IT Security Newsletter - 4/19/2023
Apple's Macs have long escaped ransomware, but that may be changing
Security researchers are examining newly discovered Mac ransomware samples from the notorious gang LockBit, marking the first known example of a prominent ransomware group toying with macOS versions of its malware. Ransomware is a pervasive threat, but attackers typically don't bother creating versions of their malware to target Macs. That's because Apple's computers, while popular, are much less prevalent than those running Windows, Linux, and other operating systems. READ MORE...
Russian snoops just love invading unpatched Cisco gear, America and UK warn
The UK and US governments have sounded the alarm on Russian intelligence targeting unpatched Cisco routers to deploy malware and carry out surveillance. In a joint advisory issued Tuesday, the UK National Cyber Security Centre (NCSC), the NSA, America's Cybersecurity and Infrastructure Security Agency (CISA) and the FBI provided details about how Russia's APT2 exploited an old vulnerability in unpatched Cisco routers in 2021 to collect network information belonging to European and US organizations. READ MORE...
Oracle Releases 433 New Security Patches With April 2023 CPU
Oracle on Tuesday announced the release of 433 new patches as part of its quarterly set of security updates, including more than 70 fixes for critical-severity vulnerabilities. More than 250 of the addressed vulnerabilities can be exploited remotely and without authentication. Some of the resolved bugs impact multiple products. For the third quarter in a row, Oracle Communications received the largest number of security patches, at 77. READ MORE...
Google Patches Second Chrome Zero-Day Vulnerability of 2023
Tracked as CVE-2023-2136, the security defect is described as a high-severity integer overflow issue in Skia. The bug was reported by Google Threat Analysis Group researcher Clement Lecigne and, per Google's policy, no monetary reward was issued for it. "Google is aware that an exploit for CVE-2023-2136 exists in the wild," the internet giant notes in its advisory. READ MORE...
'Goldoson' Malware Sneaks into Google Play Apps, Racks Up 100M Downloads
Malware that can steal data and commit click fraud has hitched a ride into 60 mobile apps, via an infected third-party library. The infected apps have logged more than 100 million downloads from the official Google Play store and are available in other app stores in South Korea, researchers have found. Goldoson, discovered and named by researchers at McAfee Labs, can perform a variety of nefarious activities on Android-based devices, they said in a blog post. READ MORE...
How Zero Trust Can Protect Systems Against Generative AI Agents
Generative AI tools are already being used to penetrate systems, and the damage will get worse, panelists said last week at a technology conference. But those same tools, enhanced with standard zero-trust practices, can counteract such attacks. "We're definitely seeing generative AI being used to produce content that would make it more likely for an unwitting partner to click on a link," said Kathleen Fisher, director of DARPA's Information Innovation Office. READ MORE...
Misconfiguration leaves thousands of servers vulnerable to attack, researchers find
Misconfigured web servers remain a "major problem" with thousands left exposed online waiting for hackers to gain access to valuable information that's left up for grabs, according to a recent report from the security company Censys. The firm that indexes internet-facing devices found that more than 8,000 servers hosting sensitive information such as log-in credentials, database backups and configuration files are not property configured. READ MORE...
NSO Group Is Back in Business With 3 New iOS Zero-Click Exploits
Israeli spyware firm NSO Group is back with at least three new iOS 15 and iOS 16 zero-click exploit chains, which were used against human rights activists in Mexico and elsewhere across the world in 2022. The Citizen Lab, an interdisciplinary research organization in Toronto focused on communications technologies, human rights, and global security, recently released the results of its investigation into NSO Group's recent activities. READ MORE...
- ...in 1764, the British Parliament bans the American colonies from printing paper money, to limit inflation for British merchants.
- ...in 1946, actor Tim Curry ("The Rocky Horror Picture Show", Stephen King's "It") is born in Cheshire, England.
- ...in 1971, the Soviet Union launches Salyut 1, the first space station to be placed in Earth orbit.
- ...in 1987, "The Simpsons" first appears as a series of animated shorts shown on "The Tracey Ullman Show."