Week in review: Public MS Word RCE PoC, API exploitation, Patch Tuesday forecast

Cybersecurity week in review

Microsoft to boost protection against malicious OneNote documents
Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document – a known high-risk phishing file type.

Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits
GitGuardian scanned 1.027 billion new GitHub commits in 2022 (+20% compared to 2021) and found 10,000,000 secrets occurrences (+67% compared to 2022). What is interesting beyond this ever-increasing number is that 1 code author out of 10 exposed a secret in 2022.

Internet crime in 2022: Over $3 billion lost to investment scammers
“In 2022, investment scam losses were the most (common or dollar amount) scheme reported to the Internet Crime Complaint Center (IC3),” the FBI shared in its 2022 Internet Crime Report.

Veeam Backup & Replication admins, get patching! (CVE-2023-27532)
Veeam Software has patched CVE-2023-27532, a high-severity security hole in its widely-used Veeam Backup & Replication solution, and is urging customer to implement the fix as soon as possible.

Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)
Fortinet has patched 15 vulnerabilities in a variety of its products, including CVE-2023-25610, a critical flaw affecting devices running FortiOS and FortiProxy.

Business-grade routers compromised in low-key attack campaign
An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed HiatusRAT) and a packet capturing program.

GitHub to introduce mandatory 2FA authentication starting March 13
Starting March 13, GitHub will gradually introduce the 2FA enrollment requirement to groups of developers and administrators, beginning with smaller groups.

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)
A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly available.

March 2023 Patch Tuesday forecast: It’s not about luck
Every month I touch on a few hot topics related to security around patching and some important updates to look out for on the upcoming Patch Tuesday.

6 cybersecurity and privacy Firefox add-ons you need to know about
By using the Firefox add-ons below, you can significantly enhance your online security and privacy, and protect yourself from various threats that can compromise your personal information and online activity.

XIoT risk and the vulnerability landscape
In this Help Net Security video, Nadav Erez, VP of Data at Claroty, discuss these findings and the critical need to understand the XIoT risk and vulnerability landscape.

Synthetic identity fraud calls for a new approach to identity verification
In 2022, US financial institutions and the credit card sector lost an estimated $4.88 billion to synthetic identities through falsified deposit accounts and unsecured credit cards.

Vulnerability in DJI drones may reveal pilot’s location
Serious security vulnerabilities have been identified in multiple DJI drones. These weaknesses had the potential to allow users to modify crucial drone identification details.

Fake ChatGPT Chrome extension targeted Facebook Ad accounts
The fake ChatGPT extension discovered by Guardio is the latest security concern, affecting thousands daily.

How STEM education can solve talent shortages, improve cybersecurity
In this Help Net Security video, Avani Desai, CEO at Schellman, talks about how teaching STEM subjects like cybersecurity is essential for addressing the staffing crisis and ensuring that organizations have the talent to protect themselves from cyber threats in the years to come.

Three crucial moments when founding a cybersecurity startup
With 10% of startups failing in the first year, making wise and future-proof decisions for your new cybersecurity venture is essential.

Attackers exploit APIs faster than ever before
After combing through 350,000 reports to find 650 API-specific vulnerabilities from 337 different vendors and tracking 115 published exploits impacting these vulnerabilities, the results clearly illustrate that the API threat landscape is becoming more dangerous, according to Wallarm.

What CISOs need to understand about document signing
In this Help Net Security video, David King, Director of Innovation at GlobalSign, discusses document signing.

Preventing corporate data breaches starts with remembering that leaks have real victims
When it comes to data breaches, organizations are generally informed about the risks and procedures for mitigating them.

Popular fintech apps expose valuable, exploitable secrets
92% of the most popular banking and financial services apps contain easy-to-extract secrets and vulnerabilities that can let attackers steal consumer data and finances, according to Approov.

The cybersecurity landscape in the era of economic instability
In this Help Net Security video, Denis Dorval, VP of International at JumpCloud, discusses how the responsibility of cybersecurity can no longer be placed on the shoulders of IT admins alone.

How to achieve and shore up cyber resilience in a recession
Maintaining an accurate and centralized inventory of all IT assets and tracking the lifespan of each IT asset is vital for ensuring that software patches and updates are applied in a timely manner. It also ensures that redundant or end-of-life assets can be appropriately decommissioned.

AI is taking phishing attacks to a whole new level of sophistication
92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, according to Egress.

China-aligned APT is exploring new technology stacks for malicious tools
ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group.

New infosec products of the week: March 10, 2023
Here’s a look at the most interesting products from the past week, featuring releases from 1Password, GrammaTech, Kensington, Palo Alto Networks, and Persona.

More about

Don't miss