The Digital Trust Digest is a curated overview of the week’s top cybersecurity news. Here are four things you need to know this week:
1. Spear phishing group targeting Facebook business and ads accounts has returned.
After initially being outed earlier this year, DUCKTAIL, as they are called by researchers from WithSecure, has returned with new methods for spreading their malware. DUCKTAIL targets individuals who appear to have access to Facebook business accounts and have recently been seen using WhatsApp.
DUCKTAIL uses the following techniques:
- A malware program contained within an archive. The malware is masquerading as a .pdf and is shared along with images and other files that appear to be part of the same project.
- This malware is digitally signed, previously by Sectigo, but under a Vietnamese company now. After being outed, they began to use GlobalSign as their certificate authority using six other Vietnamese businesses.
- Browser hijacking to steal Facebook session cookies and information allows DUCKTAIL to add email addresses they control to admin and finance editor roles on Facebook business accounts.
Learn more about DUCKTAIL’s attacks here.
2. OMB warns that we should be preparing now for quantum computing security threats.
The Office of Management and Budget (OMB) has told federal agencies to “prepare now” to implement encryption to counter the “threat posed by the prospect of a cryptanalytically relevant quantum computer (CRQC).”
OMB recommends updating cryptographic algorithms to prevent data that is encrypted and stolen now from being decrypted later by a future CRQC.
Their memo encourages federal agencies to partner with software vendors to “identify candidate environments, hardware, and software” to be used in the testing of post-quantum cryptography.
Read more in FEDweek.
3. Musk promises end-to-end encryption as part of Twitter 2.0.
Following in the footsteps of messaging platforms like Signal, WhatsApp, and iMessage, Musk confirmed plans to include end-to-end encryption (E2EE) for direct messages in the revamp of the Twitter platform called Twitter 2.0: “The Everything App.” E2EE has also been implemented by Google for one-to-one chats in its RCS-based Messages app for Android and by Facebook on Messenger for select users.
Along with E2EE, Twitter 2.0 will feature long-form tweets, payments, and subscription tiers to identify companies, governments, and individuals.
Read more about Twitter 2.0 here.
4. AI and machine learning are the breakout stars for strengthening cybersecurity.
In a world where bad actors move faster than most IT teams, CISOs are relying on AI and machine learning to harden their cybersecurity postures by scaling data analysis, increasing response speeds, and securing digital transformation projects.
Some examples of how CISOs are implementing AI and ML to support cybersecurity initiatives include:
- The cybersecurity skills shortage: companies need to get more done with fewer people and bridge the gap left by the need for cybersecurity workers.
- Endpoint recovery and asset management: Keyfactor’s State of Machine Identity Management survey highlights that endpoint recovery and asset management are highly prioritized due to how loosely managed their digital certificates are.
Need to catch up on the last digest’s headlines? Read them here.