Weekly Cybersecurity News
Ayushman Singh
Community Manager
We share this week’s important news of current events in the world of cybersecurity that directly or indirectly impact our lives as well as operations of businesses, various institutions and organizations, and governments-nation states in this highly digitalized and interconnected world.
Study Shows OpenVPN Traffic Can Be Easily Identified and Blocked:The study revealed that OpenVPN traffic can be easily identified and blocked using DPI (Deep Packet Inspection) technologies, with an accuracy rate of 85%. Despite OpenVPN’s popularity for its security features, the research demonstrated that it’s susceptible to detection and blocking by governments and ISPs. The study’s findings suggest that both VPN providers and users need to be aware of the potential for detection and blocking, particularly in regions with strict censorship. While short-term defenses like varying packet sizes and introducing noise in data traffic may help mitigate detection, the ultimate solution lies in the evolution of VPN protocols themselves to adapt to advancing DPI technologies.
Investors’ pledge to fight spyware undercut by past investments in US malware maker:The article discusses how some investors have pledged to combat the proliferation of commercial spyware, including companies like NSO Group or Intellexa. However, it reveals that at least one of these investors, Paladin Capital Group, had previously invested in a company called Boldend, known for developing offensive cybersecurity tools, including a malware platform called Origen. Despite their commitment to not invest in spyware companies, Paladin’s past investment in Boldend raises questions about their adherence to this principle. The article highlights the complexities surrounding investors’ ethical considerations and their commitments to free and open societies, especially in the context of national security interests.
US signs up more countries for its anti-spyware push:The White House has announced that six additional countries, including Finland, Germany, Ireland, Japan, Poland, and the Republic of Korea, have joined an international coalition aimed at countering commercial spyware. With these new additions, the coalition now includes a total of 23 nations, demonstrating a global effort to combat the threats posed by the misuse of spyware in both authoritarian regimes and democracies. The coalition aims to ensure that spyware remains aligned with human rights, the law, and civil liberties, while also preventing the export of such technology to end-users likely to engage in malicious cyber activities. This top-level governmental approach seeks to protect countries, crucial services, and citizens while upholding democratic values and fostering responsible innovation.
Most IT pros think cyberattacks are getting worse — and many firms don’t know how to deal with them:A recent report by Thales reveals that a majority of IT professionals believe cyberattacks are increasing in severity or frequency, marking a 47% rise from the previous year’s findings. The report, based on a survey of 3,000 IT and security professionals globally, highlights a significant increase in ransomware attacks, with over a quarter of companies falling victim and less than half having a plan to address such incidents. Additionally, 43% of enterprises failed compliance audits last year, correlating with a higher risk of cyberattacks. Malware, particularly targeting cloud and SaaS applications, has emerged as the fastest-growing threat, with 41% of enterprises affected. Human error remains the top cause of data breaches, emphasizing the importance of data management and compliance in mitigating cybersecurity risks. Thales underscores the need for enterprises to classify their data effectively and maintain visibility across their organization to ensure compliance with evolving data privacy regulations.
Meta to shutter key disinformation tracking tool before 2024 election:Meta’s decision to close its CrowdTangle division, a tool used for tracking content across social media platforms, has sparked criticism from over 100 research and advocacy groups who argue that it will hinder efforts to combat disinformation. In an open letter addressed to Meta, organizations including the Mozilla Foundation and the Center for Democracy and Technology expressed concern that the closure would impede the monitoring of election disinformation, particularly during significant election years such as 2024. CrowdTangle, which was acquired by Meta in 2016, has been utilized by journalists, researchers, and election observers to monitor the spread of false content on Meta platforms. The letter asserts that Meta’s decision will silence outside efforts to identify and prevent political disinformation, incitements to violence, and online harassment, posing a direct threat to the integrity of elections. Despite Meta’s recent launch of the Meta Content Library, which shares data with researchers, critics argue that it does not offer the same level of transparency and real-time tracking capabilities as CrowdTangle. The letter calls on Meta to delay the closure of CrowdTangle and ensure that its replacement adequately serves the needs of election integrity experts and researchers.
