Sign up to save your podcasts
Or
Share Cyber Bites - 14th February 2025
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cyber Bites - 14th February 2025
* Chinese AI App DeepSeek Banned From Australian Government Devices
* OpenAI Data Breach Alleged: 20 Million Logins Reportedly Stolen
* Apple Removes Apps Infected with "SparkCat" Malware
* Australian Healthcare Sector Hardest Hit by Cyberattacks: Report
* Securing the No-Code SDLC: A New Approach Needed
Chinese AI App DeepSeek Banned From Australian Government Devices
https://www.sbs.com.au/news/article/chinese-ai-app-deepseek-banned-on-all-australian-government-devices/lm9udv4et
The Australian government has banned the use of the Chinese AI chatbot DeepSeek on all government-issued devices, citing national security concerns. This decision, effective immediately, follows warnings from intelligence agencies about the potential risks associated with the app.
The ban comes amidst growing global concerns about the security and privacy implications of AI technologies developed in China.
While the ban applies only to government entities, the government has urged Australians to be mindful of how their data is used online. This move follows a similar ban on the Chinese social media app TikTok earlier this year.
DeepSeek's rapid rise to prominence has sparked a global debate about the future of AI development and the potential for geopolitical competition in this emerging field.
OpenAI Data Breach Alleged: 20 Million Logins Reportedly Stolen
https://gbhackers.com/openai-data-breach/
A concerning claim has emerged on dark web forums, alleging the theft and subsequent sale of over 20 million OpenAI user login credentials.
The anonymous threat actor, who posted the claim, is offering the credentials for sale, raising serious concerns about the security of OpenAI's user data.
While the authenticity of this claim remains unconfirmed, the potential impact of such a breach is significant. OpenAI accounts are often used for critical tasks, including academic research, professional projects, and sensitive content generation.
OpenAI has not yet publicly addressed these claims. However, users are advised to take immediate precautions, such as changing passwords and enabling two-factor authentication, to protect their accounts.
This incident serves as a stark reminder of the ever-evolving cyber threat landscape and the importance of robust security measures for all online platforms, especially those handling sensitive user data.
Apple Removes Apps Infected with "SparkCat" Malware
https://www.macrumors.com/2025/02/06/apple-removed-screen-reading-malware-apps/
Apple has removed 11 iOS apps from the App Store after they were found to contain malicious code designed to steal sensitive information from users' devices.
Security firm Kaspersky discovered the malware, dubbed "SparkCat," which utilizes Optical Character Recognition (OCR) to scan user photos for sensitive data, such as cryptocurrency recovery phrases.
The malware targeted users in Europe and Asia, attempting to gain access to user photos and extract valuable information.
Apple also identified an additional 89 apps that had previously been rejected or removed from the App Store due to fraud concerns and found to contain similar malicious code.
This incident serves as a reminder for users to be cautious when downloading and installing apps from the App Store, particularly those from unknown developers. Apple recommends utilizing the App Privacy Report feature within the Settings app to monitor app access to sensitive data and avoid granting unnecessary permissions.
By taking these precautions and exercising caution when downloading apps, users can significantly reduce their risk of exposure to malware and other malicious threats.
Australian Healthcare Sector Hardest Hit by Cyberattacks
https://cybercx.com.au/resource/dfir-threat-report-2025/
https://www.smh.com.au/technology/healthcare-and-finance-the-hardest-hit-by-cyberattacks-20250205-p5l9ns.html
The Australian healthcare sector faced the brunt of cyberattacks in the past year, according to a new report from cybersecurity firm CyberCX.
The report revealed that healthcare accounted for 17% of all cyberattacks in Australia, followed by the financial services sector at 11%. The 2024 MediSecure data breach, impacting over 12 million Australians, stands as a stark reminder of the severity of these attacks.
The report highlights a concerning trend: a significant increase in the time it takes to detect cyber espionage incidents, now averaging over 400 days. This suggests that attackers are becoming more sophisticated and persistent, operating within networks for extended periods.
The report also emphasizes the growing prevalence of financially motivated attacks, with 65% of incidents driven by financial gain.
These findings underscore the critical need for enhanced cybersecurity measures across all sectors, particularly in healthcare and finance where sensitive data is highly valuable.
Securing the No-Code SDLC: A New Approach Needed
https://www.forbes.com/councils/forbestechcouncil/2025/02/10/securing-the-sdlc-for-no-code-environments/
Traditional software development relies heavily on a structured SDLC (Software Development Lifecycle) with security baked in at every stage. However, the rise of no-code development platforms has disrupted this model, presenting unique challenges for security teams.
No-code platforms, which empower citizen developers to create applications with minimal coding, often bypass crucial SDLC stages like planning, analysis, and design. This lack of structured oversight can lead to critical security vulnerabilities.
Traditional security measures, such as threat modeling and secure coding practices, are often impractical or inapplicable in the no-code environment.
To effectively secure no-code development, organizations must adapt their approach. This involves:
* Focusing on later stages: Shifting the focus towards later stages of the SDLC, such as implementation, testing, and maintenance, where security measures can be most effectively applied.
* Implementing real-time security detection: Integrating automated tools that can detect vulnerabilities in real-time within the no-code platform itself.
* Establishing robust testing and deployment policies: Mandating rigorous testing procedures and enforcing strict security checks before applications are deployed to production environments.
* Leveraging platform-level security: Advocating for no-code platforms to incorporate built-in security features, such as pre-configured secure connectors and automated compliance checks.
By adapting their approach and focusing on these key areas, organizations can empower citizen developers to innovate while ensuring the security and integrity of their no-code applications.
