Security News > 2023 > April

As TechRepublic has reported previously, business email compromise - or BEC - attacks are on the upswing, particularly as threat actors use such tactics as third-party reconnaissance to impersonate vendors. Email security firm Armorblox reported a rise in nearly all forms of email attack last year.

Hyper-volumetric DDoS attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private Servers. In general, Cloudflare reports steady DDoS activity in the first quarter of the year, with a notable 60% YoY increase in the ransom DDoS attacks, representing 16% of all recorded/reported DDoS attacks.

Reddit is investigating a worldwide outage that prevents users from accessing the social network's website on mobile apps. Users are reporting being automatically logged out when opening the mobile app and seeing several types of content loading errors, including "No Internet," "Sorry, please try again later," and "Let's try that again."

Two Critical bugs in particular grabbed our interest. The last two bugs that intrigued us were CVE-2023-28249 and CVE-2023-28269, both listed under the headline Windows Boot Manager Security Feature Bypass Vulnerability.

A Kyocera Android printing app is vulnerable to improper intent handling, allowing other malicious applications to abuse the flaw to download and potentially install malware on devices. Although the apps list different publishers, they are based on the same code; thus, the vulnerability impacts all three.

Security researchers and experts warn of a critical vulnerability in the Windows Message Queuing middleware service patched by Microsoft during this month's Patch Tuesday and exposing hundreds of thousands of systems to attacks. MSMQ is available on all Windows operating systems as an optional component that provides apps with network communication capabilities with "Guaranteed message delivery," and it can be enabled via PowerShell or the Control Panel.

Microsoft has shared guidance to help organizations check if hackers targeted or compromised machines with the BlackLotus UEFI bootkit by exploiting the CVE-2022-21894 vulnerability. Analyzing devices compromised with BlackLotus, the Microsoft Incident Response team identified several points in the malware installation and execution process that allow its detection.

Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning that hackers gained access to personal data.Hyundai is a multinational automotive manufacturer selling over half a million vehicles per year in Europe, with a market share of roughly 3% in France and Italy.

External web applications can prove difficult to secure and are often targeted by hackers due to the range of vulnerabilities they may contain. Organizations with business-critical web applications need to take effective measures of their digital attack surface, and pay close attention to these common security risks.

Microsoft has introduced a new update to Bing.com that includes a significant change in its search results - the addition of ChatGPT responses to search queries. Instead of featured snippets, in some cases, users will now see Bing AI answers to their queries, with prompts to continue conversations with the chatbot.