In this week’s cybersecurity news picks, a leading bank exposed confidential client data, and ChatGPT remained a concern for security experts. Follow this article to learn more about the latest phishing-related news and be sure to take all necessary phishing protection measures in the future.
Google: Ukraine Becomes A Target Of 60% Russia-Backed Phishing Attacks In 2023
Google’s Threat Analysis Group (TAG) is monitoring and disrupting Russian state-backed actors targeting Ukraine’s critical infrastructure in 2023. It reported that from January to March 2023, Ukraine became the most prominent target of Russia-backed phishing attacks, receiving roughly 60% of cyber attacks.
In most cases, the campaign goals were operational disruptions, intelligence collection, and leaking sensitive information through Telegram channels focused on causing information damage to Ukraine.
Google’s report also highlighted cases of misinformation on its platforms, YouTube and Blogger.
“In the first 2023 quarter, TAG observed a coordinated campaign from Internet Research Agency (IRA) linked actors creating content on Google products like YouTube. They were commenting and upvoting each other’s videos,” the Google TAG report read.
Multinational ICICI Bank Leaks Passports And Financial Data
ICICI Bank, an Indian multinational valued at over $76 billion, recently leaked millions of records with sensitive data, including the bank’s clients’ personal documents and financial information.
A misconfiguration in the bank systems led to the exposure, including full names, birth dates, bank account details, bank statements, e-mails, personal identification documents, credit card numbers, home addresses, phone numbers, and employees’ and candidates’ CVs.
“We estimate the impact of the discovered ICICI leak to be severe, as it leaked a significant volume of personal data,” said Cybernews researchers. “Such sensitive information can undermine ICICI bank’s reputation and uncover details of the bank’s internal processes. Furthermore, it can jeopardize the security and safety of its clients, employees, and their data.”
Furniture Rental Startup RentoMojo Suffers A Data Breach, 1.5 Lakh Subscribers Impacted
Online rental marketplace Rentomojo recently discovered a data breach on its systems and reported it to the appropriate authorities. Founded in 2014, Rentomojo allows users in Mumbai, Delhi NCR, Bengaluru, and Pune to rent motorbikes, furniture, and utilities on a subscription basis.
It said the data breach affected its 1.5 lakh subscribers. In an e-mail sent to its subscribers, RentoMojo says, “Recently, we identified a security breach that led to unauthorized access in one of our databases. It appears the hackers obtained unauthorized access to customer data, including PII, by exploiting a cloud misconfiguration.”
Image sourced from norton.com
The firm also added that the breach does not impact any financial information like Debit cards, Credit cards, or UPI as it does not store them in the firm’s database.
Singapore Privacy Watchdog Fines Real Estate Firm OrangeTee & Tie For Data Breach Involving 250,000 Employees And Customers
Real estate agency OrangeTee & Tie received a S$37,000 fine from Singapore’s privacy watchdog for compromising the personal data of over 250,000 customers and employees. Cybercriminals extracted names, property transaction amounts, bank account numbers, and identity card numbers from outdated database servers in 2021.
The Personal Data Protection Commission (PDPC) released a written judgment on Monday (Apr 17), saying that it found several lapses in OrangeTee & Tie’s cybersecurity posture that led to the data breach. It included the firm failing to conduct periodic security reviews before the incident in 2021 and using “live” data for development and testing without proper safeguards in place.
AI Tools Like ChatGPT Can Fuel BEC Attacks
A recent report by Armorblox mentions that of all BEC attacks in the past year, 57% had language as the primary attack vector to target unsuspecting employees. The report also includes other trends like vendor fraud and compromise are the rising attack vectors, and graymail wastes 27 hours for security teams each week.
Attacks target technology organizations.
The report mentions that SMBs are particularly vulnerable to supply chain and vendor fraud attacks, and 53% of vendor compromise attacks targeted technology organizations.
Cybercriminals keep infiltrating legitimate business workflows to steal sensitive business information. The report mentions that hackers mostly compromised business workflows involving e-mail notifications, a significant uptick over 2021. It adds that 52% of all attacks involved sensitive user data, like user login credentials.
ChatGPT Account Takeover Bug Allows Cybercriminals To Gain User’s Online Account
An independent security analyst, Nagli (@naglinagli), recently discovered a critical security vulnerability in ChatGPT that allows hackers to control any user’s account.
Web Cache deception is an attack vector that Omer Gil introduced at the Las Vegas Blackhat USA conference in 2017.
In this attack, the hacker can change a web server into storing a web cache by entering a non-existent URL and a file type like JPG, CSS, or PNG.
As per the tweet, hackers can use the below steps to replicate the issue.
- The hacker logs in to ChatGPT and visits the URL.
- He changes the URL to Victim.css and sends it to the User.
- The User visits the URL while logged into ChatGPT. The server will save the victim’s sensitive information on the URL as a cache.
- The hacker visits the URL: https://chat.openai.com/api/auth/session/vicitm.css, which has sensitive information about the User like Name, e-mail, etc.,
- He can now use it to log in to ChatGPT.