IT Security Newsletter

IT Security Newsletter - 1/11/2023

Written by Cadre | Wed, Jan 11, 2023

Microsoft Patch Tuesday, January 2023 Edition

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. National Security Agency, and a critical Microsoft SharePoint Server bug that allows a remote, unauthenticated attacker to make an anonymous connection. READ MORE...

Ransomware attack exposes California transit giant's sensitive data

A ransomware attack against San Francisco's Bay Area Rapid Transit exposed highly sensitive and personal data after a threat group leaked the records Friday. The nation's fifth-largest transit system by ridership, and largest in California, remains operational. Vice Society, a prolific ransomware group, claimed responsibility for the attack on Friday when it listed BART on its leak site. READ MORE...

British Manufacturing Firm Morgan Advanced Materials Investigating Cyberattack

UK-based manufacturing company Morgan Advanced Materials revealed on Tuesday that it's investigating a cybersecurity incident. The company has launched an investigation after detecting unauthorized activity on its network. The wording suggests that it's an ongoing security breach. "Upon becoming aware of the incident, the Company immediately launched an investigation, engaged its specialist support services and has implemented its incident response plans," Morgan Advanced Materials said. READ MORE...

251k Impacted by Data Breach at Insurance Firm Bay Bridge Administrators

Third-party administrator of insurance products Bay Bridge Administrators (BBA) is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach. On Tuesday, the Austin, Texas-based administrator of employee benefit plans announced that, on September 5, 2022, it fell victim to a cyberattack that caused a network disruption. READ MORE...

New Dark Pink APT group targets govt and military with custom malware

Attacks targeting government agencies and military bodies in multiple countries in the APAC region have been attributed to what appears to be a new advanced threat actor that leverages custom malware to steal confidential information. Security researchers refer to this group as Dark Pink (Group-IB) or Saaiwc Group (Anheng Hunting Labs), noting that it employs uncommon tactics, techniques, and procedures (TTPs). READ MORE...

98 Patches: Microsoft Greets New Year With Zero-Day Security Fixes

Microsoft's first security update for 2023 contained patches for a whopping 98 vulnerabilities, including one that attackers are actively exploiting and another that is publicly known but has not been exploited yet. Microsoft identified 11 of the vulnerabilities it disclosed today as being of "critical" severity, meaning organizations using affected products need to prioritize these flaws before addressing the other ones. READ MORE...

A fifth of passwords used by federal agency cracked in security audit

More than a fifth of the passwords protecting network accounts at the US Department of the Interior-including Password1234, Password1234!, and ChangeItN0w!-were weak enough to be cracked using standard methods, a recently published security audit of the agency found. The audit was performed by the department's inspector general, which obtained cryptographic hashes for 85,944 employee active directory (AD) accounts. Auditors then used a list of more than 1.5 billion words that included: READ MORE...

Trojan Puzzle attack trains AI assistants into suggesting malicious code

Researchers at the universities of California, Virginia, and Microsoft have devised a new poisoning attack that could trick AI-based coding assistants into suggesting dangerous code. Named 'Trojan Puzzle,' the attack stands out for bypassing static detection and signature-based dataset cleansing models, resulting in the AI models being trained to learn how to reproduce dangerous payloads. READ MORE...

Polite WiFi loophole could allow attackers to drain device batteries

Researchers at the University of Waterloo in Ontario have further researched a loophole in the WiFi protocol that was dubbed "polite WiFi". Last year the researchers published a study in which they showed someone could use this loophole to triangulate the location of any WiFi enabled device. Now, they've followed up that study to say that someone could also drain the batteries of such device. READ MORE...

Unpatchable Hardware Vulnerability Allows Hacking of Siemens PLCs

Researchers at firmware security company Red Balloon Security have discovered a potentially serious vulnerability affecting many of Siemens' programmable logic controllers (PLCs). Exploitation of the vulnerability, tracked as CVE-2022-38773, could allow an attacker to bypass protected boot features and persistently modify the controller's operating code and data. The cause, according to Red Balloon Security, is a series of architectural issues affecting Siemens Simatic and Siplus S7-1500 CPUs. READ MORE...

  • ...in 1755, Founding Father, first Treasury Secretary, and Broadway musical inspiration Alexander Hamilton is born in the British West Indies.
  • ...in 1908, President Theodore Roosevelt designates the Grand Canyon a national monument.
  • ...in 1942, E Street Band saxophonist Clarence Clemons, AKA "The Big Man", is born in Norfolk County, VA.
  • ...in 1973, Major League Baseball's American League adopts the designated hitter rule.