Security News > 2023 > February

Cybersecurity solutions company Fortinet has released security updates for its FortiNAC and FortiWeb products, addressing two critical-severity vulnerabilities that may allow unauthenticated attackers to perform arbitrary code or command execution.FortiNAC is a network access control solution that helps organizations gain real-time network visibility, enforce security policies, and detect and mitigate threats.

In today's edition, we will cover some interesting developments in the cybersecurity landscape and share some insightful analysis of each to help you protect yourself against potential attacks. What's even more alarming is that the ransom notes on the two hosts were updated on January 31, 2023, with a revised version that matches the ones used in the current wave of attacks.

A critical vulnerability in the ClamAV scanning library used by its Secure Endpoint, Secure Endpoint Private Cloud, and Secure Web Appliance, and. High-risk vulnerabilities affecting Email Security Appliance and Cisco Secure Email and Web Manager, proof-of-concept exploit code for which is already available.

Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and desktop, remotely controlling the compromised machine with TightVNC, installing a web shell, performing port scanning, and more," Check Point Research said in a report.

Our essay argued that the much heralded launch of the AI chatbot ChatGPT, a system that can generate text realistic enough to appear to be written by a human, poses significant threats to democratic processes. While some of these activities are the longtime domain of human lobbyists, AI tools applied against the same task would have unfair advantages.

8 suspects arrested Seizures include: electronic equipment and vehicles, about EUR 3 million from Portuguese bank accounts, EUR 1.1 million from Hungarian bank accounts, EUR 600 000 from Croatian bank accounts, EUR 400 000 from Spanish bank accounts, EUR 350 000 in virtual currencies. The total value of the seizures is estimated at about EUR 5.5 million.

ReversingLabs wrote about Havoc earlier this month in connection with a malicious npm package called Aabquerys, noting that it was created by a malware developer called C5pider. Now researchers with Zscaler's ThreatLabz threat intelligence unit say Havoc is being used in a campaign targeting a government organization.

Lawmakers in the European Parliament have urged the European Commission not to issue the "Adequacy decision" needed for the EU-US Data Privacy Framework to officially become the pipeline for data to freely flow from the EU to the States. European rules around privacy, data collection, and data subjects' rights are considerably stronger than those in America, hence the need for rules of engagement that make US companies' treatment of EU data as good as what they'd get at home.

A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. "Once the vulnerable devices are compromised, they will be fully controlled by attackers and become a part of the botnet," Unit 42 researchers said.

Cisco's open source ClamAV can fill that role - once you patch the 9.8/10 rated arbitrary code execution flaw the networking giant revealed on Wednesday. "A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code," states Cisco's security advisory, which identifies the issue as CVE-2023-20032.