Google's Credential Manager is here to make signing in to apps a breeze

#CoSoSec #Android

The rollout is a wake-up call for Android apps to support passwordless login with passkeys.

https://developers.googleblog.com/2023/10/simple-and-secure-sign-in-on-android-with-credential-manager-passkeys.html

There has been a massive amount of discussions going on on some of the CCleaner and Windows forums recently about a recent security breach that the company informed users about. A vulnerability was exploited by the hackers in the widely used MOVEit file transfer tool, which is used by thousands of organizations, including CCleaner, as a means to move large sets of sensitive data over the internet to obtain more information.

#CoSoSec

New findings have shed light on what's said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany.

#CoSoSec

Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service

https://notes.valdikss.org.ru/jabber.ru-mitm/

#Browsers #CoSoSec

the solarwinds hack is considered the largest cyberattack the world has ever seen

#CoSoSec #CyberSecurity

behind the scenes uncovering specific details about solarwinds - documentary

https://youtu.be/GWztIi4m7_0

Potential security concerns

Google explains there are some #Cybersecurity concerns related to the new IP Protection feature.

As the traffic will be proxied through Google's servers, it may make it difficult for security and fraud protection services to block DDoS attacks or detect invalid traffic.

Furthermore, if one of Google's proxy servers is compromised, the threat actor can see and manipulate the traffic going through it.

#CoSoSec

The ICC provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes.

The intergovernmental organization disclosed the breach on September 19, a few days after detecting anomalous activity on its information systems.

In a statement on Friday, the ICC shared new details about the action it took following the cyberattack and some initial results from the forensic analysis of the incident.

#CoSoSec

https://www.bleepingcomputer.com/news/security/international-criminal-court-systems-breached-for-cyber-espionage/

#CyberSecurityAwarenessMonth

Don't be left in the dark when it comes to cybersecurity acronyms

#CoSoSec

Signal messenger has investigated rumors spreading online over the weekend of a zero-day security vulnerability related to the 'Generate Link Previews' feature, stating that there is no evidence this vulnerability is real.

#CoSoSec

https://www.bleepingcomputer.com/news/security/signal-says-there-is-no-evidence-rumored-zero-day-bug-is-real/

#CoSoSec

The latest test results on

https://PrivacyTests.org/nightly.html

confirm that Firefox Nightly and Safari Technology Preview have now fixed their longstanding cross-site Blob leaks. That means we're no longer observing any leaks of tracking data between websites in either of those browsers

When these fixes reach Desktop Release, Firefox and Safari will joining Brave, Tor Browser and Mullvad in have a clean bill of health in the State Partitioning category

More than 17,000 WordPress websites have been compromised in the month of September 2023 with a malware known as Balada Injector, nearly twice the number of detections in August.

#CoSoSec

https://thehackernews.com/2023/10/over-17000-wordpress-sites-compromised.html

Specops Password Policy gives IT administrators the ability to enforce stronger password policies in Active Directory environments and mitigate the risk of reused and compromised passwords.

Specops Password policy with Breached Password Protection allows you to block over 4 billion unique known and compromised passwords

#CoSoSec

Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords

https://thehackernews.com/2023/10/take-offensive-approach-to-password.html

I’d like to call out a certain behaviour some self-described OSINTers are doing that doesn't help the situation; posting videos, images, and claims without sharing the original sources.

#OSINT #CoSoSec

thread by Eliot Higgins(bellingcat):

https://twitter.com/EliotHiggins/status/1712008120342389212

CVE-2023-4863 was due on October 4, 2023 and CVE-2023-4211 has to be patched by October 24, 2023.

#CoSoSec

The Cybersecurity & Infrastructure Security Agency (CISA) has already added these two actively exploited vulnerabilities to its catalog of known to be exploited vulnerabilities

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Sidenote: Experts tell us that relying on Google Chrome (or any browser) to manage your online passwords is a seriously bad idea.

#CoSoSec

Here's why.

https://www.pcmag.com/opinions/warning-dont-let-google-manage-your-passwords

A Chrome flag that asks for biometric authentication when you choose to enter a password from Chrome Password Manager(if you use Chrome PW manger I'd recommend enabling this)

This will add an extra layer of security to the Chrome browser tool

Keep in mind, this flag is only available on Android phones

Input > chrome://flags/#biometric-reauth-password-filling < enable

#TipsAndTricks #Android #CoSoSec

At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data

The genetic testing company 23andMe confirmed on Friday that data from a subset of its users has been compromised

#CoSoSec

https://www.wired.com/story/23andme-credential-stuffing-data-stolen/

Entries for technologists Mark Zuckerberg, Elon Musk, and Sergey Brin are all visible in the sample data

Lyca Mobile is currently investigating the attack and working to determine the full extent of the damage.

The attack affected all Lyca Mobile markets over the weekend except for the United States, Australia, Ukraine, and Tunisia.

#CoSoSec

https://www.hackread.com/lyca-mobile-cyber-attack-investigate-ransomware/

The cyberattack on Lyca Mobile came just days after Motel One revealed it was a victim of a ransomware attack

https://www.hackread.com/motel-one-groups-thwarts-ransomware-attack/

A new Linux vulnerability known as 'Looney Tunables' enables local attackers to gain root privileges by exploiting a buffer overflow weakness in the GNU C Library's ld.so dynamic loader.

#Linux #CoSoSec

the vulnerability has existed since its introduction in April 2021, putting a significant number of systems at risk

https://access.redhat.com/security/cve/cve-2023-4911

The Government plans to create a massive facial recognition database out of your PASSPORT PHOTOS

It means that over 45 million of us with passports who gave our images for travel purposes will, without any kind of consent or the ability to object, be part of secret police lineups.

#CoSoSec #BigBrotherWatch #FacialRecognition

“Philp’s plan to subvert Brits’ passport photos into a giant police database is Orwellian and a gross violation of British privacy principles

https://bigbrotherwatch.org.uk/2023/10/passport-photo-facial-recognition-database/