Cybersecurity News – Privacy Activists Target Tech Giant, UK Privacy Regulator, Mailchimp Cyberattack

ByBrad Slavin

Since email security is an ever-changing landscape, organizations and individuals must focus on the most relevant issues to stay one step ahead of adversaries. The article combines the latest email security-related news, which will bring you up to speed with the evolving threat landscape.

1.Google May Invite Penalty After Privacy Activists Target The Tech Giant Over French ‘Spam’ Emails

A European group of activists, who go by the name NOYB (None of Your Business), said that Google infringes upon EU law by sending people direct advertising messages through Gmail.

The group, having a long history of fighting the tech giant on data privacy, sent screenshots to the French data regulator CNIL, showing marketing messages pinned on top of the user’s inbox. CNIL is the most active authority in Europe, which has earlier fined Google and Facebook heavily. The activists’ group attached the following explanations with its complaint:

  • The emails were marked with a green check box and contained the word “annonce”, meaning advert in French.
  • Under EU law, such marketing practice is permitted only after the user consents to it.
  • Spam is commercial communication sent without the user’s consent, which is illegal.
  • One cannot call spam legal if it gets generated by an email provider.

CNIL confirmed that it received the complaint, but there is currently no response from Google. Facebook’s parent company Meta and Google are embroiled in a long-running battle in Europe over their data collection practices.

The French regulator had earlier fined Google $150 million (150 million euros) and Meta 60 million euros in December because they failed to provide users with an opt-out option for cookies. These files track users across the web. The two tech giants are also facing scrutiny over their practice of forwarding EU residents’ personal data to servers in the United States.

2.Halfords Faces a £30,000 Fine From The UK Privacy Regulator for Spam Deluge

The high street retailer was fined under the Privacy and Electronic Communications Regulations (PECR) for breaking the UK law governing nuisance marketing. The regulations protect consumers from online tracking, excessive marketing, and related offenses.

The Information Commissioner’s Office (ICO) said the bike shop chain forwarded 498,179 emails to customers promoting a “Fix Your Bike” government voucher scheme. It further stated that:

  • The emails encouraged customers to book a free bicycle assessment.
  • Then, it asked them to redeem a £50 government voucher for the cost of repairs at Halfords stores.
  • Halfords tried to defend its decision to send emails to people without their informed consent by terming it their “legitimate interest” upon investigation.
  • However, since the email advertised a service offered by Halfords, which generates income from the “legitimate interest”, the ICO said it could not be termed as an alternative to consent.

Andy Curry, Head of investigations at ICO, said that it violates consumers’ privacy rights and is downright annoying. Halfords is a household name in the UK, and they expect such organizations to know and act better. He further added that the incident does not reflect the internal advice or processes; hence, a fine was imposed on the firm.

“Such incidents act as a reminder for similar organizations who must review their electronic marketing operations because we will take appropriate actions if they break the law,” he said.

3.DigitalOcean Says Some Customers Impacted From Recent Mailchimp Cyberattack

DigitalOcean, the Cloud infrastructure provider, announced this week that a recent cyberattack targeting Mailchimp might have compromised the email addresses of some of its consumers. The marketing platform Mailchimp announced that it had suspended several accounts responding to a cyberattack targeting its crypto-related users via “sophisticated social engineering and phishing tactics.”

Mailchimp further added that:

  • It had suspended the accounts to safeguard user data.
  • 214 user accounts got impacted.
  • It quickly acted to notify the primary contacts of impacted customers and implement additional enhanced security measures.

However, DigitalOcean said it discovered the Mailchimp account compromise roughly a week ago when its account got suspended abruptly without notification from Mailchimp. Eventually, an email arrived from Mailchimp claiming that the account was suspended for violating terms of use, but the cyberattack was officially confirmed only after DigitalOcean contacted Mailchimp.

DigitalOcean’s official communication says that Mailchimp formally notified them on August 10 about an attacker who compromised Mailchimp’s internal tooling and got unauthorized access to their accounts. DigitalOcean had already begun investigating the incident after a customer notified them about their password getting reset.

