Security News > 2023 > May

Zyxel warns of critical vulnerabilities in firewall and VPN devices
2023-05-25 13:31

Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication. CVE-2023-33009: A buffer overflow vulnerability in the notification function in some Zyxel products, allowing an unauthenticated attacker to perform remote code execution or impose DoS conditions.

Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks
2023-05-25 11:32

A Brazilian threat actor is targeting Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. PeepingTitle, like Maxtrilha, is written in the Delphi programming language and is equipped to grant the attacker full control over the compromised hosts as well as capture screenshots and drop additional payloads.

ChatGPT is down worldwide - OpenAI confirms issues
2023-05-25 11:31

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

Five Eyes agencies detail how Chinese hackers breached US infrastructure
2023-05-25 11:10

The National Security Agency and Five Eyes partner agencies have identified indicators of compromise associated with a People's Republic of China state-sponsored cyber actor dubbed Volt Typhoon, which is using living off the land techniques to target networks across US critical infrastructure. The authoring agencies also includes a summary of indicators of compromise values, such as unique command-line strings, hashes, file paths, exploitation of CVE-2021-40539 and CVE-2021-27860 vulnerabilities, and file names commonly used by this actor.

On the Poisoning of LLMs
2023-05-25 11:05

Given that we've known about model poisoning for years, and given the strong incentives the black-hat SEO crowd has to manipulate results, it's entirely possible that bad actors have been poisoning ChatGPT for months. We don't know because OpenAI doesn't talk about their processes, how they validate the prompts they use for training, how they vet their training data set, or how they fine-tune ChatGPT. Their secrecy means we don't know if ChatGPT has been safely managed.

Phishing campaign targets ChatGPT users
2023-05-25 11:02

A clever phishing campaign aimed at stealing users' business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted by Inky researchers. The initial phase of the attack involves the victim receiving an email that appears legitimate, purportedly sent by OpenAI. The email requests the recipient to verify their email address in order to continue using their ChatGPT account setup.

‘Operation Magalenha’ targets credentials of 30 Portuguese banks
2023-05-25 11:00

A Brazilian hacking group has been targeting thirty Portuguese government and private financial institutions since 2021 in a malicious campaign called 'Operation Magalenha. The attackers use many methods to distribute their malware to targets, including phishing emails pretending to come from Energias de Portugal and the Portuguese Tax and Customs Authority, social engineering, and malicious websites that mimic these organizations.

Webinar with Guest Forrester: Browser Security New Approaches
2023-05-25 10:50

In today's digital landscape, browser security has become an increasingly pressing issue, making it essential for organizations to be aware of the latest threats to browser security. That's why the Browser Security platform LayerX is hosting a webinar featuring guest speaker Paddy Harrington, a senior analyst at Forrester and the lead author of Forrester's browser security report "Securing The Browser In The World Of Anywhere Work".

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code
2023-05-25 10:40

The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. The latest findings from Symantec show that Blacktail's modus operandi might be changing, what with the actor leveraging modified versions of the leaked LockBit 3.0 and Babuk ransomware source code to target Windows and Linux, respectively.

Facial recog system used by Met Police shows racial bias at low thresholds
2023-05-25 10:34

The UK Parliament has heard that a facial recognition system used by the Metropolitan police during the King's Coronation can exhibit racial bias at certain thresholds. Speaking to the Science, Innovation and Technology Committee, Dr Tony Mansfield, principal research scientist, National Physical Laboratory, said the NEC-based system used by the Met, the UK's largest police force, was prone to bias against Black individuals on a set of test data created for his investigations.