s ability to combat serious crimes. They argue that E2EE could create “spaces beyond the reach of law enforcement.” However, there are opposing views highlighting the importance of preserving individuals’ privacy and the potential risks associated with introducing backdoors into encryption systems.
Warrantless spying powers extended to 2026 with Biden’s signature:President Joe Biden has signed legislation extending warrantless spying powers under Section 702 of the Foreign Intelligence Surveillance Act until 2026. The bill includes modest changes and internal regulations aimed at addressing concerns about the program’s potential for collecting personal information on Americans. Despite controversies, Section 702 is considered a key tool for countering espionage, terrorism, and cyber threats. The Senate approved the bill, resisting attempts to impose a warrant requirement and change the definition of “electronic communications service providers.” Attorney General Merrick Garland emphasized the importance of Section 702 in protecting national security while upholding Americans’ civil liberties.
Billions of public Discord messages may be sold through a scraping service:A service called Spy Pet claims to be scraping and compiling data from over 14,000 public Discord servers, potentially exposing billions of public messages. This service offers data “credits” for cryptocurrency payments, allowing users to track individuals across servers, access their messages, and view connected accounts like GitHub. Spy Pet openly invites AI model trainers and law enforcement to contact them for deals. Discord is investigating whether Spy Pet violated its terms of service and community guidelines.
LastPass users targeted in phishing attacks good enough to trick even the savvy:LastPass users were targeted in a sophisticated phishing campaign using a service called CryptoChameleon, which provides resources to create convincing phishing attempts. The attackers employed a combination of email, SMS, and voice calls to trick users into divulging their master passwords. LastPass confirmed that threat actors used this campaign to target users, urging caution and advising users to verify communications directly with LastPass rather than responding to unsolicited calls or messages. Additionally, LastPass has been previously targeted in similar attacks, highlighting the importance of vigilance in cybersecurity practices.
Open-source developers face a potential social-engineering crisis:Open-source software projects are facing a wave of social-engineering attacks, prompting alarm within the coding community. The Open Source Security Foundation (OpenSSF) and the OpenJS Foundation issued an alert following attacks against a Linux tool and three JavaScript projects. The attacks highlight vulnerabilities in the open-source ecosystem’s decentralized nature, making it challenging to notify maintainers about threats or suspicious activities promptly. The community is reevaluating its security practices, and initiatives are underway to provide resources and centralized systems for sharing security vulnerabilities.
Google all at sea over rising tide of robo-spam:The Register’s opinion piece discusses the growing challenge of AI-driven spam affecting Google’s search system. The article highlights the exponential rise of content spam since the advent of AI, posing a significant threat to Google’s revenue and user experience. Despite efforts to combat spam, the decentralized nature of the web and the evolution of AI spam present formidable challenges. The piece suggests reevaluating the reliance on algorithms and proposes empowering users with more control over content quality through transparent site statements.
Malicious Google Ads found promoting a fake IP scanner that just wants to steal your data:Security researchers have identified a malicious advertising campaign in Google Ads that impersonates legitimate software companies to distribute a sophisticated Windows backdoor. Hackers registered typosquatted domains resembling well-known port scanning and IT management software companies and promoted them via Google Ads. Users who visited these sites and downloaded the offered software ended up with the MadMxShell backdoor, which employs various evasion techniques to avoid detection by security solutions. The motive behind the campaign and the identity of the attackers remain unknown.
Over 17 billion personal accounts leaked worldwide since 2004:Cybersecurity researchers report a significant increase in data breaches globally, with over 17 billion personal accounts exposed since 2004. In the first quarter of 2024 alone, data breaches increased fivefold compared to the same period in the previous year. The United States, Russia, and China are among the most breached countries in 2024. The breaches highlight the ongoing threat to personal data security and emphasize the importance of strong passwords and cautious online behavior.
The Real-Time Deepfake Romance Scams Have Arrived:Scammers known as “Yahoo Boys” are using deepfake technology to carry out elaborate romance scams. These scammers, often based in Nigeria, manipulate victims by using face-swapping tech in real-time video calls to create fake personas. With the aid of deepfakes, they build trust with victims before tricking them into parting with significant sums of money. The use of deepfakes in romance scams underscores the evolving nature of cybercrime and the need for increased vigilance in online interactions.
Spain reopens Israeli spyware probe, sharing information with France:Spain’s High Court has reopened an investigation into the use of NSO Group’s Pegasus software for spying on Spanish politicians, including Prime Minister Pedro Sanchez. The probe, which will involve collaboration with French authorities, aims to identify the perpetrators of the cyber attacks. This decision follows France’s sharing of details from its own investigation into similar incidents involving Pegasus software.
Published on Medium
