Security News > 2023 > April

Amazon has banned the sale of the Flipper Zero portable multi-tool for pen-testers as it no longer allows its sale on the platform after tagging it as a card-skimming device. According to notices sent to sellers on Thursday evening, Amazon has now banned Flipper Zero on its platform, tagging it as a "Restricted product."

A vulnerability identified in at least 55 Wi-Fi router models can be exploited by miscreants to spy on victims' data as it's sent over a wireless network. Eggheads in China and the US have published details of a security shortcoming in the network processing units in Qualcomm and HiSilicon chips found at the heart of various wireless access points.

Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware. While Cobalt Strike, developed and maintained by Fortra, is a legitimate post-exploitation tool used for adversary simulation, illegal cracked versions of the software have been weaponized by threat actors over the years.

The group's trophies included nearly 200GB of source code from Samsung, the source code for Nvidia's DLSS technology, and 250 internal projects from Microsoft. There may be vulnerabilities in the way software applications handle functions and data that could be present in the source code.

The U.S. Cybersecurity and Infrastructure Security Agency has published eight Industrial Control Systems advisories warning of critical flaws affecting products from Hitachi Energy, mySCADA Technologies, Industrial Control Links, and Nexx. Topping the list is CVE-2022-3682, impacting Hitachi Energy's MicroSCADA System Data Manager SDM600 that could allow an attacker to take remote control of the product.

Per Microsoft, that's "Two weeks after your latest monthly security update and about two weeks before you'll see these features become part of the next mandatory cumulative update," which is the optimal time for testing. April 2023 Patch Tuesday forecast Microsoft has stepped up the security fixes in their operating systems so we should see that trend continue.

93% of organizations find the execution of some essential security operation tasks, such as threat hunting, challenging, according to Sophos. IT professionals face challenging security operation tasks.

60% of survey respondents said they react to individual cybersecurity problems as they arise. "Today, most cybersecurity investments are aimed towards the reduction of cyber risks. However, the problem arises when the risks that are being mitigated are not the ones that are most important for the outcomes the business wants to achieve. This could either result to cybersecurity investments being completely disconnected from the business or cyber security not getting the appropriate funding at all," explained WithSecure CSO Christine Bejerasco.

"Complex networks, large customer bases, and long supply chains make these industries highly susceptible to attacks. The study reveals that given the current organizational approaches to network security, companies cannot be continuously compliant, and as a result carry with them unquantified levels of risk to the confidentiality, integrity, and availability of systems and data." said Phil Lewis, CEO, Titania. "A determined attacker will try a combination of approaches to access a network until they gain entry, and known vulnerabilities or misconfigurations are an easy way in. Companies must adopt both a zero trust mindset and network security best practices, to minimise the attack surface, inhibit lateral movement, and prevent intruders from meeting their goals," continued Lewis.

The pro-Russia hacker group NoName057(16) reportedly claimed it was behind Denial of Service attacks against the Finnish parliament's website on Tuesday, the day the country joined NATO. The country's Technical Research Centre of Finland was also hacked, according to Finnish news site, YLE. NoName057(16) is the same group that took responsibility for a distributed denial of service attack, taking down the website for the country's parliament last August, and who also attacked Ukraine, the U.S., Poland and other European countries. In a new study, Unveiling the New Threat Landscape, NetScout said that the U.S. national security sector experienced a 16,815% increase in DDoS attacks in the second half of 2022, many related to Killnet.