Hello and welcome to yet another This Week on iTP rundown where we list the top stories from the past week!
This week's top five stories largely revolves around vulnerabilities, exploits, and cybersecurity. The online world can be a pretty scary place if you do not how to protect yourself and, well, you will see what happens when things go south in that regard.
Without further ado, let's get started with our rundown!
5. Online Marketplace Selling Names, Social Security Numbers of 24 Million Americans Taken Offline
Coming in at number five is our story about an online marketplace that has victimized 24 million Americans being taken down by law enforcement.
SSNDOB, the online marketplace in question, was selling personal information of their victims, including their names, social security numbers, and dates of birth. The site was taken down thanks to the joint operation involving the Department of Justice (DOJ), Federal Bureau of Investigation (FBI), Internal Revenue Service (IRS), and the Cyprus police.
4. US Local Governments Targeted in Phishing Campaign That Exploits Windows Zero-Day Vulnerability
We regularly cover stories about zero-day vulnerabilities, exploits, and their patches here on iTech Post. This story coming in at number four is one that is about an exploited zero-day vulnerability that has allowed attackers to target local governments in the United States.
The zero-day vulnerability is known as Follina has also been used to target governments in Europe, according to our report.
3. Stellantis Pleads Guilty to Diesel Emissions Fraud, Conspiracy
Stellantis, best known as the parent company of automobile brands Dodge and Jeep, has pleaded guilty "to criminal conspiracy charges stemming from its efforts to hide the amount of pollution created by its diesel engines."
The company has been accused of planting illegal software that is meant to evade emissions testing. Stellantis has agreed to play $300 million in fines as well as to submit compliance reports related to the Clean Air Act.
Related Article: #ThisWeekOnITP: Google Embraces Woke Culture, What You Need to Know About the iPhone 14, and More!
2. Atlassian Confluence CVE-2022-26134 Vulnerability Proof-of-Concept Exploits Released: Is There a Patch?
Atlassian Confluence has fallen victim to attackers who have exploited the the CVE-2022-26134 vulnerability. Products that are said to be affected by this include the Confluence Server and Data Center,
A patch has already been released and users have been highly encouraged to make the security update to avoid further breaches and exploits.
1. Apple M1 Chip Has a Security Flaw That is Unpatchable
The past week has been a huge week for Apple as the tech giant hosted WWDC 2022. One of the company's products that featured heavily in WWDC 2022 is its M1 chip.
However, a group of security researchers from the Massachusetts Institute of Technology (MIT) have shared that they found a security vulnerability in the M1 chip. Unfortunately, the researchers have described this flaw as unpatchable.