Security News > 2023 > March

The Dark Pink advanced persistent threat actor has been linked to a fresh set of attacks targeting government and military entities in Southeast Asian countries with a malware called KamiKakaBot. Dark Pink, also called Saaiwc, was first profiled by Group-IB earlier this year, describing its use of custom tools such as TelePowerBot and KamiKakaBot to run arbitrary commands and exfiltrate sensitive information.

The Transportation Security Administration issued a new cybersecurity amendment to the security programs of certain TSA-regulated operators in the aviation sector, following similar measures announced in October 2022 for passenger and freight railroad carriers. This is part of the Department of Homeland Security's efforts to increase the cybersecurity resilience of U.S. critical infrastructure and follows extensive collaboration with aviation partners.

Keeping up with financial fraud is incredibly difficult because accurate fraud detection requires a deep, real-time analysis of all the events surrounding a transaction. Teams need to have a portfolio of techniques to call upon, a centralized structure for identifying and combatting threats, and an agile approach to fight cyber-attacks and financial fraud.

Ironically, the study revealed that 83% of compromised passwords did satisfy both length and complexity requirements of cybersecurity compliance standards such as NIST, PCI, ICO for GDPR, HITRUST for HIPAA and Cyber Essentials for NCSC. "This shows that while organizations are making concerted efforts to follow password best practices and industry standards, more needs to be done to ensure passwords are strong and unique," said Darren James, product manager at Specops Software. "With the sophistication of modern password attacks, additional security measures are always required to protect access to sensitive data," James continued.

Researchers have made a significant breakthrough in secure communication by developing an algorithm that conceals sensitive information so effectively that it is impossible to detect anything hidden. The algorithm applies to a setting called steganography: the practice of hiding sensitive information inside of innocuous content.

Microsoft is working on a new XAML-based gallery view for Windows 11 File Explorer. This new Gallery option can be accessed via the right sidebar of File Explorer, letting you view your pictures in one place.

Essendant, a wholesale distributor of stationary and office supplies, is experiencing a multi-day systems "Outage" preventing customers and suppliers from placing and fulfilling online orders. Headquartered in Deerfield, Illinois, Essendant also operates in Dubai, UAE. A systems outage at Essendant is preventing the placement or fulfillment of online orders, thereby impacting both the company's customers and suppliers.

Microsoft has finally addressed a known issue causing significant performance hits when copying large files over SMB after installing the Windows 11 2022 update. The fix comes after Microsoft's Ned Pyle explained in October that "There is a performance reduction in 22H2 when copying larger files from a remote computer down to a Windows 11 computer or when copying files on a local drive."

A ransomware operation known as Medusa has begun to pick up steam in 2023, targeting corporate victims worldwide with million-dollar ransom demands. Many malware families call themselves Medusa, including a Mirai-based botnet with ransomware capabilities, a Medusa Android malware, and the widely known MedusaLocker ransomware operation.

Researchers at the School of Cyber Security at Korea University, Seoul, have presented a new covert channel attack named CASPER can leak data from air-gapped computers to a nearby smartphone at a rate of 20bits/sec. The CASPER attack leverages the internal speakers inside the target computer as the data transmission channel to transmit high-frequency audio that the human ear cannot hear and convey binary or Morse code to a microphone up to 1.5m away.