Security News > 2023

Qualcomm on Tuesday released patches to address multiple security flaws in its chipsets, some of which could be exploited to cause information disclosure and memory corruption. The five vulnerabilities - tracked from CVE-2022-40516 through CVE-2022-40520 - also impact Lenovo ThinkPad X13s laptops, prompting the Chinese PC maker to issue BIOS updates to plug the security holes.

In the past years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors, turning ransomware into the internet's most severe security crisis. Ransomware as a Service has become the most widespread type of ransomware.

A new Linux malware developed using the shell script compiler has been observed deploying a cryptocurrency miner on compromised systems. "It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system," AhnLab Security Emergency Response Center said in a report published today.

In the cybersecurity world this is known as disaster recovery planning, crisis management, or backup and recovery policy. Regardless of the name, it all boils down to pre-incident planning that creates a tested and robust process for the recovery of an IT network and, ultimately, a return to business-as-normal.

In 2022, significant geopolitical developments have led to equally significant changes within the cyber insurance market. In this Help Net Security video, Chris Denbigh-White, Global Director of Customer Success for Next DLP, discusses how, with the increasing number of breaches, insurers are left with no choice but to increase premiums, making the notion of insuring cyber risk unrealistic, leaving businesses paying the highest premiums to date.

Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems.Tracked as CVE-2022-43931, the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug in the remote desktop functionality in Synology VPN Plus Server.

Once inside corporate networks, they move swiftly to target and exfiltrate high-value data, including data crucial to the organization, intellectual property, and personal identifiable information or sensitive PII. Structured and unstructured data are at risk. Attackers targeted structured data used in databases such as Oracle and Microsoft Azure SQL Server and for analytics in web platforms such as Databricks.

Notorious ransomware gang LockBit "Formally apologized" for an extortion attack against Canada's largest children's hospital that the criminals blamed on a now-blocked affiliate group, and said it published a free decryptor for the victim to recover the files. "The partner who attacked this hospital violated our rules, is blocked and is no longer in our affiliate program," LockBit reportedly said on its leak site.

A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal information and cryptocurrency. [...]

More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by...