InfoSecSam Newsletter #5

Recent News

Time-up For TikTok?

ByteDance, the owner of TikTok, would rather shut down TikTok than sell it! A decision spurred by US legislation is mandating a sale of TikTok or a total ban due to concerns over Chinese influence (allegedly!).

Despite CEO Shou Zi Chew's pledge to challenge the law, ByteDance may opt for closure if legal efforts fail. However, selling poses challenges due to TikTok's global revenue distribution and the complexity of separating its algorithms, essential to the app's functionality, from ByteDance's other platforms.

UK Bigger Brother

The UK's Investigatory Powers Bill has been approved despite opposition. The bill widens digital surveillance powers and allows authorities to gather more data.

Tech companies and privacy campaigners have strongly opposed the bill's potential negative impacts.

Is this a necessary move or is this crossing the line?

Android’s Trojan Trouble

A new Android trojan named Brokewell is causing concern, capable of stealing user data and granting attackers control over infected devices. This sneaky piece of malware is distributed via fake app updates, it mimics legitimate apps to steal credentials and browser cookies.

Brokewell logs device events, records audio, and even allows screen streaming, giving attackers full control of your device. Google Play Protect offers some defence, but users need to be extra careful when downloading updates.

Google’s Cookie Crumbles

Google's move to phase out third-party cookies in Chrome has crumbled. The move is delayed until 2025 due to discussions with the UK's Competition and Markets Authority (CMA) and Information Commissioner's Office (ICO).

The move, part of Google's Privacy Sandbox initiative, aims to enhance privacy while maintaining free online services. However, concerns from the ad industry and regulatory feedback have led to it being delayed.

Career Development

Cybrary.it

Cybrary provides a wide range of free and paid for training courses which are conveniently aligned to various career paths such as a SOC Analyst and Penetration Tester.

It’s worth signing up and exploring the platform to find the training that suits your goals.

Free Cloud Threat Landscape

Cloud security firm Wiz has developed a comprehensive threat intelligence database of cloud security incidents, actors, tools and techniques; all available for free.

I have personally used this for my day to day work and find it a great resource of reference for risk assessments, threat intelligence, etc.

Other News

• Darktrace Dollars - Private equity investor, Thoma Bravo, has acquired cybersecurity firm Darktrace for $5.3B after failing to do so in in 2022.

• Too Many Trees - A Ghana man studying forestry in Alabama set a world record for most trees hugged in an hour when he hugged 1,123 trees.

• Ice-Cream Gone - Milan is proposing a new law to ban ice cream after midnight in an effort to protect the "tranquillity" of residents.

If you found this interesting, forward it on!

If you’re new here, subscribe here!