Security News > 2023 > May

One of these fundamental security procedures is the period resetting of a strong login password - a security task that users are understandably reluctant to participate in. In Windows 11, administrators of local user accounts can force members to reset their respective passwords on their next login by making a simple change on a specific configuration screen.

Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers' Email Security Gateway appliances with custom malware and steal data. The company says an ongoing investigation found that the bug was first exploited in October 2022 to gain access to "a subset of ESG appliances" and deploy backdoors designed to provide the attackers with persistent access to the compromised systems.

The premium WordPress plugin 'Gravity Forms,' currently used by over 930,000 websites, is vulnerable to unauthenticated PHP Object Injection. Gravity Forms is a custom form builder website owners use for creating payment, registration, file upload, or any other form required for visitor-site interactions or transactions.

Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection to install "Undeletable" malware and access the victim's private data by circumventing Transparency, Consent, and Control security checks. Apple has patched the vulnerability in security updates for macOS Ventura 13.4, macOS Monterey 12.6.6, and macOS Big Sur 11.7.7, released two weeks ago, on May 18.

Spyware maker NSO Group has a new ringleader, as the notorious biz seeks to revamp its image amid new reports that the company's Pegasus malware is targeting yet more human rights advocates and journalists. The new owner is a Luxembourg-based holding firm called Dufresne Holdings controlled by NSO co-founder Omri Lavie, according to the report.

A new campaign distributing the RomCom backdoor malware is impersonating the websites of well-known or fictional software, tricking users into downloading and launching malicious installers. The first documented use of RomCom was reported in August 2022 by Palo Alto Networks, attributing the attacks to a Cuba ransomware affiliate they named 'Tropical Scorpius.

Researchers at web coding security company SALT just published a fascinating description of how they found an authentication bug dubbed CVE-2023-28131 in a popular online app-building coding toolkit known as Expo. Expo itself adds a wrapper around the verification process, so that it handles the authentication and the validation for you, ultimately passing a magic access token for the desired website back to the app or website you're connecting from.

Cybersecurity Ventures reported there are 3.5 million unfilled cybersecurity positions worldwide this year, and 750,000 of them are in the U.S. In an attempt to address this, as well as the lack of diversity in cybersecurity, Google is offering a Cybersecurity Certificate training program for anyone, including those with no background in coding or computer science. The company said the Google Cybersecurity Certificate, part of the Google Career Certificates portfolio of Coursera classes, offers an alternative to high-ticket collegiate training in cybersecurity, which is a slow pipeline with a high cost of entry.

Barracuda says that the recently discovered compromise of some of it clients' ESG appliances via a zero-day vulnerability resulted in the deployment of three types of malware and data exfiltration.Zeor-day exploited, Barracuda ESG appliances backdoored.

Microsoft has shared a temporary fix for a widespread issue triggered by a buggy driver that causes built-in cameras on some ARM-based Windows devices to stop working. The issues started last Tuesday, May 23, when many customers began reporting that their cameras had stopped working without warning.