News – May 2023

  • Critical Barracuda 0-day was used to backdoor networks for 8 months

    May 31, 2023

    A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The software bug, tracked as CVE-2023-2868, is a remote-command injection vulnerability that stems from incomplete input validation of user-supplied .tar files, which are used to pack or archive multiple files. Read more… Source: ...

  • Gigabyte motherboards come with a hidden firmware backdoor

    May 31, 2023

    Component supplier Gigabyte has some pressing questions to answer. The first and most pressing is, “Why did you put an updater backdoor into your own motherboard firmware without telling anyone?” The second is, “Why didn’t you lock it down in any meaningful way, hoping that it would stay secure simply by not being known?” Read more… Source: ...

  • Greece Orders Probe into Exam System Cyber-Attacks

    May 31, 2023

    Greece’s Supreme Court launched on Tuesday an urgent investigation into the cyber-attacks targeting the Greek high school exams that were interrupted two days running. Following a second cyber-attack on the data bank providing the exam questions, Supreme Court Public Prosecutor Isidoros Dogiakos ordered an investigation with the assistance of the Hellenic Police Cyber Crime Unit. Read more… Source: ...

  • Capita cyber-attack: 90 organisations report data breaches

    May 30, 2023

    About 90 organisations have reported breaches of personal information held by Capita after the outsourcing group suffered a cyber-attack, Britain’s data watchdog has said. The company, which runs crucial services for local councils, the military and the NHS, experienced the hack, which caused a significant IT outage, in March. Read more… Source: The Guardian  

  • MCNA Dental data breach impacts 8.9 million people after ransomware attack

    May 29, 2023

    Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. MCNA Dental is one of the largest government-sponsored (Medicaid and CHIP) dental care and oral health insurance providers in the U.S. Read more… Source: Bleeping Computer  

  • New York county still dealing with ransomware eight months after attack

    May 29, 2023

    The fallout from an eight-month-old cyber attack on a county in Long Island, New York has devolved into mud-slinging as leaders try to figure out just what is going on. Suffolk County was hit with a ransomware attack in early September 2022, which led county executive Steve Bellone to issue nine separate emergency declarations, Long ...

  • Lazarus hackers target Windows IIS web servers for initial access

    May 29, 2023

    The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks. Lazarus is primarily financially motivated, with many analysts believing that the hackers’ malicious activities help fund North Korea’s weapons development programs. However, the group has also been ...

  • Senegalese government websites hit with cyber attack

    May 27, 2023

    A group of hackers called Mysterious Team made multiple Senegalese government websites go offline overnight on Friday by hitting them with denial-of-service (DDoS) attacks, a government spokesperson said. The group claimed responsibility for the cyber attacks in a series of Twitter posts using the hashtag #FreeSenegal used by campaigners alleging political repression in Senegal. Read more… Source: Reuters  

  • Hot Pixels attack checks CPU temp, power changes to steal data

    May 27, 2023

    A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called “Hot Pixels,” which can retrieve pixels from the content displayed in the target’s browser and infer the navigation history. The attack exploits data-dependent computation times on modern system-on-a-chip (SoCs) and graphics processing units (GPUs) and ...

  • NHS data breach: trusts shared patient details with Facebook without consent

    May 27, 2023

    NHS trusts are sharing intimate details about patients’ medical conditions, appointments and treatments with Facebook without consent and despite promising never to do so. An Observer investigation has uncovered a covert tracking tool in the websites of 20 NHS trusts which has for years collected browsing information and shared it with the tech giant in a ...

  • US govt pushes spyware to other countries? Senator Wyden would like a word

    May 26, 2023

    The US International Trade Administration (ITA) has admitted it promotes the sale of American-approved commercial spyware to foreign governments, and won’t answer questions about it, according to US Senator Ron Wyden (D-OR). Wyden, in a letter to US Commerce Secretary Gina Raimondo, has demanded answers about the surveillance and policing tech that ITA – a US ...

  • CISA Adds One Known Exploited Vulnerability to Catalog

    May 26, 2023

    CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-2868 Barracuda Networks ESG Appliance Improper Input Validation Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases ...

  • US govt contractor ABB confirms ransomware attack, data theft

    May 26, 2023

    Swiss tech multinational and U.S. government contractor ABB has confirmed that some of its systems were impacted by a ransomware attack, previously described by the company as “an IT security incident.” It also revealed that the attackers had stolen data from compromised devices and that it would notify affected individuals if their information was impacted in ...

  • U.S. DOD Submits Classified Cyber Strategy to Congress

    May 26, 2023

    The Department of Defense announced on Friday that it submitted its classified 2023 cyber strategy to Congress “earlier this week” and plans to release an unclassified summary of its new cybersecurity approach “in the coming months.” “The classified 2023 DOD cyber strategy provides direction to the department to operationalize the concepts and defense objectives for cyberspace ...

  • Buhti: New Ransomware Operation Relies on Repurposed Payloads

    May 25, 2023

    A relatively new ransomware operation calling itself Buhti appears to be eschewing developing its own payload and is instead utilizing variants of the leaked LockBit and Babuk ransomware families to attack Windows and Linux systems. While the group doesn’t develop its own ransomware, it does utilize what appears to be one custom-developed tool, an information stealer ...