Plus: Apple fixes security flaw that let hackers breach iPhones and iPads
| Part of  Network | |
 Presented by  |
Grand Theft Auto Online has been hacked, as threat actors are believed to have stolen players' money and deleted their game progress. Rockstar has yet to acknowledge the incident. More: - According to players, the breach is leaving their PC screens frozen while they are playing the game.
- The campaign lets hackers steal funds from players' accounts without the chance for the players to recover them.
- Researchers believe that hackers are using remote code execution and have recommended that users avoid playing the game or at least implement a firewall rule.
- The security flaw is being tracked as CVE-2023-24059.
| |
The head of digital policy at the EU has warned TikTok about its privacy policy, saying that the company will have to adhere to its new rules. New legislation is expected to start being implemented by the end of 2023. More: - During a video call with Shou Zi Chew, the CEO of TikTok, Thierry Breton stated that the social media company will have to adhere to the European Union's new privacy rules and that the app has a responsibility to offer safe practices due to its influence on young people.
- The Digital Services Act is set to start being implemented by September 2023. The latter is legislation that will oblige companies to revamp their online privacy rules and reduce their harmful content.
- Breton stated that the EU would not hesitate to deploy sanctions against the company if it were to find proof that TikTok was not respecting EU privacy laws.
Zoom Out: - TikTok has now been banned in some form in over 20 U.S. states, while the military and Congress have banned TikTok use altogether on government devices.
- Former President Donald Trump had initially hinted that TikTok would have to sell its operations to a U.S. company in order to earn credibility, and reports of Microsoft acquiring the app's U.S. operations made headlines, but ultimately the deal never materialized.
| |
 A message from LACEWORK Lacework Labs Cloud Threat Report, Vol. 4 In the latest installment of the Cloud Threat Report series, Lacework Labs covers the significant increase in efficiencies used by cybercriminals. Get insights into these trends that cover how: - Attackers are automating key discovery and exploits, taking advantage of momentary mistakes
- Simple mistakes turn into misconfigurations that attackers use to compromise your cloud identity infrastructure
- Vulnerabilities continue to stick around for months (sometimes even years) and attackers quickly exploit any new vulnerabilities
- Cryptojacking continues to be a staple in cybercriminal tool belts
Discover detailed intelligence about ongoing infrastructure compromise activities and best practices for hardening your cloud security posture. Read the Lacework Labs Cloud Threat Report, Vol. 4 today. Get the report
| |
The National Security Agency has published cybersecurity guidance that aims to help the Department of Defense avoid cybersecurity risks. The agency has advised the DOD regarding its transition to Internet Protocol version 6. More: - The NSA stated that IPv6 is similar to IPv4 and that federal agencies will need to run both technology stacks simultaneously until the final implementation of IPv6.
- During the implementation of both technologies, the NSA claims that hackers will target federal institutions to take advantage of potential security vacuums that may be created as a result of the transition.
- Some of the changes that the move to IPv6 implements are:
- IPv6 traffic should be filtered according to the organization's network policies. A network that has not yet deployed IPv6 should block all IPv6 at the network border, including any IPv6 that is tunneled in IPv4.
- Internet Control Message Protocol for IPv6 is more important to IPv6 communications than the corresponding ICMP for IPv4.
| |
Apple has fixed a security flaw that enabled hackers to breach iPhones and iPads through arbitrary code execution. The bug is being tracked as CVE-2022-42856. More: - The security flaw enables hackers to gain access to sensitive information by convincing victims to go to a website filled with malware-infected files.
- This flaw affected the following devices:
- iPhone 5s,
- iPhone 6,
- iPhone 6 Plus,
- iPad Air,
- iPad mini 2,
- iPad mini 3,
- and iPod touch 6th generation.
- The newest of these devices was released in 2015, though Apple released iOS updates for them over the years.
- Apple has not published all technical details regarding the breach to avoid other threat actors developing custom attacks.
| |
 A message from LAIKA How Laika Can Help Your Company Become SOC 2 Compliant Laika's Compliance-as-a-Service solution helps companies automate every part of information security compliance. In this guide, you'll learn how to navigate the complex field of SOC 2 compliance from start to finish. Learn what is SOC 2 and why it matters for your startup, how to prep for SOC 2, and what time and cost to expect. Download the guide to turn compliance from a pain point into a secret weapon. Download the guide 
| |
Russian internet provider Rostelecom has claimed that 2022 was a record year for DDoS attacks that targeted Russian organizations. The company claims over 21 million DDoS attacks were launched against 600 entities in the country. More: - The most powerful DDoS attack was 760 GB/sec, nearly twice as big as the strongest attack in 2021, while the longest DDoS lasted nearly three months.
- According to the company, most of the targeted organizations were located in Moscow, the capital of Russia.
- These companies withstood over 500,000 cyberattacks, most of which came from the U.S., according to Rostelecom.
- Some of the companies that were breached in 2022 include:
| |
Quick Hits: - Employee training is crucial, but building a scalable program for it is complex work. Use this checklist to take yours to the next level.*
- Video game development studio Riot Games has stated that it was forced to shut down its operations temporarily due to a hacking campaign led by unknown threat actors.
- A new report claims that hackers are replacing Cobalt Strike with Silver, a C2 framework that has been actively deployed since 2020.
- Security researchers have discovered a hacking campaign that targets over 11 million Apple devices. The campaign uses ad malware as a threat vector.
- The U.K.’s National Cyber Security Centre has released a report that warns of an increasingly higher number of hacking campaigns that target charities in the U.K. This sector is estimated to be worth over $110B.
- Revolutionary Talent is the Future of H.R. Are you ready to tackle your goals for 2023?*
*This is sponsored content.
| |
Upcoming events at Inside: - January 23 - Inside Coffee Break (Register Here)
- January 24 - Inside Startups Coffee Break (Register Here)
- January 25 - Quantum Miami '23 (Register Here)
- January 26 - Growth Experimentation Workshop: From Strategy to Process by GrowthHackers.com (Register Here)
- January 29 - Inside Interview with Lacework - 4 Common Attack Paths in Cloud Security (Register Here)
- April 18 - Human Resources Summit'23 (Register Here)
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| |
Laika is a unified compliance platform that automates workflows for audits, infosec monitoring, and vendor due diligence in a single, collaborative space. | |
| 767 Bryant St. #203, San Francisco, CA 94107
Copyright © 2023 Inside.com | |
| |
