Skip to content

Rapid Coverage of a World Gone Full Cyberpunk

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books
  • Home
  • #AxisOfEasy
  • #AxisOfEasy 294: TikTok Facing £12.7M Fine From ICO For Regulatory Issues For The Use Of Children’s Data

#AxisOfEasy 294: TikTok Facing £12.7M Fine From ICO For Regulatory Issues For The Use Of Children’s Data

April 18, 2023April 18, 2023 Mark E. Jeftovic

Weekly Axis Of Easy #294


Last Week’s Quote was  “Most folks are as happy as they make up their minds to be,”  was by Abraham Lincoln. Our winner is Charles Hugh Smith. Congrats!

This Week’s Quote:  “What lies behind us and what lies before us are tiny matters compared to what lies within us.”  By ???

THE RULES:  No searching up the answer, must be posted at the bottom of this post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.


This is your easyDNS #AxisOfEasy Briefing for the week of April 17th, 2023 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.
 
For more commentary and insight into last week’s top issues, tune in to Joey Tweets, and Len the Legend for the AxisOfEasy the podcast edition.

In this issue:
  • TikTok facing £12.7M fine from ICO for regulatory issues for the use of children’s data
  • The evolution of the Lazarus group’s DeathNote campaign
  • Microsoft Releases Set of Security Updates to Patch 97 Flaws Impacting its Software, Including Active Ransomware Exploit
  • Lessons learned: A retrospective on Eth. limo’s DNS outage
  • RMM platform Action1 abused by hackers for ransomware attacks
  • Google and easyDNS Announcements
 
Elsewhere online:
  • Montana Legislature Votes to Outlaw TikTok
  • UK’s Largest state boarding school latest victim in a string of ransomware attacks against British schools
  • Affiliates must follow strict rules to avoid public exposure at RTM Locker
  • National Intelligence Service of the Republic of Korea (NIS) warns of North Korean threat group Kimsuky’s use of Chrome extensions to steal Emails
  • Microsoft researchers establish links between spyware threat actor and Israeli company, QuaDream


TikTok facing £12.7M fine from ICO for regulatory issues for the use of children’s data

TikTok is currently facing a £12.7 million fine from the UK’s Information Commissioner’s Office (ICO) for several regulatory issues concerning the use of children’s data. This current fine focuses on TikTok’s failure to ensure underage users do not sneak onto its platform and the collection and use of children’s data without parental consent. The ICO says TikTok should have been aware of these data regulatory concerns on its platform and its failure to implement adequate checks amounting to gross negligence.

The ICO found that 1.4 million British children under the age of 13 were using TikTok from 2018 to 2020. This falls below the minimum required age to open a TikTok account according to the platform’s own terms of service. The fine was issued due to TikTok’s failure to screen for these accounts and prevent them from being established in the first place without parental consent and supervision. Parental consent is required by the UK’s national data privacy laws for children under 13 to create a social media presence. It was found that TikTok’s primary user base is between the ages of 10-19 and that underage users lie about their actual age on the app to circumvent parental involvement and supervision. The ICO says that TikTok ought to be reasonably aware of this liability on its platform and should have preventative measures in place to prevent such situations from arising, to begin with.

The platform is also being fined for not being transparent about collecting children’s online data to meet General Data Protection Regulation (GDPR) requirements. The current fine sum of £12.7 million is actually a reduced amount, as ICO’s original notice had called for £27 million. This reduction seems to be due to a change in direction in prosecuting unlawful use of special category data.

Read: https://www.cpomagazine.com/data-protection/12-7-million-fine-for-tiktok-in-uk-for-failure-to-screen-underage-users-use-of-childrens-data-without-parental-consent/


The evolution of the Lazarus group’s DeathNote campaign

The Lazarus group is a Korean-speaking threat actor with multiple sub-campaigns, the latest of which is the active cluster DeathNote, so named because the malware that downloads its additional payloads is called Dn.dll or Dn64.dll. The Death Note malware cluster is also known as Operation DreamJob or NukeSped. According to a study by SecureList.com, there has been a significant shift in DeathNote’s targets throughout its lifespan, and the malware’s tools and techniques have seen several developmental shifts.

