Security News > 2023 > July

A member of U.S. Navy's red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for incoming files from users outside of a targeted organization, the so-called external tenants. The tool exploits a problem highlighted last month by Max Corbridge and Tom Ellson of UK-based security services company Jumpsec, who explained how an attacker could easily go around Microsoft Teams' file-sending restraints to deliver malware from an external account.

Law enforcement has detained a suspect believed to be a key member of the OPERA1ER cybercrime group, which has targeted mobile banking services and financial institutions in malware, phishing, and Business Email Compromise campaigns. The suspect was arrested by authorities in Côte d'Ivoire in early June following a joint law enforcement action dubbed Operation Nervone with the help of AFRIPOL, Interpol's Cybercrime Directorate, cybersecurity company Group-IB, and telecom carrier Orange.

The malware "Possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for carrying out ransomware activities," Zscaler researchers Shatak Jain and Gurkirat Singh said in a recent analysis. Following a successful breach, the malicious binary is used as a conduit to set up persistence, perform the actual browser update, and also drop a stealer capable of covertly harvesting sensitive information and encrypting the stolen files, leaving the victims at risk of potential data loss, exposure, or even the sale of their valuable data.

I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it "Scraped 300 billion words from the internet" without either registering as a data broker or obtaining consent. On the one hand, I want this to be a protected fair use of public data.

In a developer's or application security engineer's professional life, the consequences of exposing secrets can lead to breaches of security, data leaks, and, well, also be embarrassing. Secrets are typically stored securely and accessed programmatically by the application when needed.

The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container terminals.Today, the administrative authority of the Port of Nagoya has issued a notice about a malfunction in the "Nagoya Port Unified Terminal System" - the central system controlling all container terminals in the port.

The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. "A npm package's manifest is published independently from its tarball," Darcy Clarke, a former GitHub and npm engineering manager, said in a technical write-up published last week.

Instagram Threads, the upcoming Twitter competitor from Meta, will not be launched in the European Union due to privacy concerns, according to Ireland's Data Protection Commission. Threads is Meta's answer to Twitter that's set for launch on July 6, 2023.

In measures floated in October 2022 and to be enacted by the end of 2023, Singapore's Monetary Authority will require operators to hold customer assets under a statutory trust segregated from their own assets. Crypto outfits are also barred from facilitating retail customer lending and staking - the term for locking up crypto assets for a set time to support blockchain validation.

As 40% of consumers harbor skepticism regarding organizations' data protection capabilities, 75% would shift to alternate companies following a ransomware attack, according to Object First. Consumers request increased data protection from vendors, with 55% favoring companies with comprehensive data protection measures such as reliable backup and recovery, password protection, and identity and access management strategies.