Security News > 2023 > January

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Microsoft urged customers today to keep their on-premises Exchange servers patched by applying the latest supported Cumulative Update to have them always ready to deploy an emergency security update. "To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU and the latest SU," The Exchange Team said.

The Public Prosecution Service in the Netherlands has just released information about an unnamed suspect arrested back in December 2022 for allegedly stealing and selling personal data about tens of millions of people. The suspect is being investigated for multiple offences: possessing or publishing "Non-public" data, possessing phishing software and hacking tools, computer hacking, and money laundering.

Bitwarden and other password managers are being targeted in Google ads phishing campaigns to steal users' password vault credentials. Unless you use a local password manager, like KeePass, most password managers are cloud-based, allowing users to access their passwords through websites and mobile apps.

The U.S. Department of State today offered up to $10 million for information that could help link the Hive ransomware group with foreign governments. "If you have information that links Hive or any other malicious cyber actors targeting U.S. critical infrastructure to a foreign government, send us your tip via our Tor tip line. You could be eligible for a reward," the State Department's Rewards for Justice Twitter account said.

The FBI said it has shut down the Hive's ransomware network, seizing control of the notorious gang's servers and websites, and thwarting the pesky criminals' ability to sting future victims. The takedown, which happened Wednesday night, was the culmination of a seven-month covert operation during which the FBI hacked Hive's network and used that access to provide decryption keys to more than 300 victims, saving them $130 million in ransomware payments, we're told.

Security researchers discovered a new ransomware strain they named Mimic that leverages the APIs of the 'Everything' file search tool for Windows to look for files targeted for encryption. Mimic ransomware attacks begin with the victim receiving an executable, presumably via email, which extracts four files on the target system, including the main payload, ancillary files, and tools to disable Windows Defender.

Lexmark has released a security firmware update to fix a severe vulnerability that could enable remote code execution on more than 100 printer models. "Lexmark is not aware of any malicious use against Lexmark products of the vulnerability described in this advisory, but proof of concept code has been publicly published" - Lexmark.

DOUG. OK, we've got some tips if you are affected by this, starting with: Don't click "Helpful" links in emails or other messages. Apple patches are out - old iPhones get an old zero-day fix at last!

Google's Threat Analysis Group terminated tens of thousands of accounts linked to a group known as "Dragonbridge" or "Spamouflage Dragon" that is disseminating pro-Chinese disinformation across multiple online platforms. According to Google, Dragonbridge gets new Google Accounts from bulk account sellers, and, in some instances, they've even switched to accounts previously used by financially motivated actors repurposed for posting disinformation videos and blogs.