Security News > 2023

Sophos was forced to backport a security update for CVE-2022-3236 for end-of-life firewall firmware versions after discovering hackers actively exploiting the flaw in attacks. Although the hotfix was automatically rolled out to appliances set to auto-accept security updates by the vendor, by January 2023, over 4,000 internet-exposed appliances remained vulnerable to attacks.

Mozilla VPN’s fast performance may not be enough to make up for its small server network and lack of features. Learn more about it in our full review below.

Kyivstar, Ukraine's largest telecommunications service provider serving over 25 million mobile and home internet subscribers, has suffered a cyberattack impacting mobile and data services. "This morning, we were the target of a powerful hacker attack. It caused a technical failure, as a result of which services were temporarily unavailable," reads a statement from Kyivstar.

Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company. First Republic Bank was a commercial bank in the U.S., employing over seven thousand people and having an annual revenue of $6.75 billion.

The Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace....

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability and novel malware written in DLang. "This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their vulnerable infrastructure to n-day vulnerability exploitation such as CVE-2021-44228. We have observed Lazarus target manufacturing, agricultural and physical security companies," Cisco Talos researchers shared.

Roughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. In mid-November, SonarSource's researchers discovered three flaws impacting pfSense 2.7.0 and older and pfSense Plus 23.05.01 and older.

An official review of the Police Service of Northern Ireland's August data breach has revealed the full extent of the impact on staff. At the time of the data breach disclosure, the PSNI said no staff members were being relocated, but the review revealed that one officer decided to relocate themselves and their family out of concern for their safety.

Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. "The tone and content of the emails suggest to the recipient the actor is a legitimate candidate, and because the actor specifically targets people who are involved in recruiting and hiring, the emails do not immediately seem suspicious," they noted.

LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix; device manufacturers such as Lenovo, Dell, and HP; and the makers of the CPUs that go inside the devices, usually Intel, AMD or designers of ARM CPUs.