Canada Flipper Zero ban and new RustDoor macOS malware
Canada decides to ban Flipper Zero devices in car-theft crackdown, new Rust-based macOS backdoor impersonates Visual Studio update and France health insurance breach. Catch all this and more in this week’s edition of Cybersecurity Weekly.
See Infosec IQ in action
1. Canada moves to ban Flipper Zero over car theft concerns
The Canadian government has announced plans to ban the Flipper Zero and similar gadgets. The move comes after a national summit on auto theft revealed the devices' role in the surge of car thefts across the country. Industry Minister François-Philippe Champagne highlighted the theft of 90,000 vehicles annually, leading to $1 billion in losses. The ban aims to curb the importation, sale and use of such hacking tools.
2. New RustDoor macOS backdoor imitates Visual Studio update
Bitdefender recently discovered a new macOS backdoor linked to ransomware groups Black Basta and Alphv/BlackCat. Dubbed RustDoor, the malware specializes in file harvesting and system information collection. Researchers found variants of RustDoor impersonating a Visual Studio update and sending data to a command-and-control server. These capabilities underscore the malware’s potential to compromise a wide range of macOS systems.
3. Cyberattack on French healthcare payment service providers affects 33 million citizens
The Commission Nationale de l'Informatique et des Libertés (CNIL) recently disclosed data breaches at French healthcare payment service providers Viamedis and Almerys. The hack exposed the sensitive personal information of 33 million French citizens, prompting a thorough investigation into the security measures of both firms. Exposed data includes names, dates of birth and social security numbers of individuals. CNIL is taking steps to ensure the providers inform affected individuals directly and implement measures to prevent future breaches.
4. Hyundai Europe becomes a victim of Black Basta ransomware campaign
Hyundai Europe recently suffered a breach where the Black Basta ransomware group allegedly stole three terabytes of corporate data. Initially reported as IT issues, the carmaker confirmed the cyberattack after further investigation. Multiple departments were targeted, including legal, sales, HR and IT. Hyundai is now working with cybersecurity and legal experts to mitigate the damage and has notified relevant authorities.
5. Raspberry Robin malware gets new upgrades with Windows exploits
Check Point reports the Raspberry Robin malware is using new exploits for quicker privilege escalation. Linked to Storm-0856, the malware helps spread ransomware and has upgraded attack methods. Researchers also found that it exploits vulnerabilities like CVE-2023-36802 before they're public. With improved anti-detection and updated access methods, Raspberry Robin raises threats to systems that are yet to be patched.
Phishing simulations & training