Welcome reader to your CybersecurityHQ report.

Headlines

A backdoor has been found in major Linux distributions due to a supply chain attack targeting the XZ Utils data compression library. Discovered by Microsoft engineer Andres Freund, the attack involves malicious code embedded in versions 5.6.0 and 5.6.1 of the library, released in February 2024. Affected distributions include Fedora, openSUSE, Kali Linux, and Arch Linux. CISA and other authorities have already sent out alerts, advising that organizations downgrade to uncompromised versions of XZ Utils, such as 5.4.6.

The attacker, identified as Jia Tan (or JiaT75), introduced the backdoor by modifying the library's code in early 2024 — the result of a three-year campaign.

The integrity of Incognito mode has always been suspect, but now Google has reached an agreement to delete billions of records as part of a settlement in a lawsuit alleging it clandestinely tracked the internet activity of users who believed they were browsing privately. Filed in the Oakland, California federal court, the settlement awaits approval by US District Judge Yvonne Gonzalez Rogers. While Google will pay no damages, users retain the right to sue for compensation individually. 

The lawsuit, initiated in 2020, concerns millions of Google users who utilized private browsing from June 1st, 2016. Allegations include Google's use of analytics, cookies, and apps to track individuals in Incognito mode. Terms of the settlement compel Google to update disclosures regarding data collection in private browsing and enable Incognito users to block third-party cookies for five years.

The United Kingdom's independent nuclear safety regulator will prosecute Sellafield Ltd, the company managing the Sellafield nuclear waste site. The regulator alleges Sellafield accumulated cybersecurity offenses from 2019 to 2023, though it states public safety was not compromised. This is not Sellafield's first cybersecurity issue. Last year's nuclear industry report and a 2022 newspaper article raised concerns over past cyber breaches and alleged coverups by Sellafield staff. 

Sellafield was Europe's largest nuclear site, housing vast radioactive waste stores. The regulator deems it "one of the most complex and hazardous nuclear sites in the world," likely why the cybersecurity failings raise alarms. While cyberattacks on plants are rare, the potential damage is concerning given Sellafield's hazardous materials, despite its reactor being non-operational since 2003.

Interesting Read

Wired Magazine always has compelling write-ups in the world of cybersecurity, including this breakdown of the XZ backdoor in Linux — brought to you by Dan Goodin of Ars Technica. We covered the attack in our lead story in this newsletter, but the article gives you in-depth information on this major news story.

The backdoor’s presence undermines the trust in open source. As we wait for the long-term fallout of the event, this write up gives us an excellent explainer to wrap our heads around what happened and why.

Employment Tip: Demonstrate You Are Up-to-Date

Cybersecurity is a career that never lets you put your guard down. For that reason, cybersecurity professionals who can demonstrate an ability to stay on the cutting edge of the field have a major leg up when trying to find a new position. One way to demonstrate this is by running a blog where you present yourself as a thought leader. For those less writing-inclined, you can always gather new certificates and professional development hours.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team