Do You Suddenly Need To Stop Using Apple’s iMessage?The recent iMessage warning issued for Apple’s 1.5 billion iPhone users has raised concerns about the security of the messaging platform. Despite Apple’s emphasis on privacy and security, iMessage’s lack of end-to-end encryption for communication with non-Apple users has been highlighted as a significant vulnerability. The US government’s antitrust lawsuit against Apple has criticized this aspect, stating that Apple could enhance user privacy and security by extending encryption to messages sent to Android devices. The lawsuit alleges that Apple’s refusal to support cross-platform encryption undermines user interests in favor of commercial interests. While Apple has defended its position, arguing that the lawsuit threatens its focus on privacy and security, critics assert that Apple’s stance on iMessage compromises user privacy and security. With the emergence of alternatives like Google’s end-to-end encrypted Messages and Meta’s encrypted messaging platform, the debate over iMessage’s security has become more acute. Despite Apple’s pushback against the lawsuit, concerns persist about the quality, privacy, and security of third-party messaging apps on the iPhone compared to Apple’s own messaging app. As the legal proceedings unfold, the implications for encrypted messaging services and user privacy could be significant.
Scammers are pretending to be FTC workers in order to steal money:The U.S. Federal Trade Commission (FTC) has issued a warning about scammers posing as FTC workers to steal money from unsuspecting victims. The FTC emphasized that it will never instruct consumers to move their money to protect it, use Bitcoin ATMs, purchase gold bars, or withdraw cash and deliver it to someone in person. Additionally, the FTC stated that it will never demand money from consumers, threaten them with arrest or deportation, or promise prizes. The agency urged Americans to be cautious when receiving phone calls, emails, or text messages from individuals claiming to be from the FTC, as it is likely a scam. In response to the increasing number of impersonation fraud complaints, the FTC announced the finalization of the Government and Business Impersonation Rule, which provides the agency with stronger tools to combat scammers and return money to affected consumers. This warning aligns with a previous alert issued by the FBI in January 2024, which cautioned about fake “tech support” agents persuading victims, particularly the elderly, to purchase gold bars to secure their funds, after which couriers would collect the gold bars. The median financial loss associated with this scheme has increased significantly in recent years, highlighting the urgency of addressing such scams.
Hackers can unlock over 3 million hotel doors in seconds:Security researchers have discovered a vulnerability in Saflok-brand RFID-based keycard locks, affecting 3 million doors worldwide. Dubbed Unsaflok, the exploit allows hackers to open any Saflok lock with just two taps. Dormakaba, the lock maker, is working to address the issue, but only 36% of locks have been updated so far. Fixing all vulnerable locks may take months due to hardware replacements and connectivity issues. This highlights the importance of promptly addressing security flaws to protect users and sensitive systems.
VR headsets could be hacked in “Inception-esque” attacks — with attackers able to steal your data without you even noticing:Experts warn that VR headsets, like Meta Quest, could be vulnerable to “Inception-esque” attacks, allowing hackers to manipulate users’ virtual experiences without their knowledge. Researchers from Cornell University propose the possibility of inserting an “Inception Layer” between the VR Home Screen and User/Server interactions, potentially leading users to perceive false information or engage in unwitting actions, such as initiating fraudulent transactions. While the extent of this vulnerability remains unclear and no concrete proof-of-concept exists, the potential for sophisticated phishing scams in the metaverse raises concerns.
Generative AI puts GPU security in the spotlight:The rise of generative AI tools is drawing attention to cybersecurity risks for the chips and processing units powering these technologies. With few manufacturers producing chips capable of handling the large data sets needed, they become prime targets for attacks. Insecure chips could lead to malware deployment and compromise of large language models. Nvidia’s recent cybersecurity partnerships underscore this concern. While most cyberattacks traditionally target software or network flaws, AI technologies introduce new risks as data processed by LLMs flows through GPUs. These GPUs face similar threats as CPUs, including malware attacks and supply chain attacks. As generative AI becomes more prevalent, the risk of data-poisoning attacks on GPUs increases. While successful attacks on GPUs are rare, defending them requires innovative approaches due to their unique challenges. Expect discussions on AI security to focus more on hardware and chip security alongside model manipulation and safety risks.
