Welcome to the January 2024 edition of Cyber Security Monthly Recap. This month, we’ve seen some significant events that emphasize the importance of protecting our digital world. From legal challenges to critical vulnerabilities, January 2024 highlights the need to stay informed about cybersecurity. Let’s dive in!
Meta Faces GDPR Complaint for Consent Withdrawal Fees
Meta is under fire for requiring users to pay up to €251.88 per year to withdraw consent for tracking on Facebook and Instagram. This goes against GDPR rules, which mandate that withdrawing consent should be as easy as giving it. NOYB filed a complaint in Austria, challenging Meta’s approach and demanding a fee-free withdrawal method. This case could set a precedent for privacy charges and impact Meta’s operations in the EU.
Urgent: GitLab Releases Critical Updates
GitLab issued critical updates for CVE-2023-7028, a severe email verification flaw allowing account takeovers, and CVE-2023-5356, which prevented command execution via Slack/Mattermost integrations. Users are urged to update GitLab to the latest versions and enable 2FA for enhanced security.
GitHub Addresses High-Severity Vulnerability
GitHub resolved a high-severity vulnerability (CVE-2024-0200) exposing credentials, leading to the rotation of key credentials, including GitHub Actions and Codespaces keys. Users need to import new keys to stay secure. GitHub continues its proactive cybersecurity measures.
Outlook Calendar Invite Vulnerability
Varonis researchers disclosed a Microsoft Outlook vulnerability (CVE-2023-35636) that leaks hashed passwords through malicious calendar invites. While patched in December 2023, it’s crucial to stay vigilant against such threats, use Kerberos over NTLM for authentication, and keep software updated.
Massive Data Leak: Mother of All Breaches (MOAB)
A colossal data leak, dubbed the “Mother of all Breaches” (MOAB), exposed 12 terabytes of data with over 26 billion records from platforms like LinkedIn and Twitter. This poses severe threats, including identity theft and phishing attacks. Users are advised to enhance cybersecurity practices, use strong passwords, and enable multi-factor authentication.
New Malvertising Scheme Spreading CACTUS Ransomware
A hacking group known as Twisted Spider, has been detected using a new malvertising scheme to spread the CACTUS ransomware. This group had previously been linked to the QakBot malware, which had been taken down by law enforcement. To adapt, Twisted Spider turned to Storm-1044 services. They infect target computers with the DanaBot initial access Trojan, a threat observed since November 2023. DanaBot specializes in stealing information, including login credentials, and gives this stolen data to hackers. Once inside a network, Storm-1044 moves laterally, effectively handing control to Twisted Spider. Subsequently, the CACTUS ransomware is unleashed on the compromised systems, becoming a favorite among ransomware operators.
In conclusion, that’s a wrap for our January 2024 Cybersecurity Monthly Recap. We hope this update has provided you with valuable insights into the evolving world of cybersecurity and data privacy. Your engagement is essential to us, so feel free to share any interesting articles or news updates in the comments section below. Stay safe and stay secure!