Security and Proprietary Software

posted by Roy Schestowitz on May 13, 2023

• Cybercriminals have adapted since Microsoft’s decision to block macros

  Macros — which enable certain automation in particular file types — were long a favorite way for [crackers] to lace documents with malicious scripts to download malware onto targeted systems during email phishing campaigns, the researchers said in a new report. But after Microsoft’s February 2022 decision, which the company fully implemented by July, attacks enabled through macros have dropped off precipitously, the researchers said in a report published Friday ahead of a talk at the Sluethcon cybercrime conference in Arlington, Virginia.

• Why Microsoft just patched a patch that squashed an under-attack Outlook bug

  To remind you of the original bug, tracked as CVE-2023-23397: it was possible to send someone an email that included a reminder with a custom notification sound. That custom sound could be specified as a URL path within the email.

  If a miscreant carefully crafted a mail with that sound path set to a remote SMB server, when Outlook fetched and processed the message, and automatically followed the path to the file server, it would hand over the user's Net-NTLMv2 hash in an attempt to log in. That would effectively leak the hash to an outside party, who could potentially use the credential to access other resources as that user, allowing the intruder to explore internal network systems, steal documents, impersonate their victim, and so on.

• Illinois Data Breach Exposes Private Information of Medicaid, SNAP, and TANF Recipients

  The Illinois Department of Healthcare and Family Services (HFS) and Department of Human Services (IDHS) have disclosed a data breach within the State of Illinois Application for Benefits Eligibility (ABE) system’s Manage My Case (MMC) portal.

• WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

  A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks.

• Toyota: Data on More Than 2 Million Vehicles in Japan Were at Risk in Decade-Long Breach

  A decade-long data breach in Toyota’s online service put some information on more than 2 million vehicles at risk.

• Spain Arrests Hackers in Crackdown on Major Criminal Organization

  Spanish authorities have announced the arrest of 40 individuals for their roles in a group involved in bank fraud, identity theft, and money laundering.

• CISA, FBI: Ransomware Gang Exploited PaperCut Flaw Against Education Facilities

  CISA and FBI have observed a ransomware gang exploiting a recent PaperCut vulnerability in attacks targeting the education facilities subsector.

• Leaked Babuk Code Fuels New Wave of VMware ESXi Ransomware

  SentinelOne sees multiple threat groups adopting the leaked Babuk source code to build their own VMware ESXi lockers.

• Organizations Informed of Over a Dozen Vulnerabilities in Rockwell Automation Products

  Rockwell Automation customers have been informed about potentially serious vulnerabilities in several products, shortly after news of an investigation into the firm’s China operations.

• 1 Million WordPress Sites Impacted by Exploited Plugin Vulnerability

  Exploitation of a critical vulnerability in the Essential Addons for Elementor WordPress plugin started immediately after a patch was released.

• Australian Enterprise Software Maker TechnologyOne Resumes Trading Following Hack

  Australian enterprise software maker TechnologyOne said its internal Microsoft 365 system was compromised in a cyberattack.

• We need free and open passwordless login

  It’s been a while since Google introduced its passkey login system which users won’t need to set and remember passwords in order to log in to their accounts. Now, Google is giving its users option to switch to passkey-only login for their accounts.

• Ted Chiang on the Risks of AI

  EDITED TO ADD: Ted Chiang’s previous essay, “ChatGPT Is a Blurry JPEG of the Web” is also worth reading.

• Will A.I. Become the New McKinsey?

  So, I would like to propose another metaphor for the risks of artificial intelligence. I suggest that we think about A.I. as a management-consulting firm, along the lines of McKinsey & Company. Firms like McKinsey are hired for a wide variety of reasons, and A.I. systems are used for many reasons, too. But the similarities between McKinsey—a consulting firm that works with ninety per cent of the Fortune 100—and A.I. are also clear. Social-media companies use machine learning to keep users glued to their feeds. In a similar way, Purdue Pharma used McKinsey to figure out how to “turbocharge” sales of OxyContin during the opioid epidemic. Just as A.I. promises to offer managers a cheap replacement for human workers, so McKinsey and similar firms helped normalize the practice of mass layoffs as a way of increasing stock prices and executive compensation, contributing to the destruction of the middle class in America.

• Meta Says ChatGPT-Themed Malware Is Beginning to Spread

  The social media company's latest threat analysis warns about malware promising to provide some type of "AI functionality." It says so far, in 2023, it discovered 10 malware families disguised as a generative AI program that attempts to access people's accounts. The goal is to take over a computer so that it can run unauthorized ads from compromised machines. These ads are how they make money by making people buy fake software/malware.