Looking Back to Move Forward

Welcome to the Retrospective – your summary of this week's top news in #cybersecurity. Stay informed and ahead of the curve with this concise and informative roundup, designed to keep you up to speed with all the latest developments shaping the industry. 

If you are a C-Suite executive, technology expert, cybersecurity specialist, compliance professional or simply interested in staying secure online, Retrospective has got you covered.

Subscribe to receive updates straight to your inbox.

Today's article is 1,213 words long, a 6-minute read.

ChatGPT Browser Extension Compromises Facebook Accounts

This anecdote reminded me of Minesweeper. Amidst all the enthusiasm surrounding ChatGPT, some browser extensions began popping out in the Chrome Web Store. Naturally, many people started downloading them to leverage the capabilities of this powerful tool beyond its original site. Who wouldn't, right? According to researchers at CybelAngel, just like when a player uncovers a mine in the iconic puzzle game from the 90s, this one was unfortunately laced with malware.

While it is all fun and games, downloading these small pieces of software jeopardised over 40,000 Facebook accounts. Akin to a keylogger, threat actors designed this exploit maliciously using "infostealer" to collect data stored in browsers (such as passwords and credit card information). Once obtained, the intention was to take over the profiles to alter the name and images with that of the "Emily in Paris" Netflix star. So, if you came across the hashtag #LilyCollinsHack on TikTok or other social media platforms, it was referring to this incident.

Even though cybercriminals hid the web app in plain sight, Google acted swiftly and quickly pulled it from their digital channels. The only problem is that all those compromised have had their details listed on an exposed database. Experts predict that generative artificial intelligence tools will provide scammers with new opportunities to take advantage of victims in the future, making it even more important to take steps to stay safe. With scams reaching unprecedented economies of scale, OpenAI has launched a bug bounty program offering money to those identifying vulnerabilities — such as security flaws and privacy violations.

Considering what happened to those four university students, it is time to start a mature conversation locally about how we disclose #cybersecurity vulnerabilities. Kicking the can down the road will create more problems than solutions. With the growing number of incidents here in Malta, having laws that protect those that act in good faith is crucial. As the talent pool in this field is limited, we must incentivise as many people as possible to give a helping hand. By having white hat hackers safeguarding users from harm, they create a safer online environment for all.

Link to article: https://buff.ly/3n99zRw

Link to report: https://buff.ly/3o90318

Retrospective Reaches Milestone With Over 2,000 Subscribers

Exciting news, everyone! The Retrospective (https://buff.ly/40XUOjD) has reached a new milestone with over 2,000 subscribers! Thank you so much for your support and interest in this weekly summary of all the top news in #cybersecurity. I appreciate the growing community of readers who made this achievement possible. Let's continue learning from one another and stay informed about the latest developments together.

To make sure I continue to share information that you find helpful, I would love to hear from you. Do you have any suggestions on how I can improve the newsletter? Are there any particular stories you'd like to see covered more (or less) frequently? Please share your feedback with me since it will help me better understand your interests. You can express your thoughts by commenting below or sending a private message.

Why Managers Should Start Thinking More Like Hackers

I'd never thought I'd say this... Managers should think more like hackers (at least according to the Harvard Business Review). Cybercriminals are often frowned upon for obvious reasons, but their innate ability to identify opportunities quickly is unmatched. They are systems thinkers, capable of manoeuvring around obstacles to achieve results. In the corporate world, cultivating a culture of resourcefulness is highly beneficial (as it enables all employees to think creatively and outside the box).

Airbnb is a prime example of this mindset in action. The article highlights how they overcame advertising budget limitations and utilised Craigslist by allowing hosts to cross-post their listings, generating free site traffic — leading users to go straight to the website. When the founders had their backs against a wall during the 2008 presidential election, they turned to cereal, creating "Obama O's" and "Cap'n McCains" for fundraising. Over time, this led them to a deal with Y Combinator.

Threat actors also find opportunities across siloes by exploring uncharted territories and creating unconventional pairings that work remarkably well. Paulo Savaget uses ColaLife to explain this point. The non-profit solved a healthcare problem in Zambia by utilising Coca-Cola's distribution system to increase access to diarrhoea medicine in remote rural regions. In Malta, eCabs and Quicklets are two local companies that tick all of the above. By leveraging technology, they respectively disrupted the traditional taxi and property industries, finding new ways to better connect riders with drivers and landlords with tenants.

To keep this #cybersecurity themed, try to be like the Trojan Horse when embracing this approach. Even though workarounds may not solve issues, quick wins can sometimes lead to unpredicted change. It is more a matter of having the appetite to explore unchartered waters. Consider adopting agile methods to test your ideas whenever possible. You'll be surprised by the insights you can gain in the process.

Link to article: https://buff.ly/3KNcGH9

Tech Giants Join Forces to Combat the Misuse of Cobalt Strike

Like a double-edged sword, #cybersecurity cuts both ways, delivering the sweetest victories and the bitterest defeats. Ironically, the same software designed to prevent threats can also be the root cause of such breaches. To impede cyberattacks, Microsoft, Fortra and Health-ISAC have initiated a full-scale legal crackdown to disrupt the distribution of cracked, legacy copies of their software. Their court order strives to combat the misuse of Cobalt Strike by black hat hacker groups who use it to distribute malware — stopping once and for all this stark reality.

In a wild attempt to "make it harder for bad guys," Google took down 34 illegitimate versions of this tool last year. Their Cloud Threat Intelligence team went one step further by open-sourcing 165 YARA rules to improve how organisations can detect malicious instances. With the help of CERTs and ISPs, tech giants now have the backing to take it one step further by seizing the domain names and taking down the IP addresses of servers hosting these files (making this truly unprecedented).

This coalition has achieved a significant milestone in the battle against cybercrime. Creating a blueprint for future takedowns has set a roadmap for other companies to follow suit, reinforcing the message that the way towards success is based on collective effort.

The result? This video of a Lego toy car against longer and longer gaps by the Brick Experiment Channel nicely summarises the coming months. As one side starts creating obstacles, the other finds new ways to overcome them in a never-ending cycle of survival of the fittest in the digital realm. It will be interesting to see how this ongoing battle will continue to evolve and shape the future of technology as we know it. Like Charles Darwin's theories, those who fail to adapt risk extinction.

Link to article: https://buff.ly/41bNJvq

Link to video: https://buff.ly/3DFW3Ii