Security News

Today is Microsoft's April 2023 Patch Tuesday, and security updates fix one actively exploited zero-day vulnerability and a total of 97 flaws. This count does not include seventeen Microsoft Edge vulnerabilities fixed on April 6th. One zero-day fixed.

Passbolt: Open-source password manager for security-conscious organizationsIn this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager guarantees the utmost level of security for businesses, highlights its features in the competitive landscape, sheds light on how Passbolt meets the distinct requirements of teams and organizations, and more. Rorschach ransomware deployed by misusing a security toolAn unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check Point researchers have found.

On Friday, U.S. Cybersecurity and Infrastructure Security Agency increased by five its list of security issues that threat actors have used in attacks, three of them in Veritas Backup Exec exploited to deploy ransomware. Of the five vulnerabilities that CISA added to the catalog of Known Exploited Vulnerabilities today, only one was rated critical, an issue in Veritas' data protection software tracked as CVE-2021-27877 that allows remote access and command execution with elevated privileges.

Per Microsoft, that's "Two weeks after your latest monthly security update and about two weeks before you'll see these features become part of the next mandatory cumulative update," which is the optimal time for testing. April 2023 Patch Tuesday forecast Microsoft has stepped up the security fixes in their operating systems so we should see that trend continue.

HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity vulnerability that impacts the firmware of certain business-grade printers. The security issue is tracked as CVE-2023-1707 and it affects about 50 HP Enterprise LaserJet and HP LaserJet Managed Printers models.

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies today to patch security vulnerabilities exploited as zero-days in recent attacks to install commercial spyware on mobile devices. One month later, a complex chain of multiple 0-days and n-days was exploited to target Samsung Android phones running up-to-date Samsung Internet Browser versions.

Taiwanese hardware vendor QNAP warns customers to secure their Linux-powered network-attached storage devices against a high-severity Sudo privilege escalation vulnerability. The vulnerability also affects the QTS, QuTS hero, QuTScloud, and QVP NAS operating systems, as QNAP revealed in a security advisory published on Wednesday.

Traditional, well-behaved image viewers, including the very tool you just used to crop the file, would ignore the extra data, but deliberately-coded data recovery or snooping apps might not. The low-level details of the bug were different, not least because Google's app was coded in Java and used Java libraries, while Microsoft's apps are written in C++ and use Windows libraries, but the leaky side-effects were identical.

Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and Windows 11. "If you take a screenshot of your bank statement, save it to your desktop, and crop out your account number before saving it to the same location, the cropped image could still contain your account number in a hidden format that could be recovered by someone who has access to the complete image file," Microsoft explains.

Interestingly, WooCommerce suggests that even if attackers had found and exploited this vulnerability, the only information about your logon passwords they'd have been able to steal would have been so-called salted password hashes, and so the company has written that "It's unlikely that your password was compromised". As a result, it's offering the curious advice that you can get away without changing your admin password as long as [a] you're using the standard WordPress password management system and not some alternative way of handling passwords that WooCommerce can't vouch for, and [b] you're not in the habit of using the same password on multiple services.