Cyber Security Headlines – October 28, 2020

TikTok partners with Shopify on social commerce

The deal aims to make it easier for Shopify’s over one million merchants to reach TikTok’s younger audience and drive sales by creating, running, and optimizing their TikTok marketing campaigns directly from the Shopify dashboard by installing the new TikTok channel app from the Shopify App Store. Once installed, merchants will have access to the key functions from the TikTok For Business Ads Manager at their disposal. The campaigns’ costs will vary, based on the merchant’s own business objectives and how much they want to spend.

(TechCrunch)

YouTube will add Election Day warning label: “Results may not be final”

As a means of addressing potential misinformation surrounding the elections, YouTube joins Twitter, Facebook, Wikipedia, and others in pre-emptive labelling of election related information. YouTube said it will place a label at the top of search results for election-related queries, and below relevant videos. The label will include a link to a separate Google page with real-time national and statewide election results from data by The Associated Press.

(CNBC)

FBI: Hackers stole government source code via SonarQube instances

SonarQube is an open-source platform for automated code quality auditing and static analysis to discover bugs and security vulnerabilities in projects using 27 programming languages. Vulnerable SonarQube servers have been actively exploited by attackers since April 2020 to gain access to data source code repositories owned by both government and corporate entities, later exfiltrating it and leaking it publicly.

(Bleeping Computer)

Microsoft blames bug for Azure Active Directory disruption

The outage, which affected customers using Azure Active Directory-dependent applications lasted for approximately three hours between September 28 and 29 and prevented customers from logging into multiple Microsoft 365 services and some Azure services. Microsoft says the disruption occurred because a bug in its Azure Active Directory’s Safe Deployment Process rendered it unsafe: the safeguard pushed through a crash-inducing update into production, bypassing the usual verification process, and ultimately broke the Active Directory.

(The Register)

Thanks to our sponsor, F5

A recent Forrester analysis of app security leader F5’s SSL/TLS Visibility solution, which dynamically orchestrates traffic to your security stack, found the average customer will see an ROI of 373%. Register now for the F5 Security Summit, a leader in the app security space, to find out more about how to maximize your investments in security inspection technologies. Attendance is complimentary, Register today. in the app security space, to find out more about how to maximize your investments in security inspection technologies. Attendance is complimentary, Register today.

Global credential harvesting campaign uses FiercePhish open source framework

A research group belonging to Recorded Future has discovered a wide-reaching phishing campaign that uses the FiercePhish open source offensive phishing framework. Hosted on Russian domain infrastructure it is globally harvesting credentials from a variety of organizations in the public and private sectors. This campaign, coordinated using asherintartrading[.]com, has been active since at least December 2019 and has cycled through over 30 DigitalOcean IP addresses, sometimes in a matter of hours. The fast changes in infrastructure indicate that the threat actor is proficient in evading security defenses and blocking tactics.

(Recorded Future)

Steelcase furniture giant hit by Ryuk ransomware attack

Steelcase, the world’s largest office furniture manufacturer, with 13,000 employees and $3.7 billion in revenues in 2020, suffered a ransomware attack on October 22, that forced them to shut down their network to contain its spread. The attack has been attributed to the Ryuk Ransomware actors, famous for their attacks on French IT giant Sopra Steria and Universal Health Services, BazarLoader or TrickBot infections.

(Bleeping Computer)

Oculus owners told to get Facebook accounts and face deletion if they leave 

Oculus users who have already learned they must have a Facebook account in order to use their headsets, have now been warned they could lose all their Oculus purchases and account information in future if they ever delete their profile on the social network. This has led to a wave of anger among Oculus users, and a renewed online effort to jailbreak new Oculus headgear to bypass Facebook’s growing restrictions. Facebook has imposed. According to The Register.com Facebook acknowledges their customers’ anger but insists they comply with the Facebook terms of service.

(The Register)

Experts warn of privacy risks caused by link previews in messaging apps

Cybersecurity researchers have disclosed new security risks associated with link previews in popular messaging apps that cause the services to leak IP addresses, expose links sent via end-to-end encrypted chats, and even unnecessarily download gigabytes of data stealthily in the background. “This could be bills, contracts, medical records, or anything that may be confidential,” the researchers said, adding, “Apps that rely on servers to generate link previews may be violating the privacy of their users by sending links shared in a private chat to their servers.”(The Hacker News)


Steve Prentice
Author, speaker, expert in the area where people and technology crash into each other, viewed from the organizational psychology perspective. Host of many podcasts, voice actor and narrator for corporate media and audiobooks. Ghost-writer for busy executives.