Jan 29 2024
Welcome to Gone Phishing, your daily cybersecurity newsletter that’s sees Rishi Sunak has taken a leaf out of the scammer’s playbook by targeting #Over50s 👀🙈💀 For votes, not bank account details, mind 😂 #okboomer
Today’s hottest cybersecurity news stories:
🚗 Mercedes-Benz gaffe leads to exposed source code 👨💻
🐻 Russian hackers infiltrate Microsoft to see what they know 👀
👨⚖️ Canterbury, Dover, and Thanet councils suffer cyber-attacks ⚡
In an unexpected pit stop, Mercedes-Benz accidentally laid bare its internal data when a private key was mistakenly published online, granting “unrestricted access” to the company’s source code. 🤦♂️ The screw up was discovered by cybersecurity firm RedHunt Labs during a routine scan, revealing an employee’s GitHub authentication token on a public repository.
🕵️♂️ Shubham Mittal, RedHunt Labs’ CTO, uncovered that the token could give anyone full access to Mercedes’s GitHub Enterprise Server, opening the floodgates to sensitive information like connection strings, cloud access keys, blueprints, and design documents.
🛑 After being tipped off by RedHunt Labs, a news outlet informed Mercedes, prompting the car giant to slam the brakes on the security lapse. 🚨 Mercedes spokesperson, Katja Liesenfeld, confirmed the mishap, stating, “We can confirm that internal source code was published on a public GitHub repository by human error.”
🔐 The exposed repositories contained Microsoft Azure and AWS keys, a Postgres database, and Mercedes source code. The extent of the damage remains unclear, with Mercedes yet to confirm if any customer data was compromised. 🤔
🛠️ Mercedes took swift action, revoking the API token and removing the public repository. As the investigation unfolds, the company emphasises its commitment to security.
Stay tuned for updates as Mercedes navigates through this unexpected cybersecurity detour! 🌐🔍
Signup for Free
Learn AI in 5 minutes a day. We’ll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.
In a recent revelation, Microsoft disclosed a cyber intrusion by the hacking group known as Midnight Blizzard or APT29, believed to be linked to the Russian government. The attackers targeted corporate email accounts, including those of the company’s senior leadership, cybersecurity, legal, and other functions.
🕵️♂️ The twist? Unlike typical cyber attacks aiming for customer data or corporate secrets, Midnight Blizzard had a unique objective: to uncover what Microsoft knows about them. 🤔 In an unusual move, they sought information related to their own group.
🚨 Microsoft’s investigation revealed that the hackers employed a “password spray attack,” 🧯 essentially brute-forcing a legacy account, and then utilised its permissions to access a limited number of corporate email accounts. The exact number of breached accounts and the information accessed remains undisclosed.
💡 Microsoft seized the opportunity to emphasise its commitment to cybersecurity, acknowledging the incident’s urgency and pledging to enhance security measures. The company plans to implement its current security standards on legacy systems, even if it disrupts existing processes, signalling a proactive approach to safeguarding against future threats.
🌐 As the cybersecurity landscape evolves, Microsoft’s encounter with APT29 serves as a reminder of the continuous need for vigilance and rapid adaptation in the face of sophisticated cyber threats. Stay tuned for updates as Microsoft fortifies its defences in response to this wake-up call. 🔒🌐
🃏 The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can’t get fooled again.” Good ol’ George Dubya 😂 Let us tell who’s not fooling around though; that’s the Crüe 👀 at Motley Fool. You’d be a fool (alright, enough already! 🙈) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! 🐛 Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets 🤑 (LINK)
🚵 Wander: Find your happy place. Cue Happy Gilmore flashback 🏌️⛳🌈🕊️ Mmmm Happy Place… 😇 So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway 🏞️😍 (LINK)
🌊 Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ⚾👻🍿 (Great movie, to be fair 🙈). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty 😑). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho 😉 And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! 🌿 (LINK)
In a week-long saga, three local councils in Kent, UK — Canterbury, Dover, and Thanet — are navigating the aftermath of a cyberattack that crippled some of their online services. The incident, initially shrouded in mystery, prompted a joint investigation by the councils, impacting council tax payments and online forms.
🤔 Questions linger about the extent of the breach and whether personal data was compromised. While Canterbury City Council suggests no customer data was accessed, the Information Commissioner’s Office (ICO) confirmed receiving breach reports and is launching inquiries.
🔗 The ongoing disruption is linked to East Kent Services (EKS), utilised by all three councils for IT and HR services. EKS, outsourced to Civica in 2018, has faced a prolonged outage, impacting payment systems and services. TechCrunch’s investigation points to a potential connection with the exploitation of zero-day vulnerabilities in Ivanti’s VPN appliance, affecting EKS’ Pulse Secure VPN server.
💼 Civica, responsible for revenues, benefits, debt recovery, and customer services, says its systems remain unaffected. The incident highlights the vulnerability of critical local services and the ripple effects on nearly 500,000 residents.
🚧 As investigations continue, Canterbury and Dover councils grapple with persistent disruptions, while Thanet restricts access to online systems as a precautionary measure. The councils are working diligently to restore services, emphasising the complexity and challenges posed by cyber incidents on essential local infrastructure.
🌐 Stay tuned for updates as the councils, ICO, and EKS navigate the aftermath of this cybersecurity challenge, highlighting the importance of robust defences in safeguarding vital public services. 🔒💻
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Wealthy Primate: Want to earn over $100k a year in IT or cybersecurity? 20 year veteran ‘Wealthy Primate’ might be able to help you climb that tree 🐒🌴 with his stick and banana approach 🍌😏
Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!