This week’s Cyber Security Headlines – Week in Review, is hosted by Rich Stroffolino with guest Gerald Auger Ph.D., Chief Content Creator, Simply Cyber
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com.
Global McDonald’s outage blamed on third-party vendor, not cyberattack
A massive outage affected point of sale terminals in McDonald’s outlets in the United States, the UK, Japan, Australia, Canada, the Netherlands, Italy, and New Zealand, on Saturday. The cause, according to a statement shared by the company’s Chief Information Officer Brian Rice, was a third-party service provider’s configuration change, and not a cyberattack. The outage forced stores to revert to pen and paper to take orders and to all transactions in cash. The issue has been mostly restored, but no explanation of the specifics of the outage has yet been made.
Former telecom manager admits to doing SIM swaps
The former IT manager of a New Jersey-based mobile telecommunications store, Jonathan Katz, says he “abused his managerial position and highly privileged account to overcome security measures and perform unauthorized number ports.” He has pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps. In this case, Katz’s actions appear to have circumvented measures implemented by many telecom providers to prevent number porting without the involvement or authorization of the owner.
Spyware agreement gains more international support
Six new countries—Finland, Germany, Ireland, Japan, Poland, and South Korea—have joined an alliance of 11 others in a U.S.- led agreement to combat the misuse of commercial spyware. This pact commits these countries to establishing robust guardrails and procedures around spyware usage and to enhancing global awareness of its dangers. Quick spyware 101, spyware is malicious software designed to infiltrate mobile phones to eavesdrop and collect data, which poses a significant national security and counterintelligence threat. CNN reports, the Biden administration continues to uncover cases targeting American government personnel. In response, the White House has ramped up efforts against this threat, implementing new visa restrictions and sanctions against entities involved in the spyware industry.
Mid-stream hack postpones ESports league
“I’m getting hacked, bro, I’m getting hacked,” was an Esports player’s immediate reaction upon realizing he was indeed being hacked during a live-streamed game over the weekend. In separate incidents during the Apex Legends Global Series tournament, two players unexpectedly gained access to cheats which is forbidden in these kinds of competitions, prompting the organizers to suspend the game. Initially, it was suspected that hackers exploited a remote code execution (RCE) vulnerability. However, the following day, the developers behind Apex Legends’ anti-cheat system, Easy Anti-Cheat, announced on X (formerly Twitter) that they had ruled out the possibility of an RCE being involved. As of now, there have been no further updates on what transpired.
Thanks to today’s episode sponsor, Vanta
CSA announces IOT Device Security Specification
Right now, the best way to characterize the security of consumer connected devices is buyer beware. But the new IOT Device Security Specification from the Connectivity Standards Alliance, or CSA, looks to change that. This sets out baseline cybersecurity standards for connected home and other IOT device makers. Going through a certification process will allow an OEM to put a new Product Security Verified, or PSV mark on product packaging. Over 200 CSA member companies helped develop the specification, including smart home heavyweights Amazon, Google, Arm, and Signify. Products with the PSV mark could arrive by the 2024 holiday shopping season.
GitHub tool uses AI to fix vulnerabilities
GitHub launched a beta of this code-scanning autofix feature for GitHub Advanced Security customers. This uses its existing Copilot AI engine along with its CodeQL semantic engine to find and fix security vulnerabilities in real time. Language support at launch includes JavaScript, Java, Python and Typescript. The company claims the new feature can fix two-thirds of found vulnerabilities. In use, the feature will provide an explanation of the issue detected and steps needed to remediate it, if not automatically done.
US plans Water Sector Cybersecurity Task Force
The US Environmental Protection Agency announced it will seek to form this task force as a way to create an “immediate” solution to threats against the water system. The task force will look to create industry-wide best practices and look to address systemic vulnerabilities. This group will also consider recommendations from an upcoming meeting of state environmental, health and homeland security secretaries on March 21st. EPA administrator Michael Regan noted that right now, even cybersecurity basics are being followed in this industry, with software left unpatched and passwords kept on factory defaults.
US accuses Apple of monopolizing smartphone market
The suit filed by the Justice Department alleges that Apple “used its control of the iPhone to illegally limit competitors and consumer options.” It is also accused of squashing the growth of new apps and reducing the appeal of rival products, using “a series of shapeshifting rules” in a bid to “thwart innovation” and “throttle” competitors. Apple has vowed to “vigorously” fight the lawsuit and denies the claims.
(BBC News)
Hackers claim breach of Israeli nuclear facility network
According to more than one media outlet, the hacktivist group Anonymous is behind the breach of the Shimon Peres Negev Nuclear Research Center. The group announced that 7GB of documents, including PDF documents, emails, Excel and Word files, zip archives, and PowerPoint presentations were included in the haul. In a separate social media announcement, the group added that “did not intend to have a nuclear explosion, but this operation is dangerous, and anything might happen.” There is no evidence that the group was able to breach the facilities’ operational network.
(The Record and CyberNews)