8th June, 2023
iOS Devices Targeted by New Malware Campaign: Operation Triangulation
A recent report by Securelist has unveiled a new malware campaign called "Operation Triangulation" that specifically targets iOS devices. Through network traffic monitoring on a corporate Wi-Fi network dedicated to mobile devices, the researchers at Securelist detected suspicious activity originating from several iOS-based phones. Upon further investigation, they uncovered evidence of compromise by analyzing offline backups of the devices. The campaign follows a multi-stage infection sequence, starting with a malicious iMessage attachment triggering code execution and subsequent downloads of additional exploits for privilege escalation. The final payload retrieved from the command-and-control server is a fully-featured Advanced Persistent Threat (APT) platform. The attack, which has been ongoing since 2019, has successfully targeted iOS devices running version 15.7.
Amazon Fined $30 Million For Privacy Violations By The FTC
The U.S. Federal Trade Commission (FTC) has fined Amazon a total of $30.8 million for privacy violations related to its Alexa assistant and Ring security cameras. The fines include $25 million for breaching children's privacy laws by retaining their Alexa voice recordings indefinitely. Amazon is also required to delete collected information, including inactive child accounts and voice recordings, and disclose its data retention practices. Additionally, Amazon must pay $5.8 million in consumer refunds for allowing employees and contractors to access private videos recorded by Ring cameras without sufficient consent. The FTC criticized Amazon for inadequate security controls, which led to unauthorized access and misuse of customer accounts. Hackers used Ring cameras to harass, threaten, and insult users, including children and the elderly. The settlement requires Amazon to purge unlawfully obtained customer videos and facial data and remove any derived work products. Amazon stated, "we take our responsibilities to our customers and their families very seriously" and that it's "consistently taken steps to protect customer privacy by providing clear privacy disclosures and customer controls”.
NCSC Announces the upcoming closure of the CCP Scheme
The UK Cyber Security Council (UKCSC) has announced the closure of the Certified Cyber Security Professional (CCP) scheme. Starting from the end of June, new applications to the CCP scheme will no longer be accepted. The UKCSC, which took over stewardship of the CCP scheme in 2022, aims to establish a new professional standard in the cyber security industry. The closure of the CCP scheme is part of the UKCSC's efforts to introduce Chartership Titles and recognize cyber security practitioners through Associate, Principal, and Chartered statuses. This move will enable businesses to make informed decisions regarding cyber recruitment and provision under the new scheme. Organizations using CCP should review their procedures and update them to align with the upcoming UKCSC Chartership Titles. The CCP certifications will continue to be recognized until their expiration in December 2026. The UKCSC and the NCSC are collaborating to ensure that the new standards meet the requirements of the UK's Cyber Security Strategy and maintain their excellence as the cyber security profession evolves.
Massive Hack Exposes Organizations to Supply Chain Vulnerabilities
Numerous organizations, including the BBC, British Airways, Boots, and Aer Lingus, have fallen victim to a large-scale hack that compromised personal data. The cybercriminals targeted a widely used software, MOVEit, allowing them to gain unauthorized access to multiple companies simultaneously. While there have been no reports of ransom demands or monetary theft, the breach has exposed sensitive information such as national insurance numbers, bank details, and personal addresses. The payroll services provider Zellis, one of the affected companies, confirmed data theft from eight client firms. The incident prompted independent warnings to staff from the affected organizations. The UK's National Cyber Security Centre has advised organizations using the compromised software to implement security updates, while experts predict potential ransom demands and the publication of stolen data online. The Cl0p ransomware group is suspected to be responsible for the attacks, although no official attribution has been made