The DeathNote cluster started as a novel downloader in October 2019, designed to attack cryptocurrency businesses before shifting its focus to the defense industry in April 2020. The former was achieved using decoy malicious Word documents related to the cryptocurrency business, such as questionnaires about buying specific cryptocurrencies and a Word doc that acted as an introduction to a bitcoin mining company. The latter switch in 2020 showed DeathNote being used to target automotive and academic sectors across Eastern Europe, both of which are connected to the defense industry. To do this, new decoy documents were created, which included job descriptions related to defense contractors and diplomatic services.

In 2021, DeathNote attacked a European S/W vendor in May. By June 2021, the Lazarus group was studied using new infection mechanisms against South Korean targets. It was noted that the initial malware stage was executed by a legitimate security software widely used in South Korea. The malware was believed to be spread in South Korea through this vulnerability. By July 2022, DeathNote was observed to have evolved enough to target defense contractors in Africa with sophisticated TTPs via a suspicious PDF application sent via Skype messenger.

Read: https://securelist.com/the-lazarus-group-deathnote-campaign/109490/


Microsoft Releases Set of Security Updates to Patch 97 Flaws Impacting its Software, Including Active Ransomware Exploit

Microsoft has released another set of security updates to patch 97 flaws impacting its software, one of which was actively being exploited by ransomware attacks. Seven of 97 bugs are rated Critical, while the remaining 90 are rated as Important in their severity. This latest series of updates also contain fixes for 26 vulnerabilities in Microsoft’s Edge browser that were released over the past month. The security flaw that was subject to active ransomware exploitation is CVE-2023-28252 (CVSS score: 7.8), a privilege escalation bug in the Windows Common Log File System (CLFS) Driver.

In an advisory meeting, Microsoft said, “An attacker who successfully exploited this vulnerability could gain system privileges.” Researchers Boris Larin, Genwei Jiang, and Quan Jin were credited by the company for reporting the issue. As of this year, CVE-2023-28252 is the fourth privilege escalation flaw found in CLFS. A total of 32 vulnerabilities have been identified in CLFS since 2018. Russian cybersecurity firm Kaspersky reported that small and medium-sized businesses across the Middle East, North America, and Asia were being targeted by Nokoyawa ransomware.

“CVE-2023-28252 is an out-of-bounds write (increment) vulnerability that can be exploited when the system attempts to extend the metadata block,” Larin said. “The vulnerability gets triggered by the manipulation of the base log file.“

Read: https://thehackernews.com/2023/04/urgent-microsoft-issues-patches-for-97.html

Lessons learned: A retrospective on Eth. limo’s DNS outage

Recently, Eth.limo, a website that provides a gateway from the legacy world-wide-web to Ethereum Name Service (ENS) addresses, experienced a DNS outage, which resulted in the website being temporarily unavailable. The outage was caused when their former registrar mistakenly parked their domain on a pay-per-click page.

A previous version of this article incorrectly reported this incident as a cyber-attack. It was not.

AxisOfEasy regrets the errant reporting.

Eth.limo has since moved their domain registrar… to easyDNS.

Read: https://ethlimo.substack.com/p/ethlimo-dns-outage-retrospective


RMM platform Action1 abused by hackers for ransomware attacks

According to a report from Bleeping Computer, hackers are abusing the remote monitoring and management (RMM) software Action1 to deploy ransomware on victims’ networks. Action1 is a cloud-based platform IT administrators use to remotely manage endpoints, such as servers and workstations. The report highlights that hackers have started abusing the platform to gain access to victims’ networks and deploy ransomware on them.

The attackers are using a combination of phishing attacks and exploiting vulnerabilities in the Action1 software to gain access to victims’ networks. Once they gain access, they use the software’s built-in features to execute commands on the endpoints and deploy ransomware. The report notes that this is the first time an RMM platform has been used to deploy ransomware.

Action1 has acknowledged the issue and released a patch to fix the vulnerabilities. They have also advised their customers to take necessary precautions, such as changing passwords and enabling two-factor authentication. The company has also recommended that customers limit the use of administrative credentials and monitor their networks for any unusual activity.

Read: https://www.bleepingcomputer.com/news/security/hackers-start-abusing-action1-rmm-in-ransomware-attacks/


Google and easyDNS Announcements

If you’re running your own mail server and have been putting off creating SPF or DKIM records, you may have noticed gmail bouncing messages since November of 2022. SPF and DKIM records are ways to authenticate email messages to cut down on rampant spam. We created a tool,  SPFWizard, to help you easily set up the correct records for your domain.

