Security News > 2023 > February

One of the hazards lies in the fact that, for some of the programs, downstream crop reversals are possible for viewers or readers of the document, not just the file's creators or editors. Official instruction manuals, help pages, and promotional materials may mention that cropping is reversible, but this documentation at times fails to note that these operations are reversible by any viewers of a given image or document.

A stranger may be receiving your private WhatsApp messages, and also be able to send messages to all of your contacts - if you have changed your phone number and didn't delete the WhatsApp account linked to it. "If for some reason you no longer want to use WhatsApp tied to a particular phone number, then the best thing to do is transfer it to a new phone number or delete the account within the app."

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers," SEKOIA said in a Monday report.

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. One employee is said to have fallen for the scam, who entered their username and password in a fake login page set up by the threat actors to harvest the credentials.

According to the Quocirca Print Security Landscape 2022 report, printer security is still some way down the worry list of most IT decision makers behind hybrid application platforms, email, public networks, and traditional endpoints. "Printer security is about understanding the threats to the network traffic, to the device itself and to the documents it prints. Every security feature you'll find in secure printers will address one of these categories of risk," he adds before going on to list a range of printer security issues.

In this Help Net Security interview, Royal Hansen, VP of Engineering for Privacy, Safety, and Security at Google, talks about Protected Computing, the impact of data protection regulations, and privacy in general. We need to ensure people can enjoy the helpful experiences the internet provides while having peace of mind that their data is protected, including easy-to-use controls for managing their own data choices knowing privacy is personal.

A spear-phishing campaign targeting Indian government entities aims to deploy an updated version of a backdoor called ReverseRAT. Cybersecurity firm ThreatMon attributed the activity to a threat actor tracked as SideCopy. SideCopy is a threat group of Pakistani origin that shares overlaps with another actor called Transparent Tribe.

Leveraging these mechanics and 5 large language models, ChatGPT can translate the human language into dynamic and useful machine results. As with any new technology, ChatGPT can be used for both good and bad - and this has major implications for the world of cybersecurity.

The ongoing cybersecurity skills shortage is a critical issue plaguing organizations and causing serious problems. The lack of trained and qualified professionals in the field has resulted in numerous security breaches, leading to the loss of large amounts of money.

A ransomware threat called HardBit has moved to version 2.0 and its operators are trying to negotiate a ransom payment that would be covered by the victim's insurance company. Specifically, the threat actor tries to convince the victim that it is in their interest to disclose all insurance details so they can adjust their demands so the insurer would cover all costs.