Security News > 2023 > July

Federal prosecutors have expanded their criminal case against a famous Floridian and his loyal minions for allegedly mishandling national security secrets and not being forthright about the storage and handling of hundreds of classified documents. The charges include: attempting to destroy evidence; attempting to induce others to destroy evidence; and a further Espionage Act violation related to the unlawful retention of a top secret document about Iran.

They essentially occur when a web app or a web API backend doesn't properly check that a user is actually allowed to access some info from a database or some other resource. More specifically, IDOR bugs can occur when access is granted to stuff on the basis of the user's input, rather than from looking up that person's access rights.

The free NordVPN Meshnet helps you create your own VPN tunnel to securely and directly connect different devices. Meshnet has been a part of NordVPN for a long time but only as a paid option - now, Meshnet is available for free for NordVPN users.

OpenAI, Google, Microsoft and Anthropic have announced the formation of the Frontier Model Forum. The goal of the Frontier Model Forum is to have member companies contribute technical and operational advice to develop a public library of solutions to support industry best practices and standards.

CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances by exploiting a now-patched zero-day bug. [...]

The fictional nation of Zaqistan has a squid on its flag. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

According to the company, this change to the App Store API rules ensures developers don't abuse APIs for user fingerprinting. Developers must choose one or more approved reasons that accurately align with their app's API usage.

With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom.

Nearly all of the FBI's technical intelligence on malicious "Cyber actors" in the first half of this year was obtained via Section 702 searches, according to FBI Director Christopher Wray. With the controversial FISA amendment set to expire at the end of the year, unless Congress reauthorizes the snooping clause, Wray has been making the rounds and delivering the same message: the FBI "Cannot afford to lose" Section 702.

Ivanti released security patches for the path traversal flaw tracked as CVE-2023-35081 today and warned customers that it's "Critical" to upgrade as soon as possible to secure vulnerable appliances against attacks. In light of this, admins and security teams should immediately upgrade their Ivanti EPMM installations to the latest version to protect them from potential attacks.