Nov 01 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter thatโs your very own Iron Dome against the modern plague of cybercrime ๐ก๏ธโ๏ธ
Todayโs hottest cybersecurity news stories:
๐ฑ Meta caves to EU privacy laws, launches paid ad-free subscription ๐
๐ Canada forbids WeChat, Kaspersky apps for government employees ๐ซ
๐จโ๐ป Hacktivists from Hamas (Hamastivists?) target Israel w/ โWiperโ malware ๐พ
Meta, the parent company of Facebook and Instagram, has just unveiled an awesome solution to comply with Europe's strict data protection laws. Starting in November, users in the European Union (EU), European Economic Area (EEA), and Switzerland can choose an ad-free experience for their favourite social media platforms.
๐ถ The Deal:
For โฌ9.99/month on the web or โฌ12.99/month on iOS and Android, you can enjoy Facebook and Instagram without those pesky ads. That's right, no more ads disrupting your scrolling!
๐ Your Data Is Safe:
When you subscribe, Meta promises not to use your information for ads, ensuring your privacy and security.
๐ Extra Charges?
Starting March 1, 2024, there will be an extra fee of โฌ6/month on the web and โฌ8/month on iOS or Android for each additional account in your Account Center.
๐ค Why the Change?
Meta faced a hefty โฌ390 million fine for privacy breaches earlier this year. They're adapting to the General Data Protection Regulation by giving users a choice to deny targeted ads.
๐ธ Protecting the Young:
Meta is also taking a step to protect users under 18 by temporarily pausing ads in areas with ad-free subscriptions starting November 6, 2023.
Meta's new subscription model is all about giving you choices, keeping regulators happy, and respecting your privacy. It's a win-win! ๐ฅณ๐
A robust vendor management program isnโt just required by compliance frameworks like SOC 2 and ISO 27001. Itโs also a critical part of a holistic trust management strategy.
Implementing a vendor management program, however, has become more complex and challenging with the proliferation of SaaS tools and shadow IT. And many overstretched security teams are being asked to do more with less.
To stay compliant and secure โ and deepen trust with customers and partners โ security teams need a way to proactively manage vendor risk.
This guide from Vanta, the leading trust management platform, brings together perspectives from the frontlines of vendor security management. Get insights and best practices from security and compliance leaders.ย
Canada takes a big step in safeguarding its government information and networks! ๐ก๏ธ On Monday, the Canadian government announced a ban on apps from Tencent and Kaspersky on government mobile devices, citing significant privacy and security risks. ๐ฎโโ๏ธ๐
๐ก๏ธ Our home and native land!
"The Government of Canada is committed to keeping government information and networks secure," they declared. ๐
Starting from October 30, 2023, Tencent's WeChat and Kaspersky's suite of applications have been removed from government-issued mobile devices. ๐ Users won't be able to download these apps any longer. ๐ท
Anita Anand, President of the Treasury Board, explained, "We are taking a risk-based approach to cybersecurity by removing access to these applications on government mobile devices," highlighting the apps' access to device content. ๐ฒ๐
๐ Know your enemy:
WeChat, the Chinese super-app with over 1 billion users, and Kaspersky, the Russian cybersecurity vendor, are both affected. Kaspersky claims this decision is politically motivated.
Canada's move follows a similar ban on TikTok earlier this year and aligns with the U.S. Federal Communications Commission's concerns about Kaspersky. ๐บ๐ธ
Stay tuned for more updates on cybersecurity and government actions! ๐๐
๐ย The Motley Fool: โFool me once, shame on โ shame on you. Fool me โ you can't get fooled again.โ Good olโ George Dubya ๐ Let us tell whoโs not fooling around though; thatโs the Crรผe ๐ at Motley Fool. Youโd be a fool (alright, enough already! ๐) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ๐ Kidding aside, if you check out their website theyโve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ๐คย (LINK)
๐ตย Wander: Find your happy place. Cue Happy Gilmore flashback ๐๏ธโณ๐๐๏ธ Mmmm Happy Placeโฆ ๐ So, weโve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, itโs easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ๐๏ธ๐ย (LINK)
๐ย Digital Ocean: If you build it they will come. Nope, weโre not talking about a baseball field for ghosts โพ๐ป๐ฟ (Great movie, to be fair ๐). This is the Digital Ocean whoโve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website youโll find yourself catching the buzz even if you canโt code (guilty ๐). But if you can and youโre looking for somewhere to test things out or launch something new or simply enhance what youโve got, weโd recommend checking out their services foโ sho ๐ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ๐ฟย (LINK)
A new Linux-based wiper malware, known as BiBi-Linux Wiper, has emerged, and it's causing a stir in the cyber world. This malware is being used by a pro-Hamas hacktivist group targeting Israeli entities during the ongoing Israeli-Hamas conflict. ๐ฑ
๐ Malware Details ๐
๐ฅ๏ธ BiBi-Linux Wiper is an x64 ELF executable with no obfuscation or protective measures. It's a destructive force that can wipe out entire operating systems when run with root permissions. ๐ต
๐ Special Features:
๐ It uses multithreading to corrupt files rapidly.
๐ It overwrites files and renames them with a distinct "BiBi" extension.
๐ซ Certain file types can be excluded from corruption.
๐ก Significance of "BiBi":
While it might seem random, "BiBi" holds political meaning in the Middle East, as it's a common nickname for the Israeli Prime Minister, Benjamin Netanyahu. ๐ฎ๐ฑ
๐ค Technical Details:
๐ This malware is coded in C/C++ and has a file size of 1.2 MB.
๐ It allows attackers to specify target folders, with the root directory as the default if not specified. Root permissions are needed for this level of action.
๐ High-Profile Targets:
Pre-selected Palestinian and Israeli figures, plus groups from critical sectors like defence, government, law enforcement, and political organisations.
๐ฟ Sneaky Tactics:
Attackers use social engineering and phishing to infiltrate and deploy custom malware. Their tools include Micropsia, PyMicropsia, Arid Gopher, BarbWire, and a new Rusty Viper backdoor.
๐ต๏ธโโ๏ธ Spying Capabilities:
Arid Viper's toolkit allows them to record audio, detect flash drives, steal browser credentials, and more, keeping victims under surveillance.
Stay vigilant and protect your systems! ๐ก๏ธ Especially if you happen to find yourself in a position of authority within the Israeli government, eh? โTill next time folks โ๏ธ
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Libby Copa:ย The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.
Techspresso:ย Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!