Security News > 2023 > January

From an article about Zheng Xiaoqing, an American convicted of spying for China: According to a Department of Justice (DOJ) indictment, the US citizen hid confidential files stolen from his...

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider located in Africa. The intrusion vector in question relates to the exploitation of CVE-2022-42475, a heap-based buffer overflow vulnerability in FortiOS SSL-VPN that could result in unauthenticated remote code execution via specifically crafted requests.

"The rise in attacks on the cloud was driven both by an overall increase in cyberattacks globally and also by the fact that it holds much more data and incorporates infrastructure and services from large amounts of potential victims, so when exploited the attacks could have a larger impact," Omer Dembinsky, data group manager at Check Point, told The Register. Check Point researchers noted examples in recent years that highlight the dangers of attacks on networks hosted in or managed from the cloud, including a security breach of AIS, a cellular network in Thailand, in which 8 billion internet activity records were accidentally exposed.

The Cyberspace Administration of China has preempted celebrations for Lunar New Year - the Year of the Rabbit* commences on January 22 - by warning citizens to keep evidence of seasonal overindulgence off the internet. The internet regulator warned it will investigate and take action on online flaunting of wealth and overeating during the seasonal celebrations that are marked with displays of generosity and abundance.

From there, design your Desktop as a Service offering using concepts and solutions that implement zero trust network access. Zero trust network access includes technologies that provide secure remote access to applications, desktops, and data based on access control rules.

In this Help Net Security video, André Ferraz, CEO at Incognia, discusses the impact of location spoofing and location-based fraud. Any tool that enables users to alter the location information given by their device is known as location spoofing.

Researchers recently surveyed over 400 security and engineering professionals to learn about their API secrets management practices and the challenges they face in thwarting API attacks. "Security and engineering teams are forced to divert their attention away from forward-facing engineering to focus on secrets management, yet their organizations remain vulnerable to attackers both through lateral attacks and leaked or compromised API secrets to gain illegitimate access to sensitive data," said Jared Elder, CGO at Corsha.

T-Mobile US today said someone abused an API to download the personal information of 37 million subscribers. A regulatory filing [PDF] disclosed one or more miscreants were able to access potentially the "Name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features" of each affected customer.

Microsoft has released the optional KB5019275 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2, with fourteen fixes and improvements. The KB5019275 cumulative update preview is part of Microsoft's January 2023 monthly "C" update, allowing admins to test upcoming fixes released in the February 2023 Patch Tuesday.

The personal information of 35,000 PayPal users was exposed in December, according to a notification letter sent to the online payment company's customers this week. PayPal attributed this privacy breach to "Unauthorized parties," who accessed accounts using customer login credentials.