News 10-12-2022

Latest News in Digital Trust: September 2022

DigiCert
digicert-blogimages-mar22

Here is our latest roundup of news about digital security in our connected world. Click here to see the whole series.

IoT

  • Matter 1.0 has officially arrived, with the CSA (Alliance) announcing its release on Oct. 4. Matter has been a multi-year project bringing together all of the biggest names in smart home manufacturing, including Apple, Google, Samsung and more to create a reliable, secure way for devices by different manufacturers to interoperate. DigiCert has been highly involved in Matter, and can help manufacturers achieve compliance with device attestation.
  • As the first Matter-approved root CA, also known as a Product Attestation Authority (PAA), DigiCert can now provide rapid time to market for smart home manufacturers looking to earn the Matter seal on their products. Learn more here.

VMC

Browsers

Government standards

Malware

  • Minecraft malware is infecting thousands of PCs with fake updates. Additionally, malware has been found in Minecraft cheat programs that claim to help gamers take shortcuts to success, which has affected thousands of users. Other games have also experienced malware threats, including FIFA, Roblox, Far Cry and Call of Duty.
  • GIFs in Microsoft Teams have been found to spread malware. Attackers have put malicious code encoded in GIFs that can be used to steal data, which they then share on Microsoft Teams. The flaw has not yet been fixed, so for now users should think twice before opening GIFs shared in Teams.
  • Open source apps have been a recent source of spreading malware from hackers backed by the North Korean government. Several organizations were compromised from installing these apps. Microsoft said that the threat group ZINC added malware to legitimate open-source apps like PuTTY and has had several victims since June 2022.

Data breaches

Outages

  • Zoom experienced a significant, but brief, outage on Sept. 15. The global outage prevented users from starting and joining meetings for about an hour. Zoom did not express the cause, publishing on their service status only that “We have identified the issue starting and joining meetings. We will continue to investigate and provide updates as we have them.”

Quantum

  • IBM created a refrigeration system which can cool to temperatures colder than outer space to hold future quantum computers. In a blog post, IBM says their “super-fridge” could cool future quantum experiments and could hold up to 1.7 cubic meters worth of volume. Intel recently announced the Intel Quantum SDK, which is designed to help developers learn how to program quantum algorithms. The SDK is available now in beta through Intel Developer Cloud.

Ransomware

  • The LA School District was hit with ransomware in early September, leading to a response from local officials, the FBI and Department of Homeland Security. Up to 400,000 students were impacted with potential data exposed, including personal information, disciplinary records and assessments. The LA School District, the second largest district in the country, required all students to reset their passwords. Additionally, following the breach the CISA warned that the education sector is highly at-risk of attacks by ransomware by attack group Vice Society.

Vulnerabilities

  • Apple pushed out security fixes in mid-September to fix vulnerabilities in iPhone, iPad and Mac systems that were actively exploited. The patches were released for all iPhone 6 and later, all iPad Pro models, iPad Air 2 and later, and iPod touch 7 and later.
  • Australia’s commemorative 50-cent coin code was cracked by a 14-year-old in an hour. The limited-edition coin marks the 75th anniversary of the Australian Signals Directorate (ASD) and had four levels of encryption. Now the ASD is hoping to recruit the boy who cracked their encryption.
UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min