AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/03/2023

Cybersecurity Awareness Month Celebrates 20 Years 

Cybersecurity Awareness Month was founded in 2004 and this year sees the initiative celebrate 20 years of raising awareness of security issues relating to our use of technology. During the month of October, the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) partner to create resources and messaging for organizations to use when they talk with their employees, customers, and memberships about staying safe online. ‘Secure Our World’ is the CISA theme for 2023. 


Progress, the company behind MOVEit, patches new actively exploited security flaws 

Progress Software, the company behind the recently hacked MOVEit file-transfer software, has released fixes for two more critical-rated vulnerabilities that are being exploited by attackers. In an advisory published last week, Progress warned of multiple vulnerabilities affecting its of its enterprise-facing WS_FTP file-transfer software, which the company claims is used by thousands of IT teams worldwide for the “reliable and secure transfer of critical data.” 


Hackers steal user database from European telecommunications standards body 

A nonprofit institution for developing communications standards said hackers have stolen a database identifying its users. The European Telecommunications Standards Institute (ETSI) announced the incident last week. It is not yet clear whether the attack was financially motivated or if the hackers had intended to acquire the list of users for espionage purposes. Following the incident, ETSI, which is based in the Sophia Antipolis technology park in the French Riviera, said it brought in France’s cybersecurity agency ANSSI “to investigate and repair the information systems.” 


FBI warns of surge in ‘phantom hacker’ scams impacting elderly 

The FBI issued a public service announcement warning of a significant increase in ‘phantom hacker’ scams targeting senior citizens across the United States. “This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institution, and government personas to enhance the trust victims place in the scammers and identify the most lucrative accounts to target,” the FBI said“Victims often suffer the loss of entire banking, savings, retirement, or investment accounts under the guise of ‘protecting’ their assets.” 


AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds 

The potential for cybercriminals to use AI chatbots to create phishing campaigns has been cause for concern and now it has been found to be almost impossible to detect AI-generated phishing emails, according to email security provider Egress. AI detectors cannot tell whether a phishing email has been written by a chatbot or a human in three cases out of four (71.4%), according to Egress’ Phishing Threat Trends Report, published on October 2. The reason for this is due to how AI detectors work. Most of these tools are based on large language models (LLMs), therefore their accuracy increases with longer sample sizes, often requiring a minimum of 250 characters to work. 


Norway Urges Europe-Wide Ban on Meta’s Targeted Ad Data Collection 

A ban on mass Meta user data collection for advertising is set to expire next month in Norway, but privacy watchdogs are saying it should be made permanent — and extended across Europe. Norway’s Data Protection Board (EDPB) has accused Meta of violating the EU’s General Data Protection Regulation (GDPR) regulations. “We believe that our temporary ban must be made permanent,” the EDPB said in a recent statement. “Furthermore, we believe that the General Data Protection Regulation (GDPR) must be interpreted consistently throughout the EU/EEA, and we ask for the ban to be extended to the rest of Europe.” 


New Marvin attack revives 25-year-old decryption flaw in RSA 

A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today. After extensive testing that measures end-to-end operations, Red Hat researchers discovered several variations of the original timing attack, collectively called the ‘Marvin Attack,’ which can effectively bypass fixes and mitigations. The problem allows attackers to potentially decrypt RSA ciphertexts, forge signatures, and even decrypt sessions recorded on a vulnerable TLS server. 

Related Posts