Security News > 2023 > May

Feds, you'll need a warrant for that cellphone border search
2023-05-31 23:52

It is the first US court to do so, to the delight of the Electronic Frontier Foundation, which along with other advocacy groups has been fighting for years to narrow the scope of border searches. "EFF is thrilled about this decision, given that we have been advocating for a warrant for border searches of electronic devices in the courts and Congress for nearly a decade," said Sophia Cope, senior staff attorney, in a statement Tuesday.

Exploit released for RCE flaw in popular ReportLab PDF library
2023-05-31 22:17

A researcher has published a working exploit for a remote code execution flaw impacting ReportLab Toolkit, a popular Python library used by numerous projects to generate PDF files from HTML input. ReportLab Toolkit is used by multiple projects as a PDF library and has approximately 3.5 million monthly downloads on PyPI. The problem stems from the ability to bypass sandbox restrictions on 'rl safe eval,' whose role is to prevent malicious code execution, leading to the attacker accessing potentially dangerous Python built-in functions.

8 best practices for securing your Mac from hackers in 2023
2023-05-31 21:28

There are best practices you can follow to secure your Mac and protect yourself against hack attempts. In this article, we'll cover some of the ways to protect yourself and show you how to make your Mac as secure as possible against hackers and those who would try to collect your data.

Amazon faces $30 million fine over Ring, Alexa privacy violations
2023-05-31 20:44

Amazon will pay $30 million in fines to settle allegations of privacy violations related to the operation of its Ring video doorbell and Alexa virtual assistant services. According to a proposed order, Ring will have to pay $5.8 million in refunds to consumers and will be barred from profiting from unlawfully obtained consumer videos.

Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image
2023-05-31 19:55

Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for stealing credentials and session cookies. As part of the Kali Linux release, the Kali team has released a pre-built Hyper-V image configured for 'Enhanced Session Mode,' which allows you to connect to the virtual machine using the Remote Desktop Protocol for a better experience.

Serious Security: That KeePass “master password crack”, and what we can learn from it
2023-05-31 19:39

Simply put, the CVE-2023-32784 vulnerability means that a KeePass master password might be recoverable from system data even after the KeyPass program has exited, because sufficient information about your password might get left behind in sytem swap or sleep files, where allocated system memory may end up saved for later. A long-term password leak in memory also means that the password could, in theory, be recovered from a memory dump of the KeyPass program, even if that dump was grabbed long after you'd typed the password in, and long after the KeePass itself had no more need to keep it around.

Terminator antivirus killer is a vulnerable Windows driver in disguise
2023-05-31 19:25

After the malicious driver is written to the disk, Terminator loads it to use its kernel-level privileges to kill off the user-mode processes of AV and EDR software running on the device. While it is not clear how the Terminator program is interfacing with the driver, a PoC exploit was released in 2021 that exploits flaws in the driver to execute commands with Windows Kernel privileges, which could be used to terminate normally-protected security software processes.

Barracuda Email Security Gateways bitten by data thieves
2023-05-31 18:15

A critical remote command injection vulnerability in some Barracuda Network devices that the vendor patched 11 days ago has been exploited by miscreants - for at least the past seven months. Barracuda said it discovered the bug, tracked as CVE-2023-2868, in its Email Security Gateway appliance on May 19 and pushed a patch to all of these products globally the following day.

Hackers exploit critical Zyxel firewall flaw in ongoing attacks
2023-05-31 17:54

Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install malware. The flaw, which is present in the default configuration of impacted firewall and VPN devices, can be exploited to perform unauthenticated remote code execution using a specially crafted IKEv2 packet to UDP port 500 on the device.

Criminals spent 10 days in US dental insurer's systems extracting data of 9 million
2023-05-31 17:32

The criminals who hit one of the biggest government-backed dental care and insurance providers in the US earlier this year hung about for 10 days while they extracted info on nearly 9 million people, including kids from poverty-stricken homes. This included a huge range of data, from patients' full names, dates of birth, addresses, telephone numbers, and email addresses to their Social Security numbers, driver's license numbers or government ID numbers, and health insurance information, and in some cases even included dental X-rays.