Security News > 2023 > December

Fancy Bear, the Kremlin's cyber-spy crew, has been exploiting two previously patched bugs for large-scale phishing campaigns against high-value targets - like government, defense, and aerospace agencies in the US and Europe - since March, according to Microsoft. The US and UK governments have linked this state-sponsored gang to Russia's military intelligence agency, the GRU. Its latest phishing expeditions look to exploit CVE-2023-23397, a Microsoft Outlook elevation of privilege flaw, and CVE-2023-38831, a WinRAR remote code execution flaw that allows arbitrary code execution.

IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware gang began leaking screenshots of stolen data. HTC Global Services is a managed service provider offering technology and business services to the healthcare, automotive, manufacturing, and financial industries.

A vulnerability in an open-source library that is common across the Web3 space impacts the security of pre-built smart contracts, affecting multiple NFT collections, including Coinbase. "If you used our Solidity SDK to extend our base contract or built a custom contract, we don't believe the vulnerability extends to your contract," explains Thirdweb, adding that this is not a guarantee because they "Are unable to audit individual contracts."

Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and the GNOME 45 desktop environment.With this final release of 2023, the Kali Team says there are not many new features added to the core operating system, but they did bundle fifteen new tools, and the distro now ships with the GNOME 45 desktop environment.

OffSec has released Kali Linux 2023.4, the latest version of its penetration testing and digital forensics platform. Enum4linux-ng - Next generation version of enum4linux with additional features exiflooter - Finds geolocation info on all image URLs and directories.

Microsoft says that all Windows 10 customers will be able to pay for three extra years of security updates through the company's Extended Security Updates program after the end of support date. The upcoming Windows 10 22H2 version is the final Windows release, with all editions to continue to receive monthly security updates until the EOS date.

CISA has released details about a federal agency that recently had at least two public-facing servers compromised by attackers exploiting a critical Adobe ColdFusion vulnerability. In a Tuesday advisory, CISA revealed the federal civilian executive branch in question was successfully attacked in June and into July, meaning the vulnerability went unpatched for more than three months after CISA's deadline.

The U.S. Cybersecurity and Infrastructure Security Agency is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. The security issue allows executing arbitrary code on servers running Adobe ColdFusion 2018 Update 15 and older, and 2021 Update 5 and earlier.

Partner Content There are plenty of technology acronyms in the alphabet soup of the cybersecurity industry, but DSPM is the latest one leading the charge; its recent buzz has brought scrutiny to various security concepts that have cluttered the meaning behind data security posture management. DSPM provides visibility into where sensitive data is located, who has access to it, how it's being used, and how the security controls and permissions are configured on the data stores or applications hosting the data.

Recovering accounts because of forgotten passwords is one of the high-risk events in the identity management life cycle, making the service desk a likely target during the holiday season. This capability of bypassing security policies is a double-edged sword: While serving as the first line of defense against hackers and point of contact for employees, the service desk also serves as a back door to your network through social engineering.