We have brought together the most important news of the week from the world of cyber security.

WhatsApp announces new privacy features

Meta head Mark Zuckerberg announced the introduction of new features focused on improving privacy in WhatsApp messenger.

These include the ability to control who can see your online status, leave groups without notifying all members, and restrict message screenshots.

The media learned how the Russian Federation established control over the Internet in occupied Kherson.

A few weeks after Russia invaded the Ukrainian Kherson, the Russian military came to the offices of local Internet providers and demanded to relinquish control over their networks. It is reported by The New York Times.

After that, Kherson mobile and Internet traffic was routed through Russian networks. Later, access to Facebook, Instagram and Twitter was blocked, and Ukrainian cellular networks were also closed, forcing residents to use the services of Russian mobile operators.

The publication noted that a similar situation was observed in other cities occupied by the Russian army.

The authors noted that restricting access to the Internet is “part of Russia’s strategy”:

“[Она] this has made regions of Ukraine vulnerable to an extensive system of digital censorship and surveillance. RF can monitor web traffic and digital communications, distribute propaganda and manage news.”

Hackers tried to attack the deBridge protocol

The deBridge cross-chain communication and liquidity transfer protocol has become the target of a cyberattack. There’s probably the Lazarus band behind him, knowledgeable project co-founder Alex Smirnov.

The attackers sent deBridge employees a letter on his behalf called “New salary adjustments”. Most team members immediately reported the suspicious email, but one of them downloaded everything and opened the file. The attack was not successful, but it did help deBridge learn its features.

“The attack vector is as follows: the user clicks on a link from the email, downloads and unpacks the archive, tries to open the PDF, but the PDF asks for a password. The user opens password.txt.lnk and infects the entire system,” explained Smirnov.

He added that the attack did not affect macOS users, but Windows-based systems were at risk.

Experts mentioned a phishing campaign targeting users of Coinbase, MetaMask, Kraken and Gemini.

Throughout 2022, attackers created phishing pages on Google Sites and Microsoft Azure to steal cryptocurrency wallets and accounts from Coinbase, MetaMask, Kraken and Gemini. That’s what Netskope Threat Labs experts have said.

Advertising phishing pages is done in comments on other sites, mostly blogs. Sites imitate various cryptocurrency platforms.

In the future, attackers gain access to the core phrases, logins, and passwords of victims who enter this data on fake pages.

“Netskope strongly recommends that users never enter credentials after clicking a link. Instead, always go directly to the site, ”explained experts.

Taiwan Starts Using Ethereum-Based IPFS to Protect Against Cyber ​​Attacks

Decrypt writes that Taiwan’s Ministry of Digital Affairs has implemented IPFS technology to secure its infrastructure.

The ministry said it launched the initiative on the same day that China began military exercises near Taiwan, following the visit of US House of Representatives Speaker Nancy Pelosi.

Attackers attack Twilio and Cloudflare with phishing SMS

Cloud software provider Twilio has reported a phishing attack on company employees. The attackers then gained access to Twilio customers’ internal systems and data.

An SMS was sent to employees, allegedly from the company’s IT department, asking them to log in using a link to reset their passwords.

As soon as the attack was detected on Twilio, the security team revoked access to the compromised employee accounts. However, the attackers obtained the data of about 125 of the firm’s customers.

Hackers used similar methods to attack Cloudflare employees, but the attackers were unable to gain access to the latter’s system.

Also on ForkLog:

What to read on the weekend?

In our special article, we explain why Telegram is not the best solution for protecting privacy:

Read ForkLog bitcoin news in our Telegram – cryptocurrency news, courses and analysis.