Security News > 2023 > July

An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023. "Despite using relatively unsophisticated tools, Neo Net has achieved a high success rate by tailoring their infrastructure to specific targets, resulting in the theft of over 350,000 EUR from victims' bank accounts and compromising Personally Identifiable Information of thousands of victims," Thill said.

No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild. Cybersecurity firm Bishop Fox, in a report published last week, said that out of nearly 490,000 Fortinet SSL-VPN interfaces exposed on the internet, about 69 percent remain unpatched.

Infosec outfit Checkpoint says it's spotted a Chinese actor targeting diplomatic facilities around Europe. Checkpoint has dubbed the campaign "SmugX" thanks to its use of HTML smuggling to deploy the PlugX remote access trojan.

Aggregated honeypot data, over a six-month period, showed that more than 50% of the attacks focused on defense evasion, according to Aqua Security. These attacks included masquerading techniques, such as files executed from /tmp, and obfuscated files or information, such as dynamic loading of code.

Productiv analyzed how nearly 100 million SaaS licenses were used over the last three years - including more than 100 billion app usage data points to produce an in-depth look at pivotal SaaS stats and insights on SaaS growth, spend, consolidation and usage. SaaS growth continues apace, even as companies improve SaaS spend management.

To overcome these challenges, IT organizations are turning to hybrid solutions to leverage the benefits of the cloud and the mainframe. An astounding 93% of respondents strongly agree with the sentence, "I believe my organization needs to embrace a hybrid infrastructure model that spans from mainframe to cloud."

More than 338,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical bug Fortinet fixed last month that's being exploited in the wild. Fortinet disclosed the flaw last month and noted that the issue, which it tracks as FG-IR-23-097, "May have been exploited in a limited number of cases and we are working closely with customers to monitor the situation."

Its abilities have been assessed over the past two years, and the system has boosted identity verification efficiency without infringing on travelers' privacy rights, a TSA spokesperson told us. "Right now we are at six percent fully operational capacity," TSA press secretary Carter Langston said in an interview with The Register.

If you run a WordPress site with the Ultimate Members plugin installed, make sure you've updated it to the latest version. The plugin doesn't allow users to enter this value, but this filter turns out to be easy to bypass, making it possible to edit wp capabilities and become an admin.

Microsoft has denied the claims of the so-called hacktivists "Anonymous Sudan" that they breached the company's servers and stole credentials for 30 million customer accounts.Yesterday, the hacktivists alleged that they had "Successfully hacked Microsoft" and "Accessed a large database containing more than 30 million Microsoft accounts, emails, and passwords."