Security News > 2023 > April

Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was the handiwork of a threat actor with North Korean nexus. It's worth noting that cybersecurity firm CrowdStrike has attributed the attack to a Lazarus sub-group dubbed Labyrinth Chollima, citing tactical overlaps.

In this Help Net Security interview, Travis Smith, VP of the Qualys TRU, talks about the 2023 Qualys TruRisk Threat Research Report, which provides security teams with data-backed insights to help them better understand how adversaries exploit vulnerabilities and render attacks. What tactics have threat actors used to exploit the most critical vulnerabilities, and what can organizations do to protect themselves?

The impact of the hybrid workforce on security posture, as well as the risks introduced by this way of working, are posing concerns for CISOs and driving them to develop new strategies for hybrid work security, according to Red Access. The role of hybrid/remote work, and insecure browsing Hybrid work is here to stay.

Proactive threat hunting helps organizations save money by preventing security breaches and reducing the impact of attacks. To better understand the perspective of threat hunters who are in the trenches defending their organizations every day, Team Cymru surveyed 218 experienced security analysts to learn what works and what doesn't in their threat hunting program, how they measure success, and the biggest challenges they face.

Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate. Joyce, speaking at CrowdStrike's Government Summit Tuesday, said he doesn't expect to see - at least not "In the near term" - AI used "For automated attacks that will rip through systems at speeds that are unfathomable today."

Reports from Microsoft and The University of Toronto's Citizen Lab both conclude that government-serving spyware maker QuaDream used a zero-click exploit targeting Apple devices running iOS 14 to deliver spyware marketed under the name Reign to victims' phones. Once somehow up and running via this method, the spyware was able to exfiltrate various elements of device, carrier, and network info; search for and retrieve files; use the camera in the background; monitor calls; access the iOS keychain; generate iCloud one-time passwords; and more, said Microsoft.

Microsoft patched 97 security flaws today for April's Patch Tuesday including one that has already been found and exploited by miscreants attempting to deploy Nokoyawa ransomware. Microsoft, as usual, didn't disclose the extent of attacks against CVE-2023-28252, a privilege elevation bug in the Windows Common Log File System driver, infosec folk say they've spotted attempts to deploy the Nokoyawa ransomware via this security hole.

Enterprise software vendor SAP has released its April 2023 security updates for several of its products, which includes fixes for two critical-severity vulnerabilities that impact the SAP Diagnostics Agent and the SAP BusinessObjects Business Intelligence Platform. In total, SAP has released 24 notes, 19 of which concern new issues of varying importance, and five are updates to previous bulletins.

TL;DR: You can currently get lifetime online protection with Ivacy VPN for only $18 using code IVACY5 via TechRepublic Academy. In our Secure Solutions Sale, you can now get a lifetime Ivacy VPN subscription for only $18 using the coupon code IVACY5 at TechRepublic Academy.

AI research company OpenAI announced today the launch of a new bug bounty program to allow registered security researchers to discover vulnerabilities in its product line and get paid for reporting them via the Bugcrowd crowdsourced security platform."The OpenAI Bug Bounty Program is a way for us to recognize and reward the valuable insights of security researchers who contribute to keeping our technology and company secure," OpenAI said.