How safe is your data from the government?

Jul 25 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that treats cybercriminals like Disney treats its classics when it reboots them #LittleMermaid #SnowWhite Go woke, go broke ๐Ÿ‘€๐Ÿ˜‚๐Ÿ˜‚ Just kidding ๐Ÿ˜‰

Todayโ€™s hottest cyber security stories:

  • โ€๐ŸŽApple threatens to cancel iMessage, FaceTime for UK customers. Blame Big Brother ๐Ÿ˜’

  • ๐Ÿฆ Banking sector hit with โ€˜open-sourceโ€™ software supply chain attacks โ›“๏ธ

  • ๐Ÿค– Googleโ€™s VirusTotal is sorry for leak that exposed customer data. Ok, Computer ๐Ÿ™„

Apple: Nobody spies on our customers. Except us

๐Ÿ Apple Takes Stand Against U.K. Surveillance Bill ๐Ÿšซ๐Ÿ‘๏ธ

Apple has issued a strong warning to the U.K. government, stating that it would rather withdraw its iMessage and FaceTime services from the country than compromise user privacy. The government is pushing for new laws that would grant state intelligence agencies expanded digital surveillance powers, affecting encryption protections.

Under the proposed Online Safety Bill, tech companies must install tools to scan encrypted messaging apps for child sex exploitation and terrorism content. The Home Office would have control over messaging service security features, with the power to disable them without public disclosure.

Though not explicitly targeting end-to-end encryption, these measures would effectively undermine its purpose, as all messages would need scanning, raising concerns about bulk interception and surveillance.

Apple argues that such provisions pose a significant threat to data security and user privacy. The company joins a growing chorus of messaging apps, including WhatsApp and Signal, urging the U.K. government to prioritise user privacy and security.

๐Ÿ“ฃ What Apple says:

"The Bill provides no explicit protection for encryption, and if implemented as written, could compromise the privacy of all users," warned messaging apps in an open letter to the U.K. government.

As the debate continues, tech giants and privacy advocates emphasise the need to strike a balance between security measures and protecting individual rights. Stay tuned for updates on this unfolding situation! ๐Ÿ•ต๏ธโ€โ™‚๏ธ๐Ÿ”’

We err on the side of John Lydon when it comes to government control: (cyber-)Anarchy in the UK! Lol, within reasonโ€ฆ

I came across ZZZ money club during the crypto market bull run when everyoneโ€™s a winner, even during the bear market this discord group has been amazing at giving information on projects and ways to make passive income in various ways.

The group is very active and everyone in this private discord group is very chatty and helpful.

Its run by Yourfriendandy and Decadeinvestor, you can find them here on YouTube, both top guys with great content.

If you are interested in joining the group you can through the link below.

Hmm we werenโ€™t banking on this ๐Ÿค”

๐Ÿ›ก๏ธ First-Ever Open-Source Supply Chain Attack on Banks Uncovered ๐Ÿฆ๐Ÿšจ

Cybersecurity researchers have revealed a groundbreaking discovery: the initial open-source software supply chain attacks aimed directly at the banking sector.

In a recent report by Checkmarx, the attackers displayed sophisticated techniques, targeting specific web assets of the victim banks and attaching malicious functionalities to them.

To add credibility, the threat actors went as far as creating a fake LinkedIn profile. Each target also had its customised command-and-control (C2) centre, using legitimate services for their illicit activities.

The npm packages used in the attack were promptly taken down, although their names were not disclosed. In one attack, the malware author pretended to be an employee of the target bank and uploaded packages to the npm registry, complete with a preinstall script to activate the infection.

The script then checked the host operating system, and if it was Windows, Linux, or macOS, it proceeded to download a second-stage malware from an Azure subdomain incorporating the bank's name, effectively bypassing traditional deny list methods.

The second-stage payload utilised Havoc, an open-source C2 framework gaining popularity among malicious actors due to its stealthy nature.

The banking sector faces new challenges in securing their supply chains against such advanced and deceptive attacks.

Stay vigilant as experts continue to monitor and counter these evolving threats. ๐Ÿ•ต๏ธโ€โ™€๏ธ๐Ÿ’ป๐Ÿ”

๐Ÿ—ž๏ธ Extra, Extra! Read all about itย ๐Ÿ—ž๏ธ

Each fortnite, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • ๐Ÿ’ธย The MoneyFitt Morning: A daily heads-up on what's important in investing & business. Loved by investors of all levels.

  • ๐Ÿ“ˆย Trends.vc: Discover new markets and ideas. Join 55,248 founders using this free newsletter to stay ahead.

  • ๐Ÿ˜ˆย The API Hacker Inner Circle: Join a community of developers, testers, and hackers who are upskilling their API hacking tradecraft

    Let us know what you think!

VirusTotally screwed the pooch! ๐Ÿ˜ฌ

๐Ÿ” VirusTotal Apologises for Data Exposure to Defense Agencies ๐Ÿ“ง๐Ÿ’ผ

Google's malware scanning platform, VirusTotal, issued an apology after inadvertently exposing names and email addresses of hundreds of personnel from global defence and intelligence agencies. The incident occurred on June 29 when an employee accidentally uploaded a CSV file to the platform.

The file contained limited information of their Premium account customers, including company names, associated VirusTotal group names, and group administrators' email addresses.

VirusTotal swiftly removed the file within an hour of discovery, and they confirmed that it was accessible only to partners and corporate clients.

VirusTotal clarified that the exposure was not due to a cyberattack or vulnerability but was caused by human error. To bolster security, they have implemented new internal processes and technical controls to safeguard customer data.

The list of 5,600 customers revealed personnel from sensitive government departments, including U.S. Cyber Command, the National Security Agency, the Pentagon, the FBI, and various U.S. military branches. Some military personnel were found using personal email providers for threat intelligence work.

In the UK, the list included Ministry of Defence personnel and staff at the National Cyber Security Centre, among others.

While authorities generally described the incident as low-risk, VirusTotal's actions demonstrate their commitment to enhancing data protection measures. ๐Ÿ›ก๏ธ๐Ÿ‘ฉโ€๐Ÿ’ป๐ŸŒ

Allโ€™s well that ends okay ๐ŸŽถ

So long and thanks for reading all the phish!

Recent articles