Here's this week's recap – a brief summary of hacks and threats Cybernews observed between February 27 and March 3.
Modern workplace: a dream or a nightmare?
It seems that talent prefers to work in the entertainment industry over Silicon Valley companies. For example, interest in employment opportunities with Netflix more than quadrupled after some TikTok influencers boasted of snatching a well-paying side gig “just to stay home and watch Netflix.”
Can you blame them? Big tech layoffs, which, by the way, Netflix wasn’t immune to, affected many employees. Even sleeping in the office to meet Elon Musk’s deadlines wasn’t enough for this top Twitter executive to secure her contracts.
Employees are also reluctant to get back to the office after years of enjoying remote or, at least, a hybrid work model. In fact, Activision, a gaming company, has even been accused of firing staff for speaking out against stricter remote working policies. The company, once flexible, is now making employees come to the office at least three days a week.
Big Tech news
It seems that Mark Zuckerberg’s bet on the metaverse hasn’t been a successful one. He lost around $14 billion last year, and Meta was forced to cut thousands of jobs as a result. Now, Zuckerberg is expected to release Meta’s first fully-fledged AR glasses that are rumored to be capable of projecting holograms onto the real world. While the public release may not happen until 2027, the company’s employees might get a chance to test them as soon as next year.
Meanwhile, Elon Musk, who, by the way, co-founded the company behind the viral ChatGPT application, has approached AI researchers about forming a research lab to develop an alternative to the text-generator.
And Twitter’s ex-boss, Jack Dorsey, is working on an alternative for Twitter. For the time being invite-only Bluesky resembles Twitter, namely its timeline and profile pages. Dorsey said Twitter was becoming increasingly centralized, and social media should be free of control.
Meanwhile, China’s TikTok is fighting its own battles. Despite moving its data centers to European locations, the video platform by ByteDance is facing backlash in the West. US government agencies now have less than a month to wipe TikTok from any federal device or system.
The White House announced a new cybersecurity strategy to “better secure cyberspace and ensure the US is [in] the strongest possible position to realize all the benefits and potential of our digital future”. The strategy outlines five basic pillars to strengthen critical infrastructure. Cybernews prepared a comprehensive analysis with insights from the cybersecurity experts about what it means for both defenders and threat actors.
Overseas, another legislation is making waves. Signal, a popular messaging app among dissidents, protestors, and people who value their privacy, threatened to leave the UK since it believes the country’s Online Safety Bill would weaken encryption and expose its users.
An exclusive investigation by Cybernews proves that some of the top Instagram influencers are relying on none other than Russian bots to boost their followers, and, eventually, profit from that. Using bots for such purposes is against Instagram rules; however, as is evident with Twitter, where half of Musk’s followers are considered fake accounts, it’s not that easy to weed out bots.
Another Cybernews exclusive looks into how criminals abuse popular penetration testing tools. Designed to help defenders better protect their systems, they are being increasingly used by crooks, sparking discussion over whether some of them, for example, Cobalt Strike, should become illegal. Criminals cast a shadow on many popular tools and services, not just pentesting tools, including popular social media apps like Telegram and WhatsApp, among many others.
Speaking of popular offensive security tools, we have prepared a comprehensive guide on how to use FlipperZero to up your security game. Naturally, we expect you to use it only for good purposes.
Summary of hacks and breaches
- More bad news from the LastPass password manager. It turns out that last year’s breach resulted in an engineer’s computer being hacked. Apparently, they had access to decryption keys for accessing cloud storage with sensitive data on it. Is it time you ditched it and found something more reliable?
- US satellite broadcast provider DISH Network that services 19 million customers fell victim to a ransomware attack, causing an outage that affected its customers.
- Activision saw its employee data leaked on a dark web forum. Dubbed by the crooks responsible as “great for phishing,” the data contains around 200,000 employee records.
- Another ransomware attack hit the US Marshals Service (USMS), compromising sensitive information on known fugitives, legal proceedings, and USMS employees.
- Info on two million valid payment cards, including full names, card numbers, bank details, expiration dates, and card verification value (CVV) numbers, has been leaked on dark-web carding forum BidenCash. The data was apparently leaked as a birthday anniversary promotion.
- Finally, a centuries-old British retailer specializing in books and other publications, WHSmith, fell victim to a cyberattack that saw the company's data compromised by criminals. Threat actors might have accessed employee information: WHSmith has 12,500 of them worldwide, and operates 600 high street and over 1,100 travel stores globally.
Subscribe to our newsletter