Security News > 2023 > May

A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware. Written in Golang, Aurora has been available on various hacker forums for more than a year, advertised as an info stealer with extensive capabilities and low antivirus detection.

Twitter has rolled out some quality of life updates for direct messages on the platform, and CEO Elon Musk reckons the site is to start encrypting DMs, beginning today, without providing proof that's the case. In a tweet last night, Twitter Support announced that a couple of well-trodden DM features from other platforms were being added to Twitter.

A new 'White Phoenix' ransomware decryptor allows victims to partially recover files encrypted by ransomware strains that use intermittent encryption. After successfully recovering PDF files using the White Phoenix tool, CyberArk found similar restoration possibilities for other file formats, including files based on ZIP archives.

While Dragos states that the threat actors did not breach its network or cybersecurity platform, they got access to the company's SharePoint cloud service and contract management system. "On May 8, 2023, a known cybercriminal group attempted and failed at an extortion scheme against Dragos. No Dragos systems were breached, including anything related to the Dragos Platform," the company said.

Reuters is reporting that the FBI "Had identified and disabled malware wielded by Russia's FSB security service against an undisclosed number of American computers, a move they hoped would deal a death blow to one of Russia's leading cyber spying programs." The headline says that the FBI "Sabotaged" the malware, which seems to be wrong.

Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as "Important." Akamai's research team and Ben Barnea, the researcher who's credited with finding the flaw, disagree with that assessment, because "The new vulnerability re-enables the exploitation of a critical vulnerability that was seen in the wild and used by APT operators."

The vulnerability, tracked as CVE-2023-29324, has been described as a security feature bypass. Akamai security researcher Ben Barnea, who discovered and reported the bug, noted that all Windows versions are affected, but pointed out Microsoft, Exchange.

What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it. The researcher, surprised by this finding, reached out to BleepingComputer disclosing the details of the firmware version-and the Coldplay song.

What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it. The researcher, surprised by this finding, reached out to BleepingComputer disclosing the details of the firmware version-and the Coldplay song.

Sponsored Microsoft 365 has worked its way into so many facets of our organizations that it can be hard to imagine what life would be like without it. They know that locking up your 365 installation, and the mission-critical data it contains, will pile pressure on you to meet their ransom demands.