Nov 01 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter that’s your very own Iron Dome against the modern plague of cybercrime 🛡️⚔️
Today’s hottest cybersecurity news stories:
📱 Meta caves to EU privacy laws, launches paid ad-free subscription 👏
🍁 Canada forbids WeChat, Kaspersky apps for government employees 🚫
👨💻 Hacktivists from Hamas (Hamastivists?) target Israel w/ ‘Wiper’ malware 👾
Meta, the parent company of Facebook and Instagram, has just unveiled an awesome solution to comply with Europe's strict data protection laws. Starting in November, users in the European Union (EU), European Economic Area (EEA), and Switzerland can choose an ad-free experience for their favourite social media platforms.
💶 The Deal:
For €9.99/month on the web or €12.99/month on iOS and Android, you can enjoy Facebook and Instagram without those pesky ads. That's right, no more ads disrupting your scrolling!
🔒 Your Data Is Safe:
When you subscribe, Meta promises not to use your information for ads, ensuring your privacy and security.
📅 Extra Charges?
Starting March 1, 2024, there will be an extra fee of €6/month on the web and €8/month on iOS or Android for each additional account in your Account Center.
🤝 Why the Change?
Meta faced a hefty €390 million fine for privacy breaches earlier this year. They're adapting to the General Data Protection Regulation by giving users a choice to deny targeted ads.
🚸 Protecting the Young:
Meta is also taking a step to protect users under 18 by temporarily pausing ads in areas with ad-free subscriptions starting November 6, 2023.
Meta's new subscription model is all about giving you choices, keeping regulators happy, and respecting your privacy. It's a win-win! 🥳🎉
It's no secret that security compliance is needed to build customer trust and move upmarket. It's also no secret that achieving it can be tedious, time-consuming, and expensive.
Vanta helps businesses get — and stay — compliant by automating up to 90% of the work for SOC 2, ISO 27001, HIPAA, and more. And with 200+ integrations, you can easily monitor and secure the tools your business relies on.
Join the 6,000+ fast-growing companies using Vanta to manage risk and prove security in real time. Watch the on-demand demo to learn more.
Canada takes a big step in safeguarding its government information and networks! 🛡️ On Monday, the Canadian government announced a ban on apps from Tencent and Kaspersky on government mobile devices, citing significant privacy and security risks. 👮♂️🔒
🛡️ Our home and native land!
"The Government of Canada is committed to keeping government information and networks secure," they declared. 👍
Starting from October 30, 2023, Tencent's WeChat and Kaspersky's suite of applications have been removed from government-issued mobile devices. 📅 Users won't be able to download these apps any longer. 🚷
Anita Anand, President of the Treasury Board, explained, "We are taking a risk-based approach to cybersecurity by removing access to these applications on government mobile devices," highlighting the apps' access to device content. 📲🔍
👀 Know your enemy:
WeChat, the Chinese super-app with over 1 billion users, and Kaspersky, the Russian cybersecurity vendor, are both affected. Kaspersky claims this decision is politically motivated.
Canada's move follows a similar ban on TikTok earlier this year and aligns with the U.S. Federal Communications Commission's concerns about Kaspersky. 🇺🇸
Stay tuned for more updates on cybersecurity and government actions! 🌐🔐
🃏 The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can't get fooled again.” Good ol’ George Dubya 😂 Let us tell who’s not fooling around though; that’s the Crüe 👀 at Motley Fool. You’d be a fool (alright, enough already! 🙈) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! 🐛 Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets 🤑 (LINK)
🚵 Wander: Find your happy place. Cue Happy Gilmore flashback 🏌️⛳🌈🕊️ Mmmm Happy Place… 😇 So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway 🏞️😍 (LINK)
🌊 Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ⚾👻🍿 (Great movie, to be fair 🙈). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty 😑). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho 😉 And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! 🌿 (LINK)
A new Linux-based wiper malware, known as BiBi-Linux Wiper, has emerged, and it's causing a stir in the cyber world. This malware is being used by a pro-Hamas hacktivist group targeting Israeli entities during the ongoing Israeli-Hamas conflict. 😱
🔒 Malware Details 🔒
🖥️ BiBi-Linux Wiper is an x64 ELF executable with no obfuscation or protective measures. It's a destructive force that can wipe out entire operating systems when run with root permissions. 😵
🚀 Special Features:
🌀 It uses multithreading to corrupt files rapidly.
🔄 It overwrites files and renames them with a distinct "BiBi" extension.
🚫 Certain file types can be excluded from corruption.
💡 Significance of "BiBi":
While it might seem random, "BiBi" holds political meaning in the Middle East, as it's a common nickname for the Israeli Prime Minister, Benjamin Netanyahu. 🇮🇱
🤖 Technical Details:
📏 This malware is coded in C/C++ and has a file size of 1.2 MB.
📁 It allows attackers to specify target folders, with the root directory as the default if not specified. Root permissions are needed for this level of action.
🔐 High-Profile Targets:
Pre-selected Palestinian and Israeli figures, plus groups from critical sectors like defence, government, law enforcement, and political organisations.
👿 Sneaky Tactics:
Attackers use social engineering and phishing to infiltrate and deploy custom malware. Their tools include Micropsia, PyMicropsia, Arid Gopher, BarbWire, and a new Rusty Viper backdoor.
🕵️♂️ Spying Capabilities:
Arid Viper's toolkit allows them to record audio, detect flash drives, steal browser credentials, and more, keeping victims under surveillance.
Stay vigilant and protect your systems! 🛡️ Especially if you happen to find yourself in a position of authority within the Israeli government, eh? ‘Till next time folks ✌️
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Libby Copa: The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.
Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!