Door Dash was hacked, Facebook was ready to face the music and Sephora agreed to pay a $1.2 million fine.
Welcome to Cybersecurity today. It’s Monday, August 29, 2022. I’m Howard Solomon, contributing cybersecurity reporter for ITWorldCanada.com.
Text-based phishing campaign against Twilio and CrowdStrike users that I told you about last week continues to have a broader impact. Food delivery service Door Dash has admitted personal information it says is a handful of its users was recently stolen. How did it happen? According to TechCrunch, hackers broke into Door Dash’s IT systems after stealing the usernames and passwords of Twilio employees. Those credentials are then used to access some of Door Dash’s internal tools. Twilio and CrowdStrike employees are receiving text messages with links to fake websites that mimic their companies’ login authentication pages. If they click on the links and log in, the hacker gets their username and password. The names, email addresses, shipping addresses and phone numbers of several Door Dash users were stolen. In addition, the hackers obtained the last four digits of the payment cards of some unnamed people,
The last chapter of the Facebook-Cambridge Analytica scandal may be coming to an end. According to the AP news agency, Facebook’s parent company, Meta Platforms, has reached a tentative settlement in a privacy lawsuit brought by US and UK Facebook users. Terms of the agreement have not been disclosed in court documents. However, a San Francisco court was asked to allow a 60-minute delay in the case while lawyers finalize the settlement.
The four-year lawsuit alleges that the personal information of Facebook users was disclosed to third parties, including Cambridge Analytica, without their consent. The now-defunct consulting firm has data on 87 million Facebook users, collected when about 300,000 users answered questions about their digital lives in an app. Unbeknownst to that group of people, the app also collects data about their Facebook friends. The data has been used in several political campaigns in the US and UK, creating an uproar in those countries and in Canada. In 2019, Facebook agreed to pay $100 million to settle allegations by the US Securities and Exchange Commission that it knew for two years Facebook data had been misused by Cambridge Analytica and not disclosed. users or the public know.
Meanwhile, California says cosmetics retailer Sephora has agreed to pay $1.2 million to settle allegations the company violated the Consumer Privacy Act by not telling consumers that they are selling their personal information to third parties. Sephora allows third parties such as marketing companies to install cookies on their websites and in applications to track customer actions. According to NBC News, Sephora said it was not an act of “selling” objectionable data. The company says it’s common to allow cookies to be set to provide consumers with more personalized advertising and shopping.
One of the most popular commercial tools used by threat actors known as Cobalt Strike. Actual or illegitimate versions of the tool are used by threat actors to maintain access to their command and control servers. But IT defenses are increasingly looking for signs of unwanted Cobalt Strike Beacons on their networks. So threat actors are turning to a new tool called Sliver. In a column last week, Microsoft pointed out that Sliver is either being used as a replacement for or in conjunction with Cobalt Strike. Cybersecurity teams should scan their networks for signs of Sliver including unique HTTP headers, JARM hashes, and proof of process inclusion. They should also enable Windows network protection, email filtering to block messages with malware that could lead to downloads of Sliver and CrowdStrike, and ensure employees use multi-factor authentication to protect from stolen logins
There is a link to the detailed Microsoft report here.
Atlassian found a critical vulnerability in the on-premises versions of Bitbucket Server and its Datacenter. It is a Git-based code storage and collaboration tool used by developers using Atlassian’s Jira and Trello applications. All on-premises instances running any version from 7 to 8.3.0 must be patched.
Final, Experienced privacy-minded individuals worried about email trackers hiding in the links and images in emails they receive, or who want to hide their email addresses, may consider a service. service from the people behind the DuckDuckGo browser. The organization has been testing the Email Protection service for a while. It’s a free email forwarding service that eliminates some hidden email trackers. Now that beta test is open to everyone. You can use Email Protection with your current email service provider. The service also allows users to create their own Duck Address when you enter an email address in a form to sign up for newsletters and the like. Remember, it is still a beta service.
It is done. Remember the links to detailed information on the podcast stories are in the text version at ITWorldCanada.com.
Subscribe to Cyber Security Today on Apple Podcasts, Google Podcasts, or add us to Flash Summary on your smart speaker.