Related Posts
Social media giants to testify over failing to protect kids
Social media giants to testify over failing to protect kids
US senators have urgently invited the CEOs of five of the major social media giants to testify about their failure to protect children online. The Senate Judiciary Committee said it will hear from Meta CEO Mark Zuckerberg, X (formerly Twitter) CEO Linda Yaccarino, TikTok CEO Shou Zi Chew, Snap CEO Evan Spiegel, and Discord CEO Jason Citron.
In a press release, the US senate committee on the judiciary announced that the Committee’s previously announced hearing on online child sexual exploitation has been rescheduled for January 31, 2024 and will feature testimony from the CEOs. An earlier hearing on Tuesday, February 14, 2023, included only consumer advocates as witnesses, and no industry representatives.
The CEOs of X, Discord, and Snap will testify after subpoenas were issued by the Committee, following repeated refusals by the three leaders to testify. The CEOs of Meta and TikTok voluntarily agreed to testify at the hearing.
Senators Durbin and Graham commented:
“Several companies initially refused to accept a subpoena. The US Marshals Service even attempted to serve the subpoena at Discord’s office. Both actions are remarkable departures from typical practice.”
The hearing comes as part of a bipartisan effort to protect children online. To that end, several online safety bills across multiple states have gone into effect. For example, Utah signed a bill in March that will require minors to obtain parental consent to sign up to social platforms, while both Louisiana and Mississippi now require age verification to view content considered harmful to children, like porn. On the other hand, a federal judge has blocked a Texas law requiring age verification and a health warning for viewing pornographic websites, a day before the law was set to take effect.
In May, we talked to Alec Muffet about the possible downsides of some of these bills.
During the “Protecting our children online” hearing in February, witnesses and senators mentioned requirements like parental controls, default settings, and audits as tools that could be used to promote online safety for teenagers. They focused on the importance of holding platforms liable for failure to enforce their own terms, and discussed imposing a duty of care on online platforms.
So now seems to be the time that the CEOs of the major platforms will be forced to explain what they have done in the past and how they plan to do better in the future. You would expect they would like to bring their ideas and input voluntarily to the table, but nonetheless it took subpoenas to get them all there.
Children and online safety
The internet is both a good and bad place. A good approach is to spend little to no time on sites that do not give your child a positive and learning experience. And when it comes to internet safety for kids and teens, the best approach is for parents and carers to be involved in their child’s digital life.
If you don’t want to rely on the introduction of legislation and how the social media platforms will undoubtedly struggle to become compliant, we can recommend reading our blog titled “Internet safety tips for kids and teens: A comprehensive guide for the modern parent.”
I do expect some of the platforms to drag their feet, because it seems they always do. Meta is already facing a lawsuit, filed in a California federal court, which argues that Meta unlawfully misled the public about the harms its products, like Facebook and Instagram, could impose on children and teens.
In the UK, Bytedance’s TikTok is looking at a $28.91m fine related to how children are safeguarded on the app.
And Meta, ByteDance, Alphabet, and Snap, are facing another lawsuit alleging their social platforms have adverse mental health effects on children and for running platforms that are addictive to kids.
While it is clear that something needs to be done to protect our children, agreeing on the way in which we can achieve this is hard. Especially if we can’t rely on all the social media platforms to volunteer their cooperation.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
Malwarebytes
Hackers Abuse Dropbox In Phishing Attack To Steal Logins
Hackers Abuse Dropbox In Phishing Attack To Steal Logins
[[{“value”:”
Darktrace, a leading AI-powered threat detection company, identified a sophisticated phishing attempt targeting one of its customers in January 2024. The attack exploited the legitimate cloud service Dropbox.
Algorithm Of The Attack
The attackers used a legitimate email address, “no-reply@dropbox[.]com,” which Dropbox commonly uses for automated notifications.
The email content was crafted to appear legitimate. It likely contained a link to a PDF document supposedly shared by a partner or colleague of the recipient.
Clicking the embedded link within the PDF would have led the user to a malicious website, potentially disguised as a legitimate login page.
Attack Breakdown
On January 29, 2024, the user received a seemingly legitimate email from Dropbox reminding them to open a previously shared PDF, which was sent on January 25, 2024.
Darktrace/Email identified the email as suspicious and moved it to junk, preventing the user from clicking a potentially malicious link within the PDF.
Darktrace/Email and Darktrace/Apps, successfully identified the suspicious email by analyzing
Anomalous Behavior: The email, despite originating from a legitimate address, was sent from an unknown entity and didn’t align with the customer’s usual email communication patterns.
