Data Privacy Weekly: Your Industry News Series

01. FCC Launches ‘U.S. Cyber Trust Mark’ Program to Enhance IoT Device Security

The FCC and the White House launched the “U.S. Cyber Trust Mark” program, aiming to improve the security of IoT devices. The program will label smart devices like refrigerators and televisions to assure consumers of their security. FCC Chair Jessica Rosenworcel stated that there were 1.5 billion attacks on IoT devices in the first half of 2021 and predicted 25 billion connected devices by 2030.

Major manufacturers, including Amazon, Best Buy, Google, LG Electronics, Logitech, and Samsung, support the program. The labeling system will be based on criteria from the National Institute of Standards and Technology and is expected to be implemented by 2024. Routers are identified as high-risk devices.

Read More
FCC Launches 'U.S. Cyber Trust Mark' Program to Enhance IoT Device Security
Cybersecurity Vendor Sophos Impersonated by SophosEncrypt Ransomware-as-a-Service

02. Cybersecurity Vendor Sophos Impersonated by SophosEncrypt Ransomware-as-a-Service

Sophos, a cybersecurity vendor, is facing impersonation by a new ransomware-as-a-service called SophosEncrypt. Initially believed to be a red team exercise, Sophos X-Ops team confirmed that they did not create the encryptor and are investigating the situation.

The ransomware, named SophosEncrypt, prompts the affiliate to enter a token associated with the victim, connects to a server for verification, and then encrypts files using AES256-CBC encryption. The ransomware adds the “sophos” extension to encrypted files and creates a ransom note. The threat actors behind the ransomware are linked to Cobalt Strike C2 servers.

Read More

03. Microsoft Investigates Chinese Hackers’ Theft of MSA Key for Breaching U.S. Agencies

Microsoft is conducting an ongoing investigation into how Chinese hackers managed to steal an inactive Microsoft account (MSA) key, which they used to breach U.S. government agency email accounts. The Chinese threat group, Storm-0558, exploited a validation error in Microsoft’s code to forge Azure AD tokens, granting unauthorized access. Microsoft has since enhanced security measures, revoked all previously active keys, and issued new ones. The method used to acquire the stolen key is still under investigation, but the issue has been resolved.

Read More
Microsoft Investigates Chinese Hackers' Theft of MSA Key for Breaching U.S. Agencies
Colorado State University Confirms Data Breach from Clop Ransomware Attack

04. Colorado State University Confirms Data Breach from Clop Ransomware Attack

Colorado State University (CSU) has confirmed a data breach caused by the Clop ransomware operation, impacting both current and former students and employees. The breach involved sensitive personal information accessed through the compromised service vendors TIAA, National Student Clearinghouse, Corebridge Financial, Genworth Financial, Sunlife, and The Hartford, which utilized the breached MOVEit Transfer platform.

CSU is conducting an internal investigation to assess the extent of the breach and will notify affected individuals while advising the entire community to stay vigilant and report any suspected identity theft incidents. Identity theft protection service coverage is not currently provided to CSU members.

Read More

05. Docker Hub Leak Exposes Thousands of Images Containing Auth Secrets and Private Keys

Researchers from RWTH Aachen University in Germany discovered that tens of thousands of container images on Docker Hub contain confidential secrets, such as private keys and API secrets. The study analyzed 337,171 Docker images and found that approximately 8.5% of them expose sensitive data.

These exposed secrets pose a significant security risk, potentially compromising software, online platforms, and users. Docker Hub is a cloud-based repository for Docker images used in application deployment. The study reveals a critical issue in container security and emphasizes the need for proper handling of secrets in container images.

Read More
Docker Hub Leak Exposes Thousands of Images Containing Auth Secrets and Private Keys

Explore More Topics

Explore the full range of services offered by Encryption Consulting.

Feel free to schedule a demo to gain a comprehensive understanding of all the services Encryption Consulting provides.

Request a demo