Week in review: Microsoft fixes two actively exploited bugs, MSI private code signing keys leaked

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Dragos blocks ransomware attack, brushes aside extortion attempt
A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has confirmed on Wednesday, and reassured that none of its systems or its Dragos Platform had been breached.

Easily bypassed patch makes zero-click Outlook flaw exploitable again (CVE-2023-29324)
Among the vulnerabilities fixed by Microsoft on May 2023 Patch Tuesday is CVE-2023-29324, a bug in the Windows MSHTML platform that Microsoft rates as “important.”

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)
For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild.

MSI’s firmware, Intel Boot Guard private keys leaked
The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site.

The WhatsApp of secure computation
A key term when discussing encryption these days is end-to-end (E2E) encryption. The idea with E2E encryption is that data is kept confidential between the encryptor and the intended receiver

Google notifies users about dark web exposure
Google has announced new tools, features and updates to improve users’ online safety, help them evaluate content found online, and alert them if their Gmail identity appears on the dark web.

To enable ethical hackers, a law reform is needed
Organizations need to be able to match the ingenuity and resources of cybercriminals to better defend themselves against the increasing number of threats and attacks that could paralyze their business.

Never leak secrets to your GitHub repositories again
GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories.

Prevent attackers from using legitimate tools against you
Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection.

Microsoft Authenticator push notifications get number matching
Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security.

Top 3 trends shaping the future of cybersecurity and IAM
The need to protect sensitive information from unauthorized access and theft has never been greater, and cybersecurity and IAM technologies are evolving to meet this challenge while providing users with more convenience.

Finding bugs in AI models at DEF CON 31
DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models.

Western Digital store offline due to March breach
The Western Digital online store is offline as a result of the “network security incident” it suffered in March 2023.

Greatness phishing-as-a-service threatens Microsoft 365 users
Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new phishing-as-a-service (PaaS) tool called Greatness, created to phish Microsoft 365 users.

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs
Kubernetes Security Operations Center (KSOC) released the first-ever Kubernetes Bill of Materials (KBOM) standard.

The true numbers behind deepfake fraud
In this Help Net Security video, Henry Patishman, Executive VP of Identity Verification Solutions at Regula, illustrates how increasing accessibility of AI technology for creating deepfakes makes the risks mount, posing a significant challenge for businesses and individuals alike.

Your voice could be your biggest vulnerability
AI technology is fueling a rise in online voice scams, with just three seconds of audio required to clone a person’s voice, according to McAfee.

How 2022’s threats will impact the global landscape in 2023
In this Help Net Security video, Devon Kerr, Team Lead, Elastic Security Labs, talks about the 2023 Global Threat Report Spring edition.

56,000+ cloud-based apps at risk of malware exfiltration
The technology sector had the highest number of malware-infected employees, most exposed corporate credentials and the majority of all stolen cookies, according to SpyCloud.

The security and privacy risks of large language models
In this Help Net Security video, James X. Dempsey, Senior Policy Advisor at Stanford University’s Cyber Policy Center, discusses large language models’ security and privacy risks.

Turla’s Snake malware network disrupted by Five Eyes’ authorities
The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburos”), that the US Government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB).

CISOs confront mounting obstacles in tracking cyber assets
In this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments.

Automotive industry employees unaware of data security risks
30% of automotive employees don’t check security protocols before trying a new tool, according to Salesforce. This could put their company and customer data at risk.

Unattended API challenge: How we’re losing track and can we get full visibility
API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate.

Lessons from a 40-year-long automotive OEM leader
The product security industry becomes more difficult as the world becomes more interconnected. According to Paul Cha, VP of Cybersecurity at LG Electronics Vehicle component Solutions, there are 3 main challenges product security faces.

New infosec products of the week: May 12, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Aqua Security, Feedzai, Nebulon, OpenVPN, Trua, and Zscaler.

More about

Don't miss