Week in review: Fake ChatGPT desktop client steals data, Patch Tuesday forecast

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Former Uber CSO avoids prison for concealing data breach
Joe Sullivan, the former Uber CSO who has been convicted last year for attempting to cover up a data breach Uber suffered in 2016 and kept it hidden from the Federal Trade Commission (FTC), has been sentenced to three years of probation plus 200 hours of community service.

Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)
Cisco has revealed the existence of a critical vulnerability (CVE-2023-20126) in the web-based management interface of Cisco SPA112 2-Port Phone Adapters.

Why the manufacturing sector needs stronger cyber defenses
In this Help Net Security interview, Filipe Beato, Lead, Centre for Cybersecurity, World Economic Forum, shares his expertise on the correlation between the digitization of the manufacturing sector and the rise in cyberattacks.

ChatGPT and other AI-themed lures used to deliver malicious software
Threat actors generally disguise malware within innocuous-looking files and offer non-existent ChatGPT desktop and mobile apps or browser extensions available in official app stores.

Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)
CVE-2018-9995 is an authentication bypass vulnerability that can be triggered with a simple exploit sent via a maliciously crafted HTTP cookie to a vulnerable DVR device.

Google Chrome will lose the “lock” icon for HTTPS-secured sites
In September 2023, Google Chrome will stop showing the lock icon when a site loads over HTTPS, partly due to the now ubiquitous use of the protocol.

Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)
A recently patched vulnerability (CVE-2023-21932) in Oracle Opera, a property management system widely used in large hotel and resort chains, is more critical than Oracle says it is and could be easily exploited by unauthenticated remote attackers to access sensitive information, a group of researchers has warned.

Apple starts delivering smaller security updates
The security updating of iPhones, iPads and Macs has entered a new stage: Apple has, for the first time, released a Rapid Security Response to owners of the devices running the latest versions of its operating systems.

City of Dallas hit by ransomware
The City of Dallas, Texas, has suffered a ransomware attack that resulted in disruption of several of its services.

You can now use passkeys to log in to your Google account
Passkeys will enable users to sign in to their Google account on all major platforms and browsers with their fingerprint, face recognition, or a local PIN.

T-Mobile suffers second data breach this year
T-Mobile has revealed a second data breach that occurred in 2023, which reportedly exposed customer data and account PINs, leaving many T-Mobile users vulnerable to potential fraud and identity theft.

Infostealer with hVNC capability pushed via Google Ads
There has been a noted increase in malvertising via Google Ads this year, aimed at tricking users into downloading malware; among these malicious payloads is LOBSHOT, an infostealer that can also establish and keep long-term remote control of target computers through a hVNC module.

Fake ChatGPT desktop client steals Chrome login data
Researchers are warning about an infostealer mimicking a ChatGPT Windows desktop client that’s capable of copying saved credentials from the Google Chrome login data folder.

May 2023 Patch Tuesday forecast: Dealing with End-of-Support (EOS)
The April Patch Tuesday releases were unusual because we saw a whopping 62 vulnerabilities addressed in the Microsoft Server 2012 KBs.

Cybercriminals use proxies to legitimize fraudulent requests
Bot attacks were previously seen as relatively inconsequential type of online fraud, and that mentality has persisted even as threat actors have gained the ability to cause significant damage to revenue and brand reputation, according to HUMAN.

Introducing the book: The VC Field Guide
In this Help Net Security video interview, cybersecurity entrepreneur, founder, innovator, and investor William Lin discusses his new book – The VC Field Guide.

5 API security best practices you must implement
As outside economic pressures continue to shape how organizations think and allocate resources, data security continues to be a high priority.

Using multiple solutions adds complexity to your zero trust strategy
Companies’ operating models today are significantly more complex than they were just a couple of years ago, according to BeyondTrust.

How AI is reshaping the cybersecurity landscape
In this Help Net Security video, Leonid Belkind, CTO at Torq, talks about how AI will impact the cybersecurity industry in the next few years.

The warning signs for security analyst burnout and ways to prevent
Security analysts face the demanding task of investigating and resolving increasing volumes of alerts daily, while adapting to an ever-changing threat landscape and keeping up with new technology.

Malicious content lurks all over the web
Attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware, according to Netskope.

Using just-in-time access to reduce cloud security risk
As more organizations migrate assets to the cloud, users with excessive permissions can expand the blast radius of an attack, leaving organizations open to all sorts of malicious activity.

The costly threat that many businesses fail to address
Insider attacks such as fraud, sabotage, and data theft plague 71% of U.S. businesses, according to Capterra.

BSidesLjubljana 0x7E7 CFP is still open!
BSidesLjubljana 0x7E7, a non-profit conference organized by the information security community, will take place on June 16, 2023, at the C111 Computer Museum.

Security in the cloud with more automation
The CIS hardening components help you overcome this obstacle by integrating into EC2 Image Builder, an AWS service for building golden images.

Infosec products of the month: April 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Arista Networks, Armorblox, BigID, Binarly, Cofense, Cyera, Cynalytica, D3 Security, Eclypsium, GitGuardian, Guardz, Halo Security, Immuta, Malwarebytes, ManageEngine, Netskope, Obsidian Security, Searchlight Cyber, Sotero, Stamus Networks, ThreatX, Traceable AI, Venafi, Veracode, Versa Networks, Wazuh, and Zyxel Networks.

New infosec products of the week: May 5, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Dashlane, Immersive Labs, Intruder, Private AI, Vanta, and Veza.

OPIS

Subscribe to the Help Net Security breaking news e-mail alerts:

OPIS
More about

Don't miss