Security News > 2023 > January

The maintainers of the PyTorch package have warned users who have installed the nightly builds of the library between December 25, 2022, and December 30, 2022, to uninstall and download the latest versions following a dependency confusion attack. "PyTorch-nightly Linux packages installed via pip during that time installed a dependency, torchtriton, which was compromised on the Python Package Index code repository and ran a malicious binary," the PyTorch team said in an alert over the weekend.

It was a big year for cybersecurity in 2022 with massive cyberattacks and data breaches, innovative phishing attacks, privacy concerns, and of course, zero-day vulnerabilities. Below are the ten most popular stories at BleepingComputer during 2022, with a summary of each.

WordPress sites are being targeted by a previously unknown strain of Linux malware that exploits flaws in over two dozen plugins and themes to compromise vulnerable systems. "If sites use outdated versions of such add-ons, lacking crucial fixes, the targeted web pages are injected with malicious JavaScripts," Russian security vendor Doctor Web said in a report published last week.

Before digging into DLP specifics, consider the deceptive marketing behind data loss prevention "As a service." The name implies that DLP is just one aspect of maintaining a security posture, when in fact, preventing data loss encompasses almost all of cybersecurity. An organization must ensure they have the right people, with the right experience, and enough of them to implement DLP properly.

Since the first months of 2020, ransomware attacks have been on the rise and are in the news again. In this presentation, Dave Lewis, Global Advisory CISO at Cisco, talks about the historical rise and fall of ransomware from floppy disks to RaaS, why it's seen a resurgence in popularity along with recent data on the state of ransomware currently, and how you can improve your defenses against ransomware attacks.

Google has agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C., over its "Deceptive" location tracking practices. The search and advertising giant is required to pay $9.5 million to D.C. and $20 million to Indiana after the states sued the company for charges that the company tracked users' locations without their express consent.

So what looked like an innocent, if pointless, DNS lookup for a "Server" such as S3CR3TPA55W0RD.DODGY.EXAMPLE would quietly leak your access key under the guise of a simple lookup that directed to the official DNS server listed for the DODGY.EXAMPLE domain. LIVE LOG4SHELL DEMO EXPLAINING DATA EXFILTRATION VIA DNS. If you can't read the text clearly here, try using Full Screen mode, or watch directly on YouTube.

The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim's site to publish stolen data on it. As a deviation from the usual process, the hackers decided to also leak the data on a site that mimics the victim's as far as the appearance and the domain name go.

The LockBit ransomware gang has released a free decryptor for the Hospital for Sick Children, saying one of its members violated rules by attacking the healthcare organization. On December 18th, the hospital suffered a ransomware attack that impacted internal and corporate systems, hospital phone lines, and the website.