Read: https://support.google.com/mail/answer/81126#auth-reqs

The development team at easyDNS has been working on an all encompassing, easy to use DNS editor for the last little while. We’re happy to announce it is now available in your member page or directly at:  https://cp.easydns.com/manage/domains/dns/

Feel free to send us a note to let us know how you like it. There’s also a product tour available to get you familiar with how to use it.

 

Elsewhere online:


Montana Legislature Votes to Outlaw TikTok
Read: https://www.nytimes.com/2023/04/14/technology/montana-tiktok-ban-passed.html


UK’s Largest state boarding school latest victim in a string of ransomware attacks against British schools

Read: https://therecord.media/wymondham-college-cyberattack-uk-boarding-school


Affiliates must follow strict rules to avoid public exposure at RTM Locker
Read: https://cyware.com/news/rtm-locker-enforces-strict-rules-on-affiliates-to-avoid-public-attention-2e256c40/


National Intelligence Service of the Republic of Korea (NIS) warns of North Korean threat group Kimsuky’s use of Chrome extensions to steal Emails
Read: https://www.bleepingcomputer.com/news/security/north-korean-hackers-using-chrome-extensions-to-steal-gmail-emails/


Microsoft researchers establish links between spyware threat actor and Israeli company, QuaDream
Read: https://www.darkreading.com/vulnerabilities-threats/microsoft-nso-group-like-quadream-actor-selling-mobile-spyware-governments

 

Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

  • April 10th, 2023: Clearview AI Admits To Nearly 1 Million Uses By US Law Enforcement
  • April 3rd, 2023: Online Safety Bill Introduces Mass Surveillance, Leaves Citizens’ E2E Encrypted Messages Vulnerable To Criminal And Foreign Activity
  • March 27th, 2023: 291: Chinese Budget Shopping App, Pinduoduo, Temporarily Suspended On Google Play Store Over Malware Concerns
  • March 20th, 2023: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings
  • March 13th, 2023: Drop What You’re Doing: Update Android Edition

 

 

 

 

 
#AxisOfEasyTagged: Action1, Boris Larin, Chrome, DeathNote, DKIM, GDPR, Genwei Jiang, ICO, KImsuky, Lazarus Group, NIS, NukeSped, Operation DreamJob, Patch 97, QuaDream, Quan Jin, RMM, RTM Locker, SPFWizard, TikTok

Post navigation

The Housing Bubble: Owners Trapped by Low-Rate Mortgages, Buyers Thwarted by High-Rate Mortgages
Over the Falls: Credit, Collateral, Risk, Asset Valuations

Related Posts

#AxisOfEasy 182: Hackers Modify Chemical Levels In Town’s Drinking Water Supply

Hackers modify chemical levels in town’s drinking water supply,
German Ex-con’s brain wallet stumps cops from seizing his bitcoin,
DC Riot aftermath: tracked by smartphones, snitched on by banks while Youtube removes raw footage and more in Axis of Easy #182

The World's Most Important Resource Is…

In this Issue: Latest Pirates of the Caribbean film held for ransom DocuSign credential leak used in fake phishing emails NSA toolkit worms proliferate  easyDNS members affected by “AntiPublic” credential dump The world’s most important resource is… your data Latest Pirates of the Caribbean him held for ransom Disney reported last week that they had […]

#AxisOfEasy 192: Another Supply Chain Breach: Codecov Hacked – Damage Unknown

Facebook’s ad system lets companies spin both directions,
Big Tech’s fingerprints all over new privacy laws in US,
Amazon is trying to strongarm Ecobee into sharing user data ..this and more in this week’s Axis of Easy #192

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Loading

Search Blog

Recent Posts

  • Living on Meds, Vitamin C and Ibogaine: American Precarity
  • The One Real Economic Indicator: "Upgrade to Premium"
  • #AxisOfEasy 399: Hackers Break Into Government Messaging App And Steal Sensitive Data
  • Tariffs Are Not Enough
  • It Was 20 Years Ago Today I Started this Blog: What Surprises Me
  • The Terminal Rot in Corporate America
  • #AxisOfEasy 398: Texas Bill Could Jail People For Sharing Political Memes Without Disclaimers
#AxisOfEasy is brought to you by.... easyDNS
Power & Freedom™ since 1998

Categories

  • #AxisOfEasy
  • Cybersecurity
  • FreedomTech
  • FreeSpeech
  • Metaviews
  • Of Two Minds
  • Venture Crapital

Copyright © 2025 | Marvel Blog by Ascendoor | Powered by WordPress.

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books