A leading spyware combatant on what’s next as governments continue to crack down:John Scott-Railton, a senior researcher at Citizen Lab, discusses the increasing threat of spyware, particularly in the realm of commercial espionage. He highlights the recent U.S. sanctions against spyware companies and emphasizes the need for global regulatory measures to address the proliferation of this technology. Scott-Railton also explores the potential implications of emerging technologies like generative AI for surveillance and espionage, urging vigilance and skepticism regarding their use. He underscores the importance of transparency, accountability, and diplomatic pressure in tackling this issue effectively.
Unpatchable security flaw in Apple Silicon Macs breaks encryption:Researchers have discovered an unpatchable security flaw in Apple Silicon Macs, affecting M1, M2, and M3 chips. The flaw, related to Data Memory-dependent Prefetchers (DMP), allows attackers to break encryption and access cryptographic keys. Apple may implement workarounds, but they could significantly impact performance. However, the real-world risk remains low due to the difficulty of exploiting the vulnerability.
Some of the Most Popular Websites Share Your Data With Over 1,500 Companies:Many websites now disclose the number of companies they share user data with, shedding light on the extensive tracking and data-sharing practices prevalent online. Analysis reveals that some popular sites share data with over 1,000 companies, underscoring the complexity and opacity of the online advertising ecosystem. Despite these disclosures, users often remain unaware of the full extent of tracking and data sharing occurring as they browse the web.
Exploring the surveillance partnership between the government and data brokers:Byron Tau, in his book “Means of Control: How the Hidden Alliance of Tech and Government is Creating a New American Surveillance State,” delves into the partnership between the government and data brokers, revealing how commercially available data is used for surveillance. Tau uncovers various sources of data, including tire pressure sensors, location apps, and even car tires emitting signals, which can be exploited for tracking individuals. He emphasizes the increasing integration of corporate and government data, highlighting concerns about privacy and civil liberties. Tau discusses the evolution of government surveillance post-9/11, the challenges of balancing security with privacy, and the lack of transparency surrounding data collection and usage. He underscores the need for meaningful reforms to address the widespread data collection practices and their implications for individual privacy and civil liberties. Additionally, Tau sheds light on the role of inside-the-Beltway contractors who facilitate the acquisition and integration of data for government agencies, contributing to the growing surveillance apparatus.
Keep these tips in mind to avoid being duped by AI-generated deepfakes:As AI-generated deepfakes become increasingly prevalent, it’s important to be vigilant to avoid being deceived by them. Deceptive images, videos, and audio created through generative AI tools pose risks such as scams, identity theft, propaganda, and election manipulation. Although early deepfakes often had telltale signs of manipulation, advances in AI have made them harder to detect. However, there are still some indicators to look out for, such as an electronic sheen in deepfake photos, inconsistencies in lighting and shadows, and discrepancies in facial features and movements. Contextual analysis and the use of AI-based detection tools can also aid in identifying deepfakes. However, experts warn that AI models are evolving rapidly, making it challenging to rely solely on detection methods, and caution against giving ordinary people a false sense of confidence in spotting deepfakes.
Organizations under pressure to modernize their IT infrastructures:According to a report by Nutanix, organizations are facing increasing pressure to modernize their IT infrastructures due to factors such as AI, security, and sustainability. The use of hybrid multicloud models is expected to double in the next one to three years. Eighty percent of respondents plan to invest in IT modernization, with 85% specifically planning to support AI. Hybrid multicloud environments are becoming the standard infrastructure choice due to their flexibility in supporting traditional VM and modern containerized applications. Additionally, ransomware and malware attacks remain significant challenges, with many organizations planning to increase investments in ransomware protection solutions. Sustainability is also a growing priority, with organizations taking active steps to implement sustainability initiatives, including modernizing IT infrastructure. Overall, organizations are prioritizing IT modernization and edge infrastructure deployments to support their AI strategies and improve their ability to manage data across various environments.
Relevant tags:
Published on Medium