Cybersecurity News - Recapping July 2023

July was a busy month for cybersecurity professionals, as the increase in global cyberattacks continues to rage onward, and the cyber threats themselves become more and more sophisticated. In this month's cybersecurity news report from DOT, we’re going to touch on some of the major hacks worldwide, examine the cybersecurity implications of a new malware on the scene, and take a look at how Threads is collecting user data.

If you or your employees travel a lot for business, it’s important to take cybersecurity best practices right along with you, wherever you're headed. Look over DOT Security’s Cybersecurity Checklist for When You’re on the Go to stay secure while traveling.

WordPress Plugins and Shadow Administrators

WordPress is one of the most popular content management systems (CMS) on the market. Business owners, organizational leaders, and entrepreneurs at just about every level or stage of their career use WordPress for their website, blog, and other types of content.

As such a heavily-used CMS, the platform also comes with a huge selection of plug-ins that site administrators can add for various functionality. Recently, a critical security vulnerability was discovered in one of these super popular plug-ins, Ultimate Member. The plug-in itself is used to allow site-visitors to create profiles and user-communities on WordPress sites.

The security vulnerability, when exploited however, allows non-authenticated users to surpass traditional securities and safe-guards and create shadow-administrator accounts. From there, the malicious actor can essentially take complete control over the site and create absolute chaos for the authenticated users and administrators.

“This is a very serious issue: unauthenticated attackers may exploit this vulnerability to create new user accounts with administrative privileges, giving them the power to take complete control of affected sites," WordPress security firm WPScan said in an alert.”

As long as this vulnerability can be exploited by malicious users, everyone that has the Ultimate Member plug-in installed on their WordPress site should disable the plug-in until a proper security patch is available.

The US Patent and Trademark Office Gets Breached

In an alarming notice, the United States Patent and Trademark Office (USPTO) officially acknowledged a serious data leak that was sustained for three full years. From February of 2020, right before the peak of the pandemic, and March 2023, the USPTO leaked 61,000 private addresses of patent applicants.

While patent applicants can request to have their address hidden from public record, this isn’t a well-known offering by the USPTO, which claims that none of the leaked data has been misused.

Additionally, the USPTO reassures the 3% of applicants in that three-year span who were affected by the breach, that a complete fix has been released, and all private information is once again masked. Though, this three-year-long data-leak should emphasize the importance of a well-equipped cybersecurity team that can conduct constant monitoring and more quickly respond to detected cyber threats.

The Faux Windows Update

One of the tricky things about cyberattacks is that they’re typically designed to go unnoticed. In other words, you might not even know you’re under attack until it’s far too late. This is kind of the case with the faux Windows update that is really malware.

Big Head is the newest malicious ransomware that hackers are using to infest company devices and hold sensitive data for ransom.

This specific malware disguises itself a Windows update, encrypts files found on the device, and produces the ransom note. Big Head will also enable a telegram chatbot to facilitate communication with the hacker.

It’s worth noting here, though, that despite the initial urge to pay for file-recovery, in most ransomware events, hackers won’t return 100% of the files, some will be corrupt, and often, you don’t even get the files themselves back. Rather, the hackers provide a decryption tool that allows you to recover some of the files.

Reporting sketchy and unfamiliar emails, and relying on a dedicated cybersecurity team can help you avoid this situation altogether, and give you powerful defenses in the case of a serious attack against your systems.

Threads and User Data

Threads: The newest and hottest social media platform that’s going to sink Twitter once and for all? Or an absolute gold-mine of data for hackers and cybercriminals to specifically target, abuse, and manipulate?

Threads is Meta Platforms Inc.’s new social media platform that has a Twitter 2.0 feel to it. In fact, Threads was designed as a direct competitor to Twitter. However, the developing stand-off between Zuckerberg and Musk is taking a backseat to the conversations around how Threads is collecting user data.

“The specificity and quantity of information the text and multimedia platform can access poses a risk to most users, if it falls into the wrong hands or is used to target them, tech experts agree.”

With how much attention is being put on cybersecurity and the protection of sensitive data in today’s day and age, Threads is catching some heat for its wide-mouth approach to user data collection. Users who want off of Threads after learning this, unfortunately, have to delete their entire Instagram account as well because Threads is embedded within the Instagram app.

As we continue forward into an increasingly digital-world, be sure to pay attention to how companies are collecting and using your data.

A Nickelodeon Heist

The extremely popular kids' entertainment company, Nickelodeon, may have had over 500GBs of sensitive company information stolen. This breach is mainly an unverified rumor as of now, but could have serious implications for the entertainment mammoth.

As more and more of these rumors circulate, it seems the lost data pertains to pitch-decks, unreleased shows, and even a library of source code for Nickelodeon flash games.

We at DOT Security will continue monitoring the ongoing situation with Nickelodeon and update you as more information becomes available.

The Global Counter-Cybercrime Movement

While the state of the cybersecurity industry may seem grim, with school systems, government agencies, and even kids' entertainment companies feeling the pressure from cyber criminals; it’s just as important to highlight the ways in which global cybersecurity efforts are succeeding.

In that regard, it’s exciting that the free Suspicious Email Reporting Service (SERS) in the UK resulted in a shady email or URL being reported and disabled every 5 seconds culminating in over 7.1 million malicious sites, emails, and scams being taken offline.

Additionally, in the United States, the federal government is putting together Operation Stop Scam Calls to target the massive volume of scam calls performed each day. In fact, five companies accused of scamming millions of people are already facing fines and business bans.

Lastly, a partnership between the White House, Amazon, Google, and Qualcomm is leading the way in creating cybersecurity labels for various smart-devices that inform users about the general level of security that specific device employs.

These labels are meant to assist users in finding smart-devices that offer some amount of cybersecurity.

That's a Wrap

The cybersecurity world is vast, intricate, and constantly evolving. Keeping up to date with all the latest news stories, trends, and events in the cybersecurity space will keep you informed and aware of critical cybersecurity developments.

Cybersecurity becomes all that more pressing to address when you’re traveling with sensitive data and information. Review DOT Security’s Cybersecurity Checklist for When You’re on the Go to prepare for your next work trip.