Link Analysis: Darktrace likely analyzed the embedded link within the PDF, identifying it as redirecting to a suspicious domain not previously encountered within the customer’s network.
Despite Darktrace’s intervention, the user opened the suspicious email and accessed the PDF.
On January 31, 2024 Darktrace observed a series of suspicious logins to the compromised Microsoft 365 account:
Logins from unusual locations never used before.
Logins originating from IP addresses associated with VPN services (ExpressVPN, HideMyAss).
Interestingly, the attackers used valid MFA tokens, suggesting they bypassed the customer’s MFA policy (potentially through user error).
The attackers created a new email rule within the compromised account to automatically move emails from the organization’s accounts team to a less-monitored folder.
The attackers sent emails impersonating the legitimate account holder, using urgency-inducing subject lines like “Incorrect contract” and “Requires Urgent Review.”
These tactics aimed to trick recipients into further actions, potentially compromising additional accounts.
“Had RESPOND been enabled in autonomous response mode at the time of the attack, it would have quickly moved to log out and disable the suspicious actor as soon as they had logged into the SaaS environment from an unusual location, effectively shutting down this account takeover attempt at the earliest opportunity.” By Ryan Traill, the threat content lead.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post Hackers Abuse Dropbox In Phishing Attack To Steal Logins appeared first on Cyber Security News.
“}]] Read More
Cyber Security News
IBM Concert Software Vulnerabilities Let Attackers steal Sensitive Data
IBM Concert Software Vulnerabilities Let Attackers steal Sensitive Data
IBM Concert Software has been found vulnerable to multiple security flaws that could allow attackers to trigger denial-of-service (DoS) conditions, expose sensitive information, and compromise system integrity.
These vulnerabilities, disclosed under several CVE identifiers, impact various versions of the software and related components.
Key Vulnerabilities Identified
1. CVE-2024-7254: This vulnerability arises from improper input validation in parsing untrusted Protocol Buffers data. Attackers can exploit this flaw by sending deeply nested groups or SGROUP tags, causing a stack overflow and resulting in a DoS condition. It carries a high CVSS score of 7.5, indicating significant risk.
2. CVE-2024-47554: A flaw in Apache Commons IO’s `XmlStreamReader` class could lead to uncontrolled resource consumption. Specially crafted inputs can overwhelm the system, causing DoS. This vulnerability has a CVSS score of 5.3.
3. CVE-2024-52367: IBM Concert Software may inadvertently disclose sensitive system information to unauthorized actors, potentially enabling further attacks. This issue is rated at a moderate severity with a CVSS score of 5.3.
4. CVE-2024-52891: Improper log neutralization in IBM Concert Software allows authenticated users to inject malicious information or extract sensitive data from logs, posing risks of data breaches and further exploitation.
5. CVE-2024-52366: The absence of HTTP Strict Transport Security (HSTS) in IBM Concert Software could enable man-in-the-middle attacks, exposing sensitive information such as authentication credentials. This vulnerability has a CVSS score of 5.9.
6. CVE-2024-52893: Detailed technical error messages displayed in browsers could reveal sensitive system information to attackers, which can be leveraged for subsequent attacks.
ANY.RUN Threat Intelligence Lookup - Extract Millions of IOC's for Interactive Malware Analysis: Try for Free
Broader Implications
Several other vulnerabilities affecting related components highlight the systemic risks:
– Golang Go vulnerabilities (CVE-2024-34155, CVE-2024-34156, CVE-2024-34158): Stack exhaustion issues in parsing functions can lead to DoS conditions with a high CVSS score of 7.5.
– Python CPython (CVE-2024-6232): A ReDoS flaw in TarFile header parsing allows attackers to exploit excessive backtracking in regular expressions, causing DoS.
The vulnerabilities impact IBM Concert Software versions 1.0.0 through 1.0.3. Users are advised to update their systems promptly and apply patches as they become available.
Mitigation And Recommendations
IBM recommends users implement robust input validation mechanisms, enable HSTS configurations, and sanitize log files to mitigate potential exploits.
Organizations should also monitor for unusual activity that may indicate exploitation attempts.
These vulnerabilities underscore the importance of proactive security measures and timely updates to safeguard against evolving threats targeting enterprise software systems.
Find this News Interesting! Follow us on Google News, LinkedIn, and X to Get Instant Updates!
The post IBM Concert Software Vulnerabilities Let Attackers steal Sensitive Data appeared first on Cyber Security News.