Security News > 2023 > March

The report also details the top browser security threats of 2022, which include phishing attacks via high reputation domains, malware distribution via file sharing systems, data leakage exploiting personal browser profiles, outdated browsers, compromised passwords, vulnerable unmanaged devices, high-risk extensions, shadow IT, and account takeovers with phishing credentials. In addition to the stats and analysis of the prominent threats, the report provides a retrospect of the main news stories that left a mark in the world of browser security in 2022.

A malicious Python package uploaded to the Python Package Index has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind.

The National Cybersecurity Strategy was unveiled today by the Biden-Harris Administration.The Strategy recognizes that government must use all tools of national power in a coordinated manner to protect national security, public safety, and economic prosperity.

ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. "Our investigation started with a few hits on what turned out to be the BlackLotus user-mode component - an HTTP downloader - in our telemetry late in 2022. After an initial assessment, code patterns found in the samples brought us to the discovery of six BlackLotus installers. This allowed us to explore the whole execution chain and to realize that what we were dealing with here is not just regular malware," says Martin Smolár, the ESET researcher who led the investigation into the bootkit.

Interview It's a tough economy to ask for a bigger security team or larger budget to buy technology to protect against cyberattacks. Organizations moving to the cloud and shifting to a decentralized IT environment requires security teams adapt and change these processes.

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering.

In this Help Net Security video interview, James Edgar, CISO at Fleetcor, discusses what consequences SMBs are most concerned about when it comes to cyberattacks, what technology SMBs are most...

"The first approach is just keeping the bad guy out and never permitting access to the system. The physical analogue is to build a big wall and don't let him in in the first place. And the backup plan is, if the wall doesn't work, we rely on detection. Both of those approaches are imperfect. And so, what moving target defense offers as a complementary strategy is, even if those two approaches fail, moving target confuses the attacker and makes it more difficult to do damage," Vugrin continued. Like a game of three-card monte, in which a con artist uses sleight of hand to shuffle cards side-to-side, moving target defense requires randomness.

Malicious mobile devices apps tend to fall into a few categories - things that are popular, easy to use, and seemingly harmless. Many malicious apps deliver some legitimate functionality, but just because a free app works, doesn't mean that it's not hiding ulterior motives.

Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input.