Cyber Stories Newsletter: Stay Informed on the Latest Cybersecurity News - Week of December 1st 2023
Welcome to another edition of our newsletter, your go-to source for the latest cybersecurity developments and news. We bring you a glimpse into some of the intriguing stories that have been making headlines in the cyber world this week.
We believe that staying informed about cybersecurity threats and emerging trends is crucial in today's digital landscape.
Be sure to subscribe to our blog to get these latest threat reports and news stories delivered right to your inbox.
As always, be sure to reach out with any questions or concerns you have on these or any recent threats.
Massive Data Breach at 23andMe Affects Millions
23andMe, a genetic testing company, confirmed a substantial data breach affecting approximately half of its 14 million customers, totalling around 6.9 million individuals. The breach initially appeared to impact 0.1% of customers, about 14,000 people, but further investigation revealed a much larger scale. Hackers accessed the personal information of about 5.5 million people who opted-in to 23andMe's DNA Relatives feature, compromising names, birth years, relationship labels, DNA shared percentages, ancestry reports, and self-reported locations. Additionally, another 1.4 million users' Family Tree profiles were accessed, which includes similar personal information. The breach was attributed to customers reusing passwords, which hackers brute-forced using known passwords from other data breaches. This incident highlights the significant risks of data sharing and the importance of robust cybersecurity measures.
https://techcrunch.com/2023/12/04/23andme-confirms-hackers-stole-ancestry-data-on-6-9-million-users/
SpyLoan Malware: A Cautionary Tale of 12 Million Downloads
The SpyLoan malware, disguised as loan apps, has been downloaded over 12 million times from Google Play and additional third-party platforms. These apps, first identified in 2020, have escalated in prevalence, exploiting users' personal data, including account details, device information, call logs, and more. Cybersecurity company ESET identified 18 such apps, leading to the removal of 17 by Google. The malware's distribution spans fraudulent websites and app stores, notably affecting several countries. SpyLoan apps mimic legitimate financial services but employ deceptive practices, including extorting users through access to sensitive information. This incident underscores the importance of exercising caution with app downloads, even from reputable platforms, and highlights the ever-evolving nature of cybersecurity threats.
Critical Bluetooth Flaw CVE-2023-45866: A Widespread Threat to Multiple Platforms
A severe Bluetooth vulnerability, identified as CVE-2023-45866, poses a significant threat to a wide array of devices, including Android, Linux, macOS, and iOS. This flaw allows attackers to bypass authentication and connect to a device as if it were a Bluetooth keyboard, enabling them to execute arbitrary commands. This attack can be launched from any Linux computer using a standard Bluetooth adapter. The vulnerability is concerning due to its potential to affect devices dating back to Android version 4.2.2 (released in November 2012) and its efficacy even in Apple's LockDown Mode, designed to protect against sophisticated digital threats. Google has acknowledged the risk, noting that it could lead to remote escalation of privilege without requiring additional execution privileges
https://thehackernews.com/2023/12/new-bluetooth-flaw-let-hackers-take.html
Caution for Mac Users: Pirated Software Linked to Spread of Trojan-Proxy Malware
A new Trojan-Proxy malware is spreading among Mac users through unauthorized websites distributing trojanized versions of cracked software. This malware can be used by attackers to build a proxy server network, launch attacks on websites and individuals, and engage in criminal activities. The malware disguises itself as legitimate multimedia, image editing, data recovery, and productivity tools, targeting users searching for pirated software. It utilizes post-install scripts to activate malicious behavior and evades detection by masquerading as the WindowServer process. Users are advised to avoid downloading software from untrusted sources to mitigate this threat.
https://thehackernews.com/2023/12/mac-users-beware-new-trojan-proxy.html
.svg)