Week in review: Zyxel firewalls vulnerability, phishing campaign targets ChatGPT users

Week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:

Wireless Broadband Alliance CEO on key drivers for Wi-Fi adoption in enterprise networks
This Help Net Security interview with Tiago Rodrigues, CEO at Wireless Broadband Alliance (WBA), delves into the future of enterprise networking, exploring the significant role of Wi-Fi 6E and Private 5G.

Navigating the quantum leap in cybersecurity
In this Help Net Security interview, we sit down with Dr. Atsushi Yamada, the newly appointed CEO of ISARA, a security solutions company specializing in creating quantum-safe cryptography.

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)
A vulnerability (CVE-2023-2868) in Barracuda Networks’ Email Security Gateway (ESG) appliances has been exploited by attackers, the company has warned.

Microsoft, GitHub announce application security testing tools for Azure DevOps
GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft’s Azure DevOps Services.

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)
A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after publishing a technical analysis and a PoC script that triggers the vulnerability and achieves a reverse root shell.

Phishers use encrypted file attachments to steal Microsoft 365 account credentials
Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials.

Blacklist untrustworthy apps that peek behind your firewall
With an increasing number of endpoints and expanding attack surfaces, dodgy apps can offer a way around your firewall.

New Buhti ransomware uses leaked payloads and public exploits
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems.

7 access management challenges during M&A
To have a successful conclusion to the mergers and acquisitions (M&As) process, identity and access management (IAM) teams need time to prepare, test, and communicate with users to ensure the process goes as smoothly as possible.

Phishing campaign targets ChatGPT users
A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted by Inky researchers.

How to avoid shadow AI in your SOC
Employees often misuse tools, exposing their organizations to short-term security risks and long-term business complications.

IT employee piggybacked on cyberattack for personal gain
A 28-year-old former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer with intent to commit other offences, after pleading guilty during a hearing at Reading Crown Court, England.

The essence of OT security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals
The widespread adoption of remote and hybrid working practices in recent years has brought numerous benefits to various industries, but has also introduced new cyber threats, particularly in the critical infrastructure sector.

Simple OSINT techniques to spot AI-fueled disinformation, fake reviews
Error messages that ChatGPT and other AI language models generate can be used to uncover disinformation campaigns, hate speech and fake reviews via OSINT collection and analysis, says Nico Dekens, director of intelligence at ShadowDragon.

How continuous security monitoring is changing the compliance game
In this Help Net Security video, Wesley Van Zyl, Senior Manager, Compliance Success at Scytale, discusses how keeping track of all your security controls can be challenging, particularly when new cybersecurity threats emerge unexpectedly.

6 ChatGPT risks for legal and compliance leaders
Legal and compliance leaders should address their organization’s exposure to six specific ChatGPT risks, and what guardrails to establish to ensure responsible enterprise use of generative AI tools, according to Gartner.

How generative AI is reshaping the identity verification landscape
In this Help Net Security video, Peter Violaris, Head of Legal, Compliance and Risk, EMEA for OCR Labs, discusses generative AI’s impact on identity verification.

Malicious links and misaddressed emails slip past security controls
The majority of organizations use six or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%), according to Armorblox.

Gap between OT security assumptions and reality
In this Help Net Security video, Daniel Bren, CEO at OTORIO, discusses a significant discrepancy between how companies perceive their OT security posture and the harsh reality they often face.

12 vulnerabilities newly associated with ransomware
In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined, according to Ivanti.

CISO-level tips for securing corporate data in the cloud
In this Help Net Security video, Matt Radolec, Senior Director, Incident Response and Cloud Operations at Varonis, offers advice for CISO-level executives to enhance the security of corporate cloud data.

Legitimate Android app transforms into data-snooping malware
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality most likely added in August 2022.

Legion AWS credential harvester and hijacker analyzed
Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. In this Help Net Security video, Matt Muir, Threat Intelligence Researcher at Cado Security, overviews Legion’s cloud-specific functionality.

Five Eyes agencies detail how Chinese hackers breached US infrastructure
The National Security Agency (NSA) and Five Eyes partner agencies have identified indicators of compromise associated with a People’s Republic of China (PRC) state-sponsored cyber actor dubbed Volt Typhoon, which is using living off the land techniques to target networks across US critical infrastructure.

How smart bots are infecting and exploiting the internet
In this Help Net Security video, Lynn Marks, Senior Product Manager at Imperva, discusses malicious bot activity.

The fragmented nature of API security ownership
While API security remains a top cybersecurity concern this year, there is still an alarming lack of implementation for most companies, according to Traceable AI.

Strengthening travel safety protocols with ISO 31030
In this Help Net Security video, Tracy Reinhold, Chief Security Officer at Everbridge, talks about ISO 31030, the officially recognized International Standard for travel risk management, guiding how to manage risks to organizations and travelers.

Online scams target bargain-