Special Thanks to Bradley Busch for contributing some of the interesting stories for this week’s cyber bites.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
View all episodes
By Edwin Kwan* Chinese AI App DeepSeek Banned From Australian Government Devices
* OpenAI Data Breach Alleged: 20 Million Logins Reportedly Stolen
* Apple Removes Apps Infected with "SparkCat" Malware
* Australian Healthcare Sector Hardest Hit by Cyberattacks: Report
* Securing the No-Code SDLC: A New Approach Needed
Chinese AI App DeepSeek Banned From Australian Government Devices
https://www.sbs.com.au/news/article/chinese-ai-app-deepseek-banned-on-all-australian-government-devices/lm9udv4et
The Australian government has banned the use of the Chinese AI chatbot DeepSeek on all government-issued devices, citing national security concerns. This decision, effective immediately, follows warnings from intelligence agencies about the potential risks associated with the app.
The ban comes amidst growing global concerns about the security and privacy implications of AI technologies developed in China.
While the ban applies only to government entities, the government has urged Australians to be mindful of how their data is used online. This move follows a similar ban on the Chinese social media app TikTok earlier this year.
DeepSeek's rapid rise to prominence has sparked a global debate about the future of AI development and the potential for geopolitical competition in this emerging field.
OpenAI Data Breach Alleged: 20 Million Logins Reportedly Stolen
https://gbhackers.com/openai-data-breach/
A concerning claim has emerged on dark web forums, alleging the theft and subsequent sale of over 20 million OpenAI user login credentials.
The anonymous threat actor, who posted the claim, is offering the credentials for sale, raising serious concerns about the security of OpenAI's user data.
While the authenticity of this claim remains unconfirmed, the potential impact of such a breach is significant. OpenAI accounts are often used for critical tasks, including academic research, professional projects, and sensitive content generation.
OpenAI has not yet publicly addressed these claims. However, users are advised to take immediate precautions, such as changing passwords and enabling two-factor authentication, to protect their accounts.
This incident serves as a stark reminder of the ever-evolving cyber threat landscape and the importance of robust security measures for all online platforms, especially those handling sensitive user data.
Apple Removes Apps Infected with "SparkCat" Malware
https://www.macrumors.com/2025/02/06/apple-removed-screen-reading-malware-apps/
Apple has removed 11 iOS apps from the App Store after they were found to contain malicious code designed to steal sensitive information from users' devices.
Security firm Kaspersky discovered the malware, dubbed "SparkCat," which utilizes Optical Character Recognition (OCR) to scan user photos for sensitive data, such as cryptocurrency recovery phrases.
The malware targeted users in Europe and Asia, attempting to gain access to user photos and extract valuable information.
Apple also identified an additional 89 apps that had previously been rejected or removed from the App Store due to fraud concerns and found to contain similar malicious code.
This incident serves as a reminder for users to be cautious when downloading and installing apps from the App Store, particularly those from unknown developers. Apple recommends utilizing the App Privacy Report feature within the Settings app to monitor app access to sensitive data and avoid granting unnecessary permissions.
By taking these precautions and exercising caution when downloading apps, users can significantly reduce their risk of exposure to malware and other malicious threats.
Australian Healthcare Sector Hardest Hit by Cyberattacks
https://cybercx.com.au/resource/dfir-threat-report-2025/
https://www.smh.com.au/technology/healthcare-and-finance-the-hardest-hit-by-cyberattacks-20250205-p5l9ns.html
The Australian healthcare sector faced the brunt of cyberattacks in the past year, according to a new report from cybersecurity firm CyberCX.
The report revealed that healthcare accounted for 17% of all cyberattacks in Australia, followed by the financial services sector at 11%. The 2024 MediSecure data breach, impacting over 12 million Australians, stands as a stark reminder of the severity of these attacks.
The report highlights a concerning trend: a significant increase in the time it takes to detect cyber espionage incidents, now averaging over 400 days. This suggests that attackers are becoming more sophisticated and persistent, operating within networks for extended periods.
The report also emphasizes the growing prevalence of financially motivated attacks, with 65% of incidents driven by financial gain.
These findings underscore the critical need for enhanced cybersecurity measures across all sectors, particularly in healthcare and finance where sensitive data is highly valuable.
Securing the No-Code SDLC: A New Approach Needed
https://www.forbes.com/councils/forbestechcouncil/2025/02/10/securing-the-sdlc-for-no-code-environments/
Traditional software development relies heavily on a structured SDLC (Software Development Lifecycle) with security baked in at every stage. However, the rise of no-code development platforms has disrupted this model, presenting unique challenges for security teams.
No-code platforms, which empower citizen developers to create applications with minimal coding, often bypass crucial SDLC stages like planning, analysis, and design. This lack of structured oversight can lead to critical security vulnerabilities.
Traditional security measures, such as threat modeling and secure coding practices, are often impractical or inapplicable in the no-code environment.
To effectively secure no-code development, organizations must adapt their approach. This involves:
* Focusing on later stages: Shifting the focus towards later stages of the SDLC, such as implementation, testing, and maintenance, where security measures can be most effectively applied.
* Implementing real-time security detection: Integrating automated tools that can detect vulnerabilities in real-time within the no-code platform itself.
* Establishing robust testing and deployment policies: Mandating rigorous testing procedures and enforcing strict security checks before applications are deployed to production environments.
* Leveraging platform-level security: Advocating for no-code platforms to incorporate built-in security features, such as pre-configured secure connectors and automated compliance checks.
By adapting their approach and focusing on these key areas, organizations can empower citizen developers to innovate while ensuring the security and integrity of their no-code applications.
Special Thanks to Bradley Busch for contributing some of the interesting stories for this week’s cyber bites.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com