The Top Cybersecurity News Stories This Month: October 2023

Oct 31

Halloween cyber attack round up Onyxia Cyber

Happy Halloween! Prepare for mystifying tales about the darkest dark web incidents like monstrous DDoS attacks, creepy bugs on the loose, and a very ghostly occurrence at Kwik Trip. Whether it be trickery or threat, it's bound to leave you frightened and intrigued. These are the spookiest cybersecurity news stories of October.

1. The Largest Ddos Attack In History

Source: ZDNET: Security

The LARGEST DDoS attack in history on Google Cloud peaked at 398 million RPS. It started in August 2023 but was first reported on October 10, making it our scarring story of the month. This monstrous attack was 7.5 times larger than the largest prior.

The attackers used a new attack method called “rapid reset.” The scariest part is that these attacks “continue to this day.” Thankfully, we have nothing to fear because customers have experienced no delay in service. It also led to a great amount of sharing. Strategies to defend against these attacks have been quickly adopted by most large infrastructure providers.

2. Access To Police Social Media Portal For Sale

Source: Security Affairs

Facebook and instagram’s police portal is where law enforcement can request users' data, remove their posts, and ban them. These abilities help them enforce the law. A spine-chilling threat actor has accessed this portal and is selling access to it for $700.

It is unknown whether the threat actor gained access through someone at Meta or someone involved in law enforcement. Either way, this is a serious hazard to user privacy. The threat actor posted on Breach Forums about possible malicious uses like subpoenas, emergency data requests, and account suspensions.

ICYMI Friday Afternoon: Okta warned that hackers broke into its support case management system and stole sensitive data that can be used to impersonate valid users - https://t.co/NanwSNzT5z
— SecurityWeek (@SecurityWeek) October 22, 2023

3. Okta Has Been Horribly Hacked

Source: Security Week

Okta is a tech firm for identity and access management. It was horribly and mysteriously hacked so that the threat actor has the ability to impersonate valid users. The threat actor gained access to an HTTP Archive file, usually used for troubleshooting by performing browser activity, that includes cookies and session tokens which can be used to impersonate a user.

The advice that Okta is offering to users is to sanitize cookies and session tokens that are within HTTP Archive files before allowing others to view it. They also recommended users to search System Logs for suspicious activity. The BeyondTrust security firm was affected by this hack. A third-party organization facing an attack through Okta has happened before, for example Okta customers once faced a financial cybercrime campaign named oktapus. 🐙

4. Apple Cursed: A Quartet Of Paranormal Bugs With Mutant Abilities And Privileges Invade

Source: The Register

On October 25th Apple sent out security fixes for a vulnerability that allows for arbitrary code to be implemented with kernel privileges. It is the second patch Apple has released to fix it (the same issue was addressed in July). The vulnerability is called TriangleDB.

Kaspersky researchers found the bug and they found it so creepy and crawly they reported it to Apple right away. The researchers involved were Georgy Kucherin, Leonid Bezvershenko, Boris Larin, and Valentin Pashkov. This threat intel team was studying a spying feat called “Operation Triangulation.” Through this process they also detected three other horrific bugs that were also used for spying.

If you want to check your phone for suspicious TrangleDB activity you can use Kaspersky’s “triangle check tool”.

5. Unsettled Business At Kwik Trip

Source: Bleeping Computer

Business was unsettled in early October when Kwik Trip, a chain of convenience stores, was undergoing a suspected ransomware attack. IT systems were experiencing outages. Though a ransomware attack was a possibility, sources of authority on this matter were cryptic and vague. They didn't give a reason for the outage or other effects of the unknown source like payment issues, email issues, and phone issues.

The most critical problem was that customers were not able to use their saved rewards to buy gas/produce. Signs explaining the unfortunate circumstances were hung so that the store could communicate the nightmare which they described as a “network incident” to their customers.

For all the latest cybersecurity news download our free mobile app, Onyxia: Cybersecurity Intel, available on iOS and Google Play stores.