Cybersecurity Roundup March 2024

Related Content

Want to keep learning?

Subscribe to SSL.com’s newsletter, stay informed and secure.

AT&T Confirms Massive Data Breach Impacting 73 Million Customers, Including Compromised Passcodes 

After initially denying the authenticity of a leaked dataset containing sensitive information of 73 million customers, AT&T has finally confirmed the data breach. The telecommunications giant revealed that the compromised data, which appears to be from 2019 or earlier, affects approximately 7.6 million current AT&T account holders and 65.4 million former account holders. The leaked information includes names, addresses, phone numbers, and, in some cases, social security numbers and birth dates. Additionally, AT&T disclosed that security passcodes used to secure accounts were also compromised for 7.6 million customers, prompting the company to reset these passcodes. Despite the confirmation, AT&T maintains that there is no indication their systems were breached. The company has pledged to notify all affected customers and provide guidance on the next steps they should take to protect their accounts. The incident highlights the importance of regularly monitoring personal information for potential breaches and taking proactive measures to secure online accounts. 
SSL.com Insights: To fortify their defenses against data breaches like the one AT&T experienced, companies should implement stringent access controls and encryption methods for sensitive data, ensuring that only authenticated individuals can access critical systems. Regularly updating and monitoring security protocols can prevent unauthorized access and identify breaches quickly. SSL.com’s Client Authentication certificates can significantly enhance security by authenticating the identity of individuals accessing the system, providing an extra verification step beyond passwords. By integrating ClientAuth Certificates into their security architecture, organizations can ensure a higher level of protection for their sensitive data and systems.

Fortify your network security with SSL.com’s Client Authentication certificates and safeguard sensitive data! 

Enhance Security

Linux Servers Targeted by Stealthy DinodasRAT Malware in Global Espionage Campaign    

Researchers have uncovered a Linux variant of the DinodasRAT malware, also known as XDealer, that has been targeting Red Hat and Ubuntu systems since 2022. Previously observed compromising Windows systems in government-focused espionage campaigns, the Linux version of DinodasRAT has managed to stay under the radar until recently. The malware employs sophisticated techniques to ensure persistence, secure communication with command and control servers, and evade detection. With a wide range of capabilities, including monitoring user activities, executing commands, managing processes, and providing remote shell access, DinodasRAT grants attackers complete control over the compromised Linux servers. The malware has been utilized by threat actors to gain and maintain access to targeted systems, primarily for data exfiltration and espionage purposes. Since October 2023, victims have been identified in China, Taiwan, Turkey, and Uzbekistan, highlighting the global reach of this stealthy espionage campaign. 
SSL.com Insights: To defend against the DinodasRAT malware that targets Linux servers, it’s critical for companies to strengthen their defenses by setting up barriers that inspect and filter incoming and outgoing internet traffic for malicious activities. They should also ensure that data passing between their internal network and the wider internet is examined for potential threats, making it harder for malware to penetrate their systems. Regularly scanning and testing their own networks and applications for vulnerabilities can help identify weak spots before attackers do. Educating their IT staff on the latest cybersecurity threats and response strategies can empower them to act swiftly and effectively, ensuring that their systems are protected against such sophisticated attacks.

Researchers Expose Vulnerabilities in US Truck Fleet’s Electronic Logging Devices, Enabling Widespread Disruption

Researchers from Colorado State University have uncovered significant vulnerabilities in Electronic Logging Devices (ELDs) that are mandatory in most medium- and heavy-duty commercial trucks in the United States. These security flaws, which could potentially affect over 14 million vehicles, allow attackers to access the devices via Bluetooth or Wi-Fi connections, granting them the ability to control the truck, manipulate data, and spread malware between vehicles. The researchers demonstrated three attack scenarios, including a drive-by attack, malicious firmware upload, and a highly concerning truck-to-truck worm that can autonomously infect nearby vulnerable ELDs. The worm exploits default device settings, such as predictable Bluetooth identifiers, Wi-Fi SSIDs, and weak passwords, to establish connections and propagate itself. In a real-world simulation, the researchers successfully compromised a truck’s ELD and slowed down the vehicle within just 14 seconds while both the attacker’s car and the targeted truck were in motion. The findings underscore the urgent need for improved security measures in ELD systems to prevent potential widespread disruptions in commercial fleets, which could have severe safety and operational consequences. The researchers have disclosed the vulnerabilities to the ELD manufacturers and the US Cybersecurity and Infrastructure Security Agency (CISA), with the manufacturer currently working on a firmware update to address the issues. 
SSL.com Insights: To mitigate vulnerabilities in Electronic Logging Devices (ELDs) and safeguard commercial fleets from cyberattacks, companies should enhance device security by updating firmware, strengthening authentication processes, and securing network communications. Incorporating encryption and authentication solutions, such as SSL/TLS certificates, on IoT devices can prevent unauthorized access and data manipulation. SSL.com’s IoT solutions offer robust security for smart devices in the transportation sector by providing trusted SSL/TLS certificates that ensure data integrity and confidentiality across communication networks. By leveraging these solutions, organizations can protect their fleets from malicious attacks, ensuring operational continuity and safety. 

Secure your fleet with SSL.com’s IoT Solutions and ensure safe, encrypted vehicle communications!  

Enhance Security

US Government Ramps Up Efforts to Counter Growing Cyber Threats to Satellites and Space Infrastructure

As the reliance on satellites and space systems for critical services such as GPS navigation, communications, and weather forecasting continues to grow, the Biden administration and Congress are intensifying their efforts to address the increasing cyber threats to these vital assets. Experts warn that a widespread cyberattack on satellites could have far-reaching consequences, disrupting everything from national security to economic stability, and that the barrier to entry for such attacks is significantly lower compared to deploying nuclear weapons in space. Russia, among other nations, has already demonstrated its capabilities in this domain, as evidenced by the 2022 cyberattack on Viasat that caused major disruptions to Ukrainian military communications and civilian internet access across Europe. The federal government has taken steps to bolster space security, including the establishment of the Space Force and its focus on cybersecurity, as well as CISA’s plans to examine performance goals and strengthen its ability to support organizations relying on space-based capabilities. However, some experts argue that more needs to be done, such as designating space as a critical infrastructure sector and including it in the revised version of the Obama-era policy directive. As the threats continue to escalate, it is crucial for the government and private sector to collaborate and prioritize the protection of these essential space assets.
SSL.com Insights: The heightened focus by the Biden administration and Congress on countering cyberattacks against satellites marks a critical juncture for cybersecurity, recognizing the evolving battlefield in space. As satellites become integral to national security and everyday communication, protecting these assets from cyber threats is paramount to maintaining global stability and safety. SSL.com underscores the significance of robust encryption and authentication mechanisms to shield space-based communication networks from unauthorized access. Our commitment to deploying advanced encryption solutions extends to the realm of space, ensuring secure data transmission and safeguarding vital infrastructure against cyber adversaries.

SSL.com Announcements

SSL.com’s S/MIME Certificates can now be integrated with an LDAP-enabled network

LDAP (Lightweight Directory Access Protocol) is an industry-standard protocol for accessing and managing directory information services. It is commonly used for storing and retrieving information about users, groups, organizational structures, and other resources in a network environment.

Integrating LDAP with S/MIME certificates involves utilizing LDAP as a directory service to store and manage user certificates. 

By integrating LDAP with S/MIME certificates, organizations can centralize certificate management, enhance security, and streamline the process of certificate retrieval and authentication in various applications and services that leverage LDAP as a directory service.

Contact sales@ssl.com for more information on LDAP integration. 

Single Sign On (SSO) can now be enabled for SSL.com accounts 

SSL.com users can now activate Single Sign On (SSO) for their accounts. This feature allows users to link their Google, Microsoft, GitHub, and Facebook accounts to their SSL.com accounts. Once linked and logged in to any of the four service providers mentioned, there is no need for users to repeatedly login to their SSL.com accounts with their username and password.  The adoption of SSO by SSL.com represents a commitment to maintaining high security standards while providing a user-friendly environment, ultimately fostering a safer and more secure online experience for its users.   

Automate Validation and Issuance of Email Signing and Encryption Certificates for Employees 

< p align=”justify”>Bulk enrollment is now available for Personal ID+Organization S/MIME Certificates (also known as IV+OV S/MIME), and NAESB Certificates through the SSL.com Bulk Order Tool. Bulk enrollment of Personal ID+Organization S/MIME and NAESB Certificates has the additional requirement of an Enterprise PKI (EPKI)  Agreement. An EPKI Agreement allows a single authorized representative of an organization to order, validate, issue, and revoke a high volume of these two types of certificates for other members, thereby enabling a faster turnaround in securing an organization’s data and communication systems. 

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.