Welcome reader to your CybersecurityHQ report.

Headlines

New Zealand’s intelligence services have launched accusations of cyber attacks against China, saying the country orchestrated a state-sponsored hack on its parliament in 2021. This disclosure coincides with similar accusations from Britain and the US, forming a broader condemnation of China's alleged cyber espionage. Foreign Minister Winston Peters denounced the interference, urging China to cease such activities. The New Zealand government linked the cyber attack to a Chinese state-sponsored actor, Advanced Persistent Threat 40 (APT40), affiliated with the Ministry of State Security.

Although no sensitive information was compromised, technical data enabling more intrusive actions was possibly accessed. The international community, including Australia, joins in denouncing such alleged interference. Additionally, concerns were raised about New Zealand citizens providing military training to China, posing significant national security risks. A spokesperson for the Chinese Embassy in New Zealand responded to the claims in an email, saying, “We have never, nor will we in the future, interfere in the internal affairs of other countries, including New Zealand. Accusing China of foreign interference is completely barking up the wrong tree.”

In a recently published warning (PDF), the US cybersecurity agency CISA and the FBI urge software makers to remove SQL injection vulnerabilities from their products. These flaws, known as SQLi, pose severe risks to customers — seen in the highly publicized cyberattack on MOVEit Transfer last year. In the document, CISA and the FBI advise technology executives to assess their code for SQLi weaknesses and for customers to inquire if such reviews have been conducted. If vulnerabilities are found, immediate action should be taken to eradicate them from current and future software.

Employing a secure-by-design approach during development can effectively address SQLi vulnerabilities, reducing cybersecurity burdens and public risks. SQLi exploits occur due to developers' oversight of security practices, allowing user input to be treated as executable code. To prevent these vulnerabilities, developers should utilize parameterized queries, separating SQL code from user input. Additionally, software makers are encouraged to prioritize proactive security measures and embrace transparency when disclosing vulnerabilities.

The Checkmarx blog reports that multiple high-profile Python developers (including the team behind Top.gg) fell victim to a sophisticated supply chain attack when they unknowingly downloaded a malware-infected clone of the popular tool Colorama. The attackers created a fake mirror domain, leveraging typosquatting to deceive developers into downloading the malicious version of Colorama. By hijacking accounts and adding malicious commits to repositories, they spread the infected package.

Interesting Read

Robert Lemos, writing for DarkReading, covers the state of cybersecurity in Africa as 18 countries across the continent prepare for elections in 2024. Recent years have seen a spat of disinformation campaigns and state hacks — causing a lot of anxiety in a year when so many important elections are going to be held.

This long read gives a great analysis of the situation, and it highlights just how critical cybersecurity is for a more peaceful world.

Employment Tip: Build a Strong Online Presence

Your online presence can be a make-or-break factor in the next phase of your career. Create a professional LinkedIn profile showcasing your skills, experience, and achievements in cybersecurity — while also connecting you to all the people in the industry you know. That makes a great impression on possible employers, and it also boosts your chance of being found by a headhunter looking to fill your dream role.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team