Security News > 2023 > September

Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files. GitHub's security researcher Jaroslav Lobačevski reported the vulnerabilities in Notepad++ version 8.5.2 to the developers over the last couple of months.

According to IBM's Cost of a Data Breach Report 2023, the average cost of a data breach in Australia has grown by 32% in five years to AU $4.03 million. As the risk of data breach incidents rise, IT leaders are in a position to minimize the cost of a data breach by implementing DevSecOps, utilizing AI and automation, prioritizing incident response planning and testing, streamlining data breach discovery and taking out adequate cybersecurity insurance for when the worst happens.

The Ragnar Locker ransomware gang has claimed responsibility for an attack on Israel's Mayanei Hayeshua hospital, threatening to leak 1 TB of data allegedly stolen during the cyberattack. Yesterday, security researcher MalwareHunterTeam noted that the Ragnar Locker ransomware group claimed responsibility for the attack, creating a new page for the hospital on their data leak site.

A new study by Cisco Investments with venture capital firms finds that most CISOs find complexity of tools, number of solutions and users, and even jargon a barrier to zero trust. The guide, which explored the cybersecurity market around identity management, data protection, software supply chain integrity and cloud migration, resulted from interviews with Cisco customers, chief information security officers, innovators, startup founders and other experts.

Dymocks Booksellers is warning customers their personal information was exposed in a data breach after the company's database was shared on hacking forums.The company was informed that its customer data was stolen on September 6th, 2023, by Troy Hunt, the creator of the data breach notification service 'Have I Been Pwned', after a threat actor released it on a hacking forum.

The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. "Russia has long been a safe haven for cybercriminals, including the TrickBot group," the U.S. Treasury Department said, adding it has "Ties to Russian intelligence services and has targeted the U.S. Government and U.S. companies, including hospitals."

Webinar It is a stratospheric number of emails pinging around the globe and the sheer volume offers a seductively lucrative phishing opportunity to the legion of bad actors out there. Email is, by all accounts, one of the most difficult applications to secure and Business Email Compromise is estimated to have caused $50 billion of losses to organizations in the last decade.

Cisco is warning of a zero-day vulnerability in its Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense that is actively exploited by ransomware operations to gain initial access to corporate networks. The medium severity zero-day vulnerability impacts the VPN feature of Cisco ASA and Cisco FTD, allowing unauthorized remote attackers to conduct brute force attacks against existing accounts.

Apple devices are again under attack, with a zero-click, zero-day vulnerability used to deliver Pegasus spyware to iPhones discovered in the wild. Researchers at Citizen Lab are referring to the exploit as BLASTPASS. The team said they immediately disclosed their findings to Apple when they first discovered an infected device owned by an individual employed by a Washington DC-based civil society organization with international offices.

Recently, a slew of activity by the advanced persistent threat group Lazarus has focused on finding vulnerable Microsoft IIS servers and infecting them with malware or using them to distribute malicious code. This article describes the details of the malware attacks and offers actionable suggestions for protecting Microsoft IIS servers against them.