Friday Five 9/9
This week saw two social media giants come under fire once again, malware that cons cybercriminals, and more cyberattacks in Ukraine. Read about these stories and more in this week's Friday Five!
1. INSTAGRAM RECEIVES RECORD FINE OF $400M FOR ABUSE OF CHILDREN'S DATA BY JOVI UMAWING
Following an investigation into how Instagram handles teens’ data on their platform, Ireland’s Data Protection Commissioner (DPC) has slapped the company with a near $402 million fine, marking the DPC’s highest fine to date. In response to the investigation and resulting fine, a spokesperson for Instagram said, "This inquiry focused on old settings that we updated over a year ago, and we've since released many new features to help keep teens safe and their information private. Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can't message teens who don't follow them. We engaged fully with the DPC throughout their inquiry, and we're carefully reviewing their final decision." Read more about what led to the regulator’s final decision in the full story from Malwarebytes Labs.
2. CISA TO FORMALLY SOLICIT INDUSTRY FEEDBACK ON CYBERSECURITY INCIDENT REPORTING RULES BY SUZANNE SMALLEY
Jen Easterly, the current director of CISA, noted this week that federal cyber officials will formally ask industry leaders for feedback for the regulatory structure for cyber incident reporting. This decision comes months after President Biden signed a new bill, the Consolidated Appropriations Act, into law, which requires critical infrastructure owners and operators to report major cyberattacks to CISA within 72 hours and ransomware attacks within 24. According to Easterly, “this will finally allow us a much better understanding what’s going on across the ecosystem… We don’t want to burden industry and we don’t want to burden the federal government with noise either.” Read more to find out why she thinks “defense needs to be the new offense” when it comes to cybersecurity.
3. DEV BACKDOORS OWN MALWARE TO STEAL DATA FROM OTHER HACKERS BY BILL TOULAS
Cybercriminals using Prynt Stealer, a type of info-stealing malware used to steal cryptocurrency wallet information, sensitive info stored in web browsers, VPN account data, cloud gaming account details, and more, has been backdoored so that any information stolen by the cybercriminal is also routed to the malware’s developer via Telegram. Read the full story from BleepingComputer to find out more about how Prynt Stealer works and which other malware families it may be related to.
4. TIKTOK USERS WERE VULNERABLE TO A SINGLE-CLICK ATTACK BY DAN GOODIN
5. UKRAINE IS UNDER ATTACK BY HACKING TOOLS REPURPOSED FROM CONTI CYBERCRIME GROUP BY DAN GOODIN
As Ukraine continues to fight against Russian invasion, hackers with ties to the notorious Conti ransomware group have been repurposing tools to use in attacks against hotels, non-government organizations, and others in the war-torn country. But according to a researcher in Google’s Threat Analysis, "the attacker has recently shifted their focus to targeting Ukrainian organizations, the Ukrainian government, and European humanitarian and non-profit organizations," indicating that the attackers’ intentions may align with those of the Kremlin. Read the full story from Ars Technical for a full breakdown of recent incidents that have been linked back to these cybercriminals.