News – March 2023

March 31, 2023

On March 14, 2023, Microsoft released a patch for CVE-2023-23397. CVE-2023-23397 is a vulnerability in the Windows Microsoft Outlook client that can be exploited by sending a specially crafted email that triggers automatically when it is processed by the Outlook client. No user interaction is required to trigger the exploit. Exploitation of the vulnerability will leak ...

March 31, 2023

The University of California said Wednesday that it was subject to a cyber attack that has compromised the personal information of some individuals in the university community. According to the ten-campus university system, the cyber attack “involves the use of Accellion, a vendor used by many organizations for secure file transfer, in which an unauthorized individual ...

March 31, 2023

Computer systems have abruptly stopped working at the outsourcing group Capita, knocking out council phone lines and triggering fears that the company that runs crucial operations for the NHS and the military could be under cyber-attack. Capita staff are understood to have been unable to access IT systems since the early hours of Friday, and an ...

March 30, 2023

Trend Micro researchers analyzed a Mac malware called MacStealer (detected by Trend Micro as TrojanSpy.MacOS.CpypwdStealer.A), a cryptocurrency wallet and information stealer disguised as a plagiarized version of a legitimate play-to-earn (P2E) game app. We posted a warning for users to avoid this threat early; this article discusses the technical details of the malware and the ...

March 30, 2023

CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2013-3163 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2014-1776 Microsoft Internet Explorer Memory Corruption Vulnerability CVE-2017-7494 Samba Remote Code Execution Vulnerability Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

March 30, 2023

CISA is aware of open-source reports describing a supply chain attack against 3CX software and their customers. According to the reports, 3CXDesktopApp — a voice and video conferencing app — was trojanized, potentially leading to multi-staged attacks against users employing the vulnerable app. CISA urges users and organizations to review the following reports for more information, ...

March 29, 2023

One of Australia’s biggest property companies said Wednesday it had been hit by cybercriminals who may have stolen data about staff and guests. Staff members at Meriton, a large Australian property business, were warned Wednesday that cybercriminals may have accessed details of their bank accounts and details of their salaries, disciplinary history and performance appraisals. Read more… Source: ...

March 29, 2023

Financial gain remains the key driver of cybercriminal activity. In the past year, we’ve seen multiple developments in this area – from new attack schemes targeting contactless payments to multiple ransomware groups continuing to emerge and haunt businesses. However, traditional financial threats – such as banking malware and financial phishing, continue to take up a ...

March 28, 2023

Cybersecurity researchers have discovered a fundamental security flaw in the design of the IEEE 802.11 WiFi protocol standard, allowing attackers to trick access points into leaking network frames in plaintext form. WiFi frames are data containers consisting of a header, data payload, and trailer, which include information such as the source and destination MAC address, control, ...

March 28, 2023

It is often the case that something new is just a reincarnation of something old. Kaspersky reasearchers have come across a series of clipboard injection attacks on cryptocurrency users, which emerged starting from September 2022. Although they have written about a similar malware attack in 2017 in one of our blogposts, the technique is still ...

March 28, 2023

There is rarely a day that goes by when there isn’t a major local, national or international story about a well know organisation being hit by a cyber attack that has huge potential to disrupt the business and damage their brand. In the past few weeks alone we’ve seen Eurovision fans in a panic after Booking.com ...

March 28, 2023

Mandiant researchers released a report on APT43, a prolific threat actor operating on behalf of the North Korean regime that they have observed engaging in cybercrime as a way to fund their espionage operations. According to Mandiant they track tons of activity throughout the year, but don’t always have enough evidence to attribute it to a ...

March 28, 2023

Crown Resorts, Australia’s largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability. The Blackstone-owned company has an annual revenue that surpasses $8 billion and operates complexes in Melbourne, Perth, Sydney, Macau, and London. Read more… Source: Bleeping Computer  

March 28, 2023

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary updates. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

March 27, 2023

Their insights are compiled in Europol’s first Tech Watch Flash report published today. Entitled ‘ChatGPT – the impact of Large Language Models on Law Enforcement’, this document provides an overview on the potential misuse of ChatGPT, and offers an outlook on what may still be to come. Read more… Source: Europol