Security News > 2023 > January

In this Help Net Security video, Jason Kent, Director at Open Seas, explains why FIDO and passwordless authentication is the future. He dives deep into the technical reasons and explains why physical FIDO authentication is safer than other software/app/SMS solutions.

Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical and important vulnerabilities starting Tuesday, January 10, 2023.The Extended Security Update program was the last resort option for customers who still needed to run legacy Microsoft products past their end of support on Windows 7 systems.

Threat actors are using a well-crafted Pokemon NFT card game website to distribute the NetSupport remote access tool and take control over victims' devices. The website "Pokemon-go[.]io," which is still online at the time of writing, claims to be home to a new NFT card game built around the Pokemon franchise, offering users strategic fun together with NFT investment profits.

In Brief The Federal Communications Commission plans to overhaul its security reporting rules for the telecom industry to, among other things, eliminate a mandatory seven-day wait for informing customers of stolen data and expand the definition of what constitutes an incident. In a unanimous 4-0 vote, the FCC published a notice of proposed rulemaking that Chairwoman Jessica Rosenworcel said is sorely overdue, as the current rules are more than 15 years old.

The Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by a decade-old malware to deliver its own reconnaissance and backdoor tools to targets in Ukraine. Google-owned Mandiant, which is tracking the operation under the uncategorized cluster moniker UNC4210, said the hijacked servers correspond to a variant of a commodity malware called ANDROMEDA that was uploaded to VirusTotal in 2013.

Six malicious packages on PyPI, the Python Package Index, were found installing information-stealing and RAT malware while using Cloudflare Tunnel to bypass firewall restrictions for remote access. The malicious packages attempt to steal sensitive user information stored in browsers, run shell commands, and use keyloggers to steal typed secrets.

The paper, titled "Factoring integers with sublinear resources on a superconducting quantum processor," suggests that the application of Claus Peter Schnorr's recent factoring algorithm, in conjunction with a quantum approximate optimization algorithm, can break asymmetric RSA-2048 encryption using a non-fault tolerant quantum computer with only 372 physical quantum bits or qubits. The speculation has been that orders of magnitude more qubits, in conjunction with robust error correction at scale, may allow future quantum computers to run Peter Schor's algorithm - not to be confused with the similarly named Schnorr - quickly, on very large numbers, thereby breaking RSA encryption.

Multiple bugs affecting millions of vehicles from almost all major car brands could allow miscreants to perform any manner of mischief - in some cases including full takeovers - by exploiting vulnerabilities in the vehicles' telematic systems, automotive APIs and supporting infrastructure, according to security researchers. The research builds on Yuga Labs' Sam Curry's earlier car hacking expeditions that uncovered flaws affecting Hyundai and Genesis vehicles, as well as Hondas, Nissans, Infinitis and Acuras via an authorization flaw in Sirius XM's Connected Vehicle Services.

This week saw a lot of ransomware news, ranging from new extortion tactics, to a ransomware gang giving away a free decryptor after attacking a children's hospital. We also learned more information this week about various cyberattacks, which have now been confirmed as ransomware.

American fast-food restaurant chain Chick-fil-A is investigating what it described as "Suspicious activity" linked to some of its customers' accounts. A support page on Chick-fil-A's One Membership Program customer support website provides potentially affected clients with details on what to do if they notice unusual activity on their accounts, if they see any mobile orders placed without their approval, or if they're loyalty points were used to redeem or gift rewards fraudulently.