News – April 2023

April 10, 2023

Apple has released emergency updates to backport security patches released on Friday, addressing two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs. “Apple is aware of a report that this issue may have been actively exploited,” the company said in security advisories published on Monday. Read more… Source: Bleeping Computer  

April 9, 2023

One thing is clear about cyber insurance in the spring of 2023: The status quo is not sustainable. And now, Lloyd’s of London, a major player in the global insurance market, is calling for dramatic changes in the cyber insurance market. According to The Financial Times (FT), “From next month, Lloyd’s will require the dozens of ...

April 7, 2023

The chunk of internal source code Twitter released the other week contains a “shadow ban” vulnerability serious enough to earn its own CVE, as it can be exploited to bury someone’s account of sight “without recourse.” The issue was discovered by Federico Andres Lois while reviewing the tweet recommendation engine that’s said to power Twitter’s For ...

April 7, 2023

Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads. “Apple is aware of a report that this issue may have been actively exploited,” the company said when describing the issues in security advisories published on Friday. Read more… Source: Bleeping Computer  

April 7, 2023

Russia or pro-Russian elements are likely behind the leak of several classified U.S. military documents posted on social media that offer a partial, month-old snapshot of the war in Ukraine, three U.S. officials told Reuters on Friday, while the Justice Department said separately it was probing the leak. The documents appear to have been altered to ...

April 7, 2023

Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as “Money Message,” which claims to have stolen source code from the company’s network. MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with ...

April 6, 2023

U.S. Attorney Gregory J. Haanstad for the Eastern District of Wisconsin joined the Attorney General and other Justice Department officials in announcing a coordinated international operation that resulted in the dismantlement of Genesis Market, a criminal marketplace accessible on the dark web and clear web that advertised and sold packages of account access credentials – ...

April 6, 2023

The Medusa ransomware gang has claimed a cyberattack on the Open University of Cyprus (OUC), which caused severe disruptions of the organization’s operations. OUC is an online university based in Nicosia, Cyprus, that provides remote learning. It offers 30 higher-level education programs to 4,200 students and participates in various scientific research activities. Read more… Source: Bleeping Computer  

April 5, 2023

The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as ‘Typhon Reborn V2’ They boast significant improvements designed to thwart analysis via anti-virtualization mechanisms. The original Typhon was discovered by malware analysts in August 2022. Cyble Research Labs analyzed it at the ...

April 5, 2023

The UK’s national office for managing criminal record information (ACRO) has confirmed it’s currently trying to recover from a two-month “cyber security incident”. Few details were revealed by the organisation and other authorities, other than that the attack took place between 17 January and 21 March 2023. Read more… Source: IT Pro  

April 4, 2023

The Mantis cyber-espionage group (aka Arid Viper, Desert Falcon, APT-C-23), a threat actor believed to be operating out of the Palestinian territories, is continuing to mount attacks, deploying a refreshed toolset and going to great lengths to maintain a persistent presence on targeted networks. While the group is known for targeting organizations in the Middle East, ...

April 4, 2023

Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with “technically unique features,” which they named Rorschach. Among the capabilities observed is the encryption speed, which, according to tests from the researchers, would make Rorschach the fastest ransomware threat today. Read more… Source: Bleeping Computer  

April 4, 2023

Uber has had more of its internal data stolen from a third party that suffered a security breach. This time, the personal info of the app’s drivers was swiped by miscreants from the IT systems of law firm Genova Burns. In a letter to affected drivers, the lawyers said they had looked into the intrusion, and ...

April 4, 2023

The Immigration Department’s official website is expected to be restored and accessible to the public later today after remedial action to an earlier cyber-attack, said Datuk Ruslin Jusoh. The Immigration director-general said the department took the website offline earlier in order to perform repairs as well as implement new security measures. Read more… Source:  MSN News  

April 4, 2023

The sites of Tel Aviv University, Hebrew University of Jerusalem, Ben-Gurion University of the Negev, Haifa University, Weizmann Institute of Science, Open University of Israel and Reichman University were among the sites inaccessible due to the cyberattack. The group posted a statement on its Telegram account, listing the attacked websites. “Infrastructure: Universities – Israel’s education sector ...