Cyber Security Headlines: UK bans TikTok, Windows Snipping patch, Puerto Rico hack

UK bans TikTok from government mobile phones

Britain is to ban the Chinese-owned video-sharing app TikTok from ministers’ and civil servants’ mobile phones, bringing the UK in line with the US and the European Commission and reflecting deteriorating relations with Beijing. The decision marks a sharp U-turn from the UK’s previous position and came a few hours after TikTok said its owner, ByteDance, had been told by Washington to sell the app or face a possible ban in the country. The ban will cover ministers’ and civil servants’ work phones, but not their personal phones. 

(The Guardian)

Microsoft pushes OOB security updates for Windows Snipping tool flaw

Following up on a story we brought you last week, Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability. Now tracked as CVE-2023-28303, the Acropalypse vulnerability is caused by image editors not properly removing cropped image data when overwriting the original file. However, with this bug, both the Google Pixel’s Markup Tool and the Windows Snipping Tool were found to be leaving the cropped data within the original file.

(Bleeping Computer

Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority

The Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyberattack that hit the agency two weeks ago. The attack was disclosed on March 19, and the announcement stated that threat actors had access to customer and employee information. The agency pointed out that operations at the critical infrastructure managed by the agency in Puerto Rico were not impacted. At this time, the agency has yet to reveal the name of the group behind the attack, but the Vice Society ransomware gang added the authority to the list of victims on its Tor leak site. 

(Security Affairs)

Intel co-founder, philanthropist Gordon Moore dies at 94

Gordon Moore, the co-founder of Intel died Friday at his home in Hawaii. Moore, who held a Ph.D. in chemistry and physics, made his famous observation — now known as “Moore’s Law” — three years before he helped start Intel in 1968. The prediction, which had been originally applied to the doubling of transistors on a semiconductor has since been applied to hard drives, computer monitors and other electronic devices and symbolizes the benefits and effects of exponential scale on technology. The law states that the number of transistors on a microchip roughly doubles every two years while its cost is halved over that same time period. 

(Security Week)

Thanks to this week’s episode sponsor, Trend Micro

Cybersecurity is not just about protection, it’s about foresight, agility, and resilience. Navigating a new era of cyber risk demands evolved strategies, new frameworks, and integrated tools to equip security teams to anticipate and defend against even the most advanced attacks. Trend Micro, the global leader in cybersecurity is bringing the cyber risk conversation to more than 120 cities around the world in their latest “Risk to Resilience World Tour” — The largest cybersecurity roadshow of its kind. Find the closest city to you and register today to take a leap towards a more resilient future. Head to

Inaudible ultrasound attack can stealthily control your phone, smart speaker

American university researchers have developed a novel attack called “Near-Ultrasound Inaudible Trojan” (NUIT) that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs. Professor Guenevere Chen of the University of Texas in San Antonio (UTSA), her doctoral student Qi Xia, and professor Shouhuai Xu of the University of Colorado (UCCS) demonstrated NUIT attacks against modern voice assistants found inside millions of devices, including Apple’s Siri, Google’s Assistant, Microsoft’s Cortana, and Amazon’s Alexa, showing the ability to send malicious commands to those devices. The main principle that makes NUIT effective and dangerous is that microphones in smart devices can respond to near-ultrasound waves that the human ear cannot, thus performing the attack with minimal risk of exposure while still using conventional speaker technology.

(Bleeping Computer)

Panera Bread will use palm-scanning technology for its loyalty program

Panera Bread is rolling out palm scanners that will link customers’ handprints to their loyalty accounts — a move the company paints as convenient but that privacy advocates have decried. The biometric-gathering technology, developed by Amazon, will hit stores in the next few months, Panera said on Wednesday. The gadgets will help suggest menu items based on customers’ order histories and allow employees to greet customers by their names and share customers’ available rewards, the company said. Panera Bread CEO Niren Chaudhary described the move as a “frictionless, personalized, and convenient” evolution of Panera’s loyalty program, which boasts 52 million members. However, digital rights activists worry that information could be tapped by federal agencies or accessed by hackers. 

(CBS News)

UK National Crime Agency reveals it ran fake DDoS-for-hire sites to collect users’ data

Britain’s National Crime Agency (NCA) revealed on Friday that it had set up a number of fake DDoS-for-hire sites to infiltrate the online criminal underground. It said that users who registered for the sites were not given access to cybercrime tools but instead had their data collated by investigators. The operation aims at low level criminals who tend to use booters, and provides police with a mechanism to intervene in the cases of potential offenders when they are engaged in what the NCA described as “an attractive entry-level crime.”

(The Record)

Last week in ransomware

Last week’s news was dominated by the Clop ransomware gang extorting companies whose GoAnywhere services were breached using a zero-day vulnerability. BleepingComputer has confirmed this week that Saks Fifth Avenue, the City of Toronto, Procter & Gamble, Virgin Red, and the UK Pension Protection Fund are related to the vulnerability. The City of Oakland is suddenly being extorted on the LockBit data leak site, when a few weeks ago, they were claimed by a Play ransomware attack. It is unclear if LockBit is helping Play extort the City. We also saw MKS Instruments and Lehigh Valley Health hit with lawsuits stemming from ransomware activity.

(Bleeping Computer and CISOSeries)