Security News > 2023

An ex-General Electric engineer has been sentenced to two years in prison after being convicted of stealing the US giant's turbine technology for China. New York resident Xiaoqing Zheng, 59, who used to be employed at GE Power and specialized in turbine sealing technology, was convicted of conspiracy to commit economic espionage at the end of March after a jury trial in the Northern District of New York courthouse.

A new Linux malware downloader created using SHC has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. According to ASEC researchers, who discovered the attack, the SHC loader was uploaded to VirusTotal by Korean users, with attacks generally focused on Linux systems in the same country.

Texas-based cloud computing provider Rackspace has confirmed that the Play ransomware operation was behind a recent cyberattack that took down the company's hosted Microsoft Exchange environments. While Crowdstrike didn't name the victim in their report, Rackspace officials have revealed in recent local media interviews and emails to BleepingComputer that the OWASSRF exploit was found on its network and Play ransomware was behind last month's ransomware attack.

As of Wednesday, Jan. 4, Meta has once again been hit with a major GDPR violation, earning itself more than $400 million in fines for its latest data privacy misstep. In this report, we'll share what we know about Meta's latest violation, and we'll dive a little deeper into Meta's troubled past with GDPR. Fast facts about Meta's 2023 GDPR targeted ads violation.

Since July 22nd, 2022, threat actors and data breach collectors have been selling and circulating large data sets of scraped Twitter user profiles containing both private and public data on various online hacker forums and cybercrime marketplaces. These data sets were created in 2021 by exploiting a Twitter API vulnerability that allowed users to input email addresses and phone numbers to confirm whether they were associated with a Twitter ID. The threat actors then used another API to scrape the public Twitter data for the ID and combined this public data with private email addresses/phone numbers to create profiles of Twitter users.

Long-standing British newspaper The Guardian has told staff to continue working from home and notified the UK's data privacy watchdog about the security breach following a suspected ransomware attack before Christmas. "We believe this to be a ransomware attack but are continuing to consider all possibilities," The Guardian Media Group Chief Executive Anna Bateson and Editor-in-Chief Katharine Viner told staff last month.

Business software provider Zoho has urged customers to patch a critical security flaw affecting multiple ManageEngine products."We identified a SQL injection vulnerability in our internal framework that would grant all [.] users unauthenticated access to the backend database," Zoho said.

So we though we'd take a quick look back at some of the major issues we covered over the last couple of weeks, and reiterate the serious security lessons we can learn from them. If you are ever stuck with doing a data breach notification, don't try to rewrite history to your marketing advantage.

Microsoft has reminded customers that the extended support for all editions of Windows Server 2012 and Windows Server 2012 R2 will end on October 10. Although Windows Server 2012 reached its mainstream support end date over four years ago, in October 2018, Microsoft pushed back the end date for extended support five years to allow customers to migrate to newer, under-support Windows Server versions.

Hackers are abusing the Windows Problem Reporting error reporting tool for Windows to load malware into a compromised system's memory using a DLL sideloading technique. The use of this Windows executable is to stealthy infect devices without raising any alarms on the breached system by launching the malware through a legitimate Windows executable.