Security News > 2023 > April

The Computer Emergency Response Team of Ukraine says Russian hackers are targeting various government bodies in the country with malicious emails supposedly containing instructions on how to update Windows as a defense against cyber attacks. Instead of legitimate instructions on upgrading Windows systems, the malicious emails advise the recipients to run a PowerShell command.

Overcoming industry obstacles for decentralized digital identitiesIn this Help Net Security interview, Eve Maler, CTO at ForgeRock, talks about how digital identities continue to play a critical role in how we access online services securely. PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliatesClop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro researchers.

The malware peddlers' focus on Apple fans was clearly reflected in the name they gave their "Product": Atomic macOS Stealer, or AMOS for short. Well-informed Mac users should spot that the popup produced clearly belongs to the malware app itself, which is imaginatively called Setup.

Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile ransomware gangs. Malicious activity and tools echoing FIN7 attacks have been observed in intrusions since March 28, less than a week after an exploit became available for a high-severity vulnerability in Veeam Backup and Replication software.

The U.S. Cybersecurity and Infrastructure Security Agency has released an Industrial Control Systems medical advisory warning of a critical flaw impacting Illumina medical devices. "Successful exploitation of these vulnerabilities could allow an attacker to take any action at the operating system level," CISA said.

OpenAI, the company behind ChatGPT, has officially made a return to Italy after the company met the data protection authority's demands ahead of April 30, 2023, deadline. The reinstatement comes following Garante's decision to temporarily block access to the popular AI chatbot service in Italy on March 31, 2023, over concerns that its practices are in violation of data protection laws in the region.

"Rather than focusing on core cybercrimes like network intrusion and computing system interference, the draft treaty's emphasis on =>content-related crimes could likely result in overly broad and easily abused laws that stifle free expression and association rights of people around the world." This is despite the right to free expression-including the right to insult and offend-being protected under the Universal Declaration of Human Rights and Article 19 of the International Covenant on Civil and Political Rights-of which the U.N. Member States negotiating the new treaty are parties to.

A US court has recently unsealed a restraining order against a gang of alleged cybercrooks operating outside the country, based on a formal legal complaint from internet giant Google. Interestingly the court order also authorises Google to identify network providers whose services directly or indirectly make this criminality possible, and to "[request] that those persons and entities take reasonable best efforts" to stop the malware and the data theft in its tracks.

Americold, a leading cold storage and logistics company, has been facing IT issues since its network was breached on Tuesday night. "Americold is continuing to assess the intrusion that occurred Tues night / Wed morning. We contained the intrusion and shut down our network to ensure there is no risk to non-contained areas or customers. We are still in the discovery process on the path to rebuild the impacted systems," the cold storage giant said.

Bob Paddock April 28, 2023 3:32 PM. At a past company I worked at the company had its first ever mass layoff of 28 people. As we were waiting for the government paper pushers to come in, we figured out that the common denominator between us all was, that we had all used the companies health insurance sometime in the last few years.