Latest Cybersecurity News and Articles

---

Microsoft fixes Acropalypse privacy bug in Windows 11 Snipping Tool

As first spotted by Windows enthusiast Xeno, Microsoft released Windows 11 Snipping Tool version 11.2302.20.0 yesterday to Windows Insiders in the Canary channel via the Microsoft Store.

---

Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies

A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte, Mustang Panda, RedDelta, and Red Lich. Attack chains mounted by the group commence with a

---

New 'FakeGPT' Chrome Extension Hijacks Facebook Accounts

Guardio Labs found a new version of the FakeGPT Chrome extension that is again targeting Facebook accounts, through malicious sponsored Google search results. At the time of removal from the Google Play Store, the FakeGPT extension was downloaded by more than 9,000 users. To prevent such attacks and protect data privacy, awareness is crucial.

---

Phishing attack through SharePoint

The targeted employee receives a standard notification about someone sharing a file. This is unlikely to arouse suspicion because it’s a real notification from a real SharePoint server.

---

Exploit released for Veeam bug allowing cleartext credential theft

The flaw (CVE-2023-27532) affects all VBR versions and can be exploited by unauthenticated attackers to breach backup infrastructure after stealing cleartext credentials and gaining remote code execution as SYSTEM.

---

Critical Vulnerability Discovered in WooCommerce Payments

The vulnerability was discovered by white hat security researcher Michael Mazzolini and responsibly disclosed through HackerOne, giving websites time to install the patched version 5.6.2 before full details of the exploit are released on April 6th.

---

Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites

Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. The flaw, if left unresolved, could enable a bad actor to gain unauthorized admin access to impacted stores, the company said in an advisory on March 23, 2023. It impacts versions 4.8.0 through 5.6.1. Put differently, the issue could permit

---

What is reverse tabnabbing and how can you stop it?

EXECUTIVE SUMMARY: Reverse tabnabbing, also known simply as tabnabbing, is a form of phishing that involves deceiving a victim into entering login credentials on a fake website; a website that’s controlled by a cyber attacker. While there are numerous types of online attacks that leverage fake web pages to steal user information, tabnabbing distinguishes itself […] The post What is reverse tabnabbing and how can you stop it? appeared first on CyberTalk.

---

Kimsuky Updates its Tactics to Target South Korean Experts

German and South Korean government agencies warned about a new spear-phishing campaign by the North Korean APT, Kimsuky. The campaign targets experts on issues related to the Korean peninsula. Attackers send a spear-phishing email to the targeted victims, asking them to install a malicious Chrome extension. The other tactic attempts to exploit Google Play's web-smartphone synchronization function to install malicious apps on the target’s device.

---

How AI is helping companies fight document fraud

In an exclusive interview with David Hobbs, a fraud expert at Check Point, Conor Burke, the co-founder and CTO of Inscribe, sheds light on his AI-powered startup’s efforts to combat document fraud. As financial institutions prioritize the improvement of risk data availability, quality and timeliness, AI-powered fraud and credit insights can simplify decision-making, minimize uncertainty […] The post How AI is helping companies fight document fraud appeared first on CyberTalk.

---

Black Magic APT Targets Ukraine with CommonMagic and PowerMagic

Kaspersky researchers have identified cyberattacks targeting government, agriculture, and transportation organizations in Donetsk, Lugansk, and Crimea, conducted by the new Bad Magic APT. The campaign leverages old artifacts created as early as September 2021, along with a previously unseen malicious framework dubbed CommonMagic.

---

48% of security leaders hesitant to adapt to post-quantum algorithms

According to research, the rise of machine identities has created visibility and management challenges for public key infrastructures (PKI).

---

Skylink hit by hacker attack

M7 Group’s Czech and Slovak operator Skylink has reportedly fallen victim to a hacker attack. Skylink offers DTH and internet TV services in the Czech Republic and Slovakia.

---

Hacktivists Increasingly Claim Targeting of OT Systems

The number of false claims is at times challenging to debunk. However, despite the inaccuracy of most claims, when hacktivist activity targeting OT becomes commonplace, the likelihood of actual and even substantial OT incidents increases.

---

Cisco Patches High-Severity Vulnerabilities in IOS Software

Cisco published its semiannual IOS and IOS XE software security advisory bundle, which addresses ten vulnerabilities, including six 'high-severity’ ones. The most important three security bugs can be exploited remotely to cause a DoS condition.

---

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts. The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal. It was originally

---

Update: Dole discloses employee data breach after ransomware attack

The company revealed that last month's cyberattack directly impacted its employees' information in the annual report filed with the U.S. Securities and Exchange Commission (SEC) on Wednesday.

---

Chinese Espionage Hackers Breach Middle East Telecom Providers

The Soft Cell threat actor, also tracked by Microsoft as Gallium, is known to target unpatched internet-facing services and use tools like Mimikatz to obtain credentials that allow for lateral movement across the targeted networks.

---

Splashtop Buys Foxpass to Bring Enterprise IAM to the Masses

Remote access provider Splashtop has acquired the server and network access management vendor Foxpass to get better visibility across co-managed and multi-tenant environments.

---

TikTok to be banned from UK parliamentary devices

Move follows UK government’s decision to ban Chinese-owned video-sharing app Politics live - latest updatesParliament is to ban the Chinese-owned video-sharing app TikTok from “all parliamentary devices and the wider parliamentary network”, citing the need for cybersecurity.The move goes further than the ban last week of the app on government mobile phones and devices, covering the whole parliamentary network. That means that MPs and parliamentary staff who continue to have TikTok installed on personal devices will find the service blocked if they try to access it over parliamentary wifi. Continue reading...