.png)
👋 Welcome to the 16th edition Cyber Weekly Digest of 2024.
Still here, still sweating! I guess I should add at this point, if this is your first CWD, that I'm currently in the tropics.
I read an interesting article this week about the banning of social media for under 16's for the sake of their mental health. It's an interesting topic for us when it comes to cyber security but a great moral dilemma too.
Last week Meta faced widespread criticism after lowering min age of WhatsApp from 16 to 13. As someone who doesn't have children I'm interested to know your thoughts...
Should social media be banned for under 16's?
Yes
No
New and noteworthy this week:
🟣 Webinar alert for CultureAI on 30th April 2024! 'Human Risk Management: Forget awareness, let's take action'.
Dissect the benefits of human risk management and learn how you could utilise a data-driven approach to monitor and manage workforce risks, while providing automated coaching and fixes. You can register here
🟣 You've heard that an identity fabric architecture makes the login process seamless but what is it and how does it work? Check out this educational piece by One Identity which covers the what, the how and the key benefits!
🟣 More BYOD blogging gold from Jon Tamplin over at ThreatAware this week! Is MFA enough in 2024? In today's ever-evolving cyber landscape, staying ahead of threats is crucial. But is Multi-Factor Authentication (MFA) alone sufficient to protect your digital assets?
From the rise of sophisticated phishing attacks to the importance of a holistic security approach, let's uncover the challenges and solutions in safeguarding your organisation's data. Read the full blog post here
Last but not least...
🟣 Malicious QR codes are the newest lure in the modern phisher’s tackle box. Why have we seen such a rapid increase in QR code phishing attacks and what tactics do end users need to be aware of?
This recent blog post explores the latest evolution in phishing and breaks down three real QR code attacks stopped by Abnormal Security
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
🚨 This week we were introduced to steganography (which actually has nothing to do with sexy dinosaurs), we heard about a cyber attack with huge consequences for patients at a hospital in France and how phishing emails are targeting the automotive industry.
Keep reading to stay up to date on the latest cyber security news.
The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data. Cerebral is a remote telehealth company that provides online therapy and medication management for various mental health conditions, including anxiety, depression, ADHD, Bipolar Disorder, and substance abuse. In March 2023, the company sent out notices of data breach to 3.2 million people who had interacted with it's websites, applications, and services, that their information had been exposed due to using tracking pixels on its platform.
The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. According to researchers at BlackBerry, the attack happened late last year and relied on living-off-the-land binaries, scripts, and libraries (LoLBas). The threat actor focused on targets with high level privileges, luring them with links to a malicious URL impersonating the legitimate Advanced IP Scanner tool. BlackBerry attributed the attacks to FIN7 with a high level of confidence based on the use of unique PowerShell scripts using the adversary's signature 'PowerTrash' obfuscated shellcode invoker, first seen in a 2022 campaign.
A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab' promising downloaders a free copy if they convince their friends to install it too.
Redline is a powerful information-stealing malware capable of harvesting sensitive information from infected computers, including passwords, cookies, autofill information, and cryptocurrency wallet information. The malware is very popular among cybercriminals and is spread worldwide using diverse distribution channels.
The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing staff to go back to pen and paper. CHC-SV is an important medical establishment in France, particularly in the region of Cannes, offering a broad range of medical specialties through 2,100 employees, including 230 doctors. With a capacity of 869 beds, it handles 150,000 outpatient and 50,000 emergency room visits, performs 9,000 surgeries, and assists in 1,500 births annually. The Hospital announced that it was forced to take all computers offline earlier this week due to a cyberattack, leaving only telephone systems available for communication.
The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, and XWorm, among others. "The group made extensive use of steganography by sending VBSs, PowerShell code, as well as RTF documents with an embedded exploit, inside images and text files," Russian cybersecurity company Positive Technologies said in a Monday report. The campaign has been codenamed SteganoAmor for its reliance on steganography and the choice of file names such as greatloverstory.vbs and easytolove.vbs.