The Mailchimp account compromise exposed a few DigitalOcean customer email addresses and follow-up attempts to access DigitalOcean accounts via password reset. The company noted that the attacker made attempts from the same IP address, but not all password resets were successful. The cybercriminals could not access the accounts because of two-factor authentication even after resetting the passwords successfully.

DigitalOcean added that its security incident response team swung into action and notified the affected customers about the breach. It also moved its critical services from Mailchimp to other email service providers.

4.CISA Warns of Hackers Exploiting Multiple Vulnerabilities in the Zimbra Collaboration Suite

The CISA (Cybersecurity and Infrastructure Security Agency) posted a recent advisory that warns about threat actors actively exploiting Zimbra Collaboration Suite’s (ZCS) five exclusive vulnerabilities.

The CISA compiled the document in collaboration with the MS-ISAC (Multi-State Information Sharing & Analysis Center), which explains how cybercriminals may target unpatched ZCS vulnerabilities in private and government sector networks.

The first discovered vulnerability (CVE-2022-27924) is a high-severity vulnerability that enables an unauthenticated attacker to overwrite the arbitrary cached entries and inject arbitrary Memcache commands into the ZCS instance.

“Thus, the threat actor can steal the ZCS email credentials in cleartext form without user interaction,” the advisory read.

According to the document, the second and third vulnerabilities are chained (CVE-2022-27925, CVE-2022-37042, respectively). The former enables an authenticated user to upload infected files into the system; the latter is an authentication bypass vulnerability.

The remaining Zimbra vulnerabilities, according to the CISA report, are:

  • CVE-2022-30333 is a directory traversal vulnerability (high severity) in RARLAB UnRAR on UNIX and Linux.
  • CVE-2022-24682, a vulnerability impacting ZCS webmail clients (medium-severity).

While Zimbra patched the vulnerabilities between May and late July, CISA recommended administrators hunt for malicious activity through third-party detection signatures.

Similar Posts

How SPF Can Help Organizations in Improving Email Security and Thwarting Spam, Phishing, and Email Spoofing

How SPF Can Help Organizations in Improving Email Security and Thwarting Spam, Phishing, and Email Spoofing

ByBrad Slavin

Email security is of utmost importance for any business today. Email continues to remain the primary means of business communication, and as such, the concerns regarding unwanted spam emails, email spoofing, phishing, and other email attacks are justified. Email authentication standards, such as SPF, are the best tool in any organization’s arsenal against email threats….

DKIM Explained: How DKIM Works and Why is DKIM Important for Organizations?

DKIM Explained: How DKIM Works and Why is DKIM Important for Organizations?

ByBrad Slavin

DKIM is one of the security standards to improve email security and prevent phishing, spoofing, and email spam. This text explains what DKIM is, how DKIM works, DKIM records, why DKIM is essential, why you need to use DKIM, and answers DKIM FAQs. What is DKIM? DomainKeys Identified Mail, known as DKIM, is an email…

Learning to Setup SPF, DKIM, and DMARC in Google Workspace

Learning to Setup SPF, DKIM, and DMARC in Google Workspace

ByBrad Slavin

In November 2022, the Google Workspace team saw a spike in phishing and spoofing emails targeted toward Gmail users. As a result, Google blocked almost 231 billion emails in just two weeks. That’s why experts suggest configuring SPF, DKIM, and DMARC records in Google Workspace, and this guide explains the steps for that.  Setting Up…

How do DMARC, SPF, and DKIM Work in Tandem to Provide Email Security?

How do DMARC, SPF, and DKIM Work in Tandem to Provide Email Security?

ByBrad Slavin

DMARC, SPF, and DKIM can improve your organization’s email security by authenticating incoming emails. This post discusses how DMARC, SPF, and DKIM work and how to create DMARC, SPF, and DKIM records. Since the preferred mode of communication for organizations, businesses, and individuals worldwide is email, avoiding phishing and spam becomes the top priority to…

Detecting DMARC Issues Through Pentesting
| |

Detecting DMARC Issues Through Pentesting

ByBrad Slavin

Pen testing or penetration testing is defined as an authorized and strategized simulated cyberattack performed to explore the vulnerabilities of a technical system.  Sounds complicated? Here’s a simpler explanation- So, companies hire a penetration tester who breaks into their system just like a hacker would do. They try to take note of all the security…