Cyber Round-up
News

Cyber Round-up for 7th April

April 6, 2023

Cyber Round-up for 7th April

Welcome to Ironshare’s Cyber Round-up, where we look back at the events of that last week to cover some of the news, posts, views, and highlights from the world of Security.

In this week’s round-up:

Security News

The White House Reveals 2023 National Cybersecurity Strategy

Last month, the Biden-Harris Administration announced their new Nation Cybersecurity Strategy, with aims to

“Secure the full benefits of a safe and secure digital ecosystem for all Americans.”

This strategy is built around five key pillars, structured to:

• Defend Critical Infrastructure

• Disrupt and Dismantle Threat Actors

• Shape Market Forces to Drive Security and Resilience

• Invest in a Resilient Future

• Forge International Partnerships to Pursue Shared Goals

It is great to see the US Government pushing for a stronger cybersecurity culture, and we hope this has a positive impact that generates awareness for everyone.

The full strategy can be found here.

By whitehouse.gov

Google Enforcing In-App Account Deletion for All Android Apps

With data security concerns coming into the public spotlight recently, Google are trying to ease the minds of Android users with a new data deletion policy. Their recent announcement stated:

“For apps that enable app account creation, developers will soon need to provide an option to initiate account and data deletion from within the app and online.”.

This follows a similar policy rolled out to iOS devices back in June 2022; this is a big step forward for data privacy on Android devices and will allow users to have more control over the data they share.

By thehackernews.com

Typhon Reborn V2 – Info-Stealing Malware Updates its Capabilities

The Typhon developers have announced a new variant of their info-stealing malware, that has enhanced evasion and anti-virtualisation properties. This new variant has been advertised as Typhon Reborn V2, and has “more comprehensive mechanisms” than the original Typhon malware, which consisted of a clipper, a keylogger, and a crypto-miner. Cybersecurity Intelligence teams, like Cisco Talos, are aware of these advances, and are already looking to actively combat the new variant.

More details on the capabilities of Typhon Reborn V2 can be found here.

By bleepingcomputer.com

FBI Arrest 120 Cybercriminals in Genesis Market Takedown

The Genesis Market is a major cybercrime website that emerged in 2018, offering criminals stolen device fingerprints captured by information-stealers. This allows attackers to access sensitive systems and services, while the request appears to come from the legitimate user’s device. The marketplace supposedly “held data on account holders from almost all major websites”.

This week, the FBI seized the Genesis Market website, arresting 120 associated criminals in the process. Those who visit the site will now be met with a notice, stating that the website has been seized. All visitors have also been urged contact the FBI with any details on the whereabouts of the site operators, as some of the individuals involved have not yet been caught.

By securityweek.com

Italy Bans ChatGPT Following Recent Privacy Concerns

ChatGPT has been under the spotlight recently, and not entirely for good reasons. Many are concerned about the privacy of the new OpenAI model, following an evaluation of its compliance with GDPR; as a result of these concerns, Italy have decided to ban ChatGPT indefinitely. This makes them the first western country to ban ChatGPT, with only China, Russia, Iran, and North Korea making the platform unavailable beforehand.

This ban seems justified from the Italian government since their investigations found the platform to be “not sufficiently regulated”. Despite the ban, OpenAI are eager to make the model available in Italy again soon.

By bbc.co.uk

Vulnerabilities & Updates

16 Security Vulnerabilities Patched in Chrome 112

This week, Google announced Chrome 112; this latest version contains fixes for 16 total vulnerabilities, two of which are considered high severity. The first of these is a heap buffer overflow affecting Visuals. Exploitation of this flaw could allow a “compromised renderer to register multiple things with the same FrameSinkId, violating ownership assumptions”.

The second is a use-after-free vulnerability in Frames, that could potentially lead to the execution of arbitrary code on the affected machine.

As always, we advise updating Google Chrome as soon as possible, to ensure you are protected against these high severity vulnerabilities.

By securityweek.com

And that’s it for this week’s round-up, please do check in next week for our new batch of security news and posts.

Stay Safe, Secure and Healthy!

Edition #231 – 7th April 2023

Author

Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.

Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.

Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.

SUBSCRIBE

Ironshare is a provider of Information and Cyber Security services.

we went with; wizard pi