Security News > 2024 > February

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023.The backdoor codenamed “RustDoor” by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.

More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. In the case of VexTrio, tens of thousands of websites are compromised so that their visitors are redirected to pages that serve up malware downloads, show fake login pages to steal credentials, or perform some other fraud or cyber-crime.

Amusing story about a penguin named "Squid." As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it. Researchers at watchTowr blogged today about not being credited with the discovery of CVE-2024-22024 - the latest in a series of vulnerabilities affecting Ivanti gateways as the vendor continues to develop patches for supported versions.

CISA confirmed today that attackers are actively exploiting a critical remote code execution bug patched by Fortinet on Thursday. CISA's announcement comes one day after Fortinet published a security advisory saying the flaw was "Potentially being exploited in the wild."

The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. The figures shared by the Canadian government when describing the car theft surge currently impacting Canada align with the most recent data shared by the Statistics Canada government agency, which shows an increasing number of car theft reports since 2021.

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without reading the German text.

The Bitwarden Free plan allows you to send encrypted text only, whereas Bitwarden Premium users can attach other file types. Bitwarden Free users can enable two-step login, such as MFA, for their Bitwarden account using an authenticator app or email verification codes.

Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update."After updating to Version 2401 Build 17231.20182 Outlook stops connecting when using the Exchange ActiveSync protocol," Microsoft said.

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than...