Security News > 2023 > May

From CEO Fraud to Vendor Fraud: The Shift to Financial Supply Chain Compromise
2023-05-25 16:00

TechRepublic Premium Bring your own device policy PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems .....

CISO Guide to Business Email Compromise
2023-05-25 16:00

TechRepublic Premium Bring your own device policy PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems .....

The Essential Guide to Cloud Email Security
2023-05-25 16:00

TechRepublic Premium Bring your own device policy PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems .....

New Russian-linked CosmicEnergy malware targets industrial systems
2023-05-25 15:27

Mandiant security researchers have discovered a new malware called CosmicEnergy designed to disrupt industrial systems and linked to Russian cybersecurity outfit Rostelecom-Solar. CosmicEnergy was discovered after a sample was uploaded to the VirusTotal malware analysis platform in December 2021 by someone with a Russian IP address.

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry
2023-05-25 14:53

A new botnet called Dark Frost has been observed launching distributed denial-of-service attacks against the gaming industry. "The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices," Akamai security researcher Allen West said in a new technical analysis shared with The Hacker News.

Zyxel Issues Critical Security Patches for Firewall and VPN Products
2023-05-25 14:43

Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws - CVE-2023-33009 and CVE-2023-33010 - are buffer overflow vulnerabilities and are rated 9.8 out of 10 on the CVSS scoring system.

So the FBI 'persistently' abused its snoop powers. What's to worry about?
2023-05-25 14:30

Register Kettle If there's one thing that's more all the rage these days than this AI hype, it's warrantless spying by the Feds. As we reported this week, the FBI abused its foreign surveillance powers in a "Persistent and widespread" manner to probe protesters, political campaign donors, and others, according to a court opinion.

What’s a Double-Blind Password Strategy and When Should It Be Used
2023-05-25 14:04

The double-blind password strategy, also known as "Horcruxing", "Password splitting", or "Partial passwords", involves storing the long and complex part of a password in a password manager and keeping the short unique identifier, such as a PIN code or word, to yourself. Since the password manager never knows about the abc5 portion of the password, attackers will never have the complete picture and access, even if they hack your password manager.

Cynet Protects Hospital From Lethal Infection
2023-05-25 13:47

A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process of upgrading several expensive imaging systems that were still supported by Windows XP and Windows 7 machines.

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government
2023-05-25 13:39

An unnamed government entity associated with the United Arab Emirates was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "Simple yet effective" backdoor dubbed PowerExchange. The custom implant achieves this by making use of the Exchange Web Services API to connect to the victim's Exchange Server and uses a mailbox on the server to send and receive encoded commands from its operator.