Security News > 2023 > May

Slovak cybersecurity firm ESET is tracking the series of attacks against Southeast Asian gambling companies under the name Operation ChattyGoblin. "These attacks use a specific tactic: targeting the victim companies' support agents via chat applications - in particular, the Comm100 and LiveHelp100 apps," ESET said in a report shared with The Hacker News.

Product security teams aim to guarantee the intrinsic reliability of applications. In the DevSecOps approach, each team is responsible for the security of the applications they create.

Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. "If the user has a different default authentication method, there's no change to their default sign-in. If the default method is Authenticator, they get number matching," Microsoft clarified, and noted that users can't opt out of this feature.

The advanced persistent threat actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat group used a server-based polymorphism technique to deliver the next stage payload," the BlackBerry Research and Intelligence Team said in a technical report published Monday.

Even with these stated benefits and with 90% agreeing that demonstrating a commitment to digital trust will ultimately make organizations more successful, only 24% have a dedicated digital trust staff role and only 36% say their board of directors has prioritized digital trust. 82% of respondents say measuring the maturity of digital trust practices is extremely or very important, yet 31% do not measure the maturity of digital trust at all.

Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said. The tech giant's threat intelligence team said it observed both Mango Sandstorm and Mint Sandstorm weaponizing CVE-2023-27350 in their operations to achieve initial access.

DEF CON's AI Village will host the first public assessment of large language models at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models. During the conference, red teams will put LLMs from some of the leading vendors, such as Anthropic, Google, Hugging Face, NVIDIA, OpenAI, Stability, and Microsoft, to the test.

Beijing sent a message to foreign businesses this week when it launched an investigation into Shanghai-based Capvision Partners on the grounds of national security, accusing the consultancy firm of failure to prevent espionage. State-sponsored broadcaster China Central Television reported that the raid led to the arrest of a senior researcher from a large state-owned enterprise in China - for providing Capvision's foreign clients with intelligence.

Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws in VPN appliances to obtain initial access to targeted networks. "Once inside the network, CACTUS actors attempt to enumerate local and network user accounts in addition to reachable endpoints before creating new user accounts and leveraging custom scripts to automate the deployment and detonation of the ransomware encryptor via scheduled tasks," Kroll said in a report shared with The Hacker News.

Like cybercriminals, hackers will also be leveraging tools such as publicly available Common Vulnerabilities and Exposures databases. The way to keep pace and avoid burnout in internal security teams is to engage hackers to work on their behalf by setting up a vulnerability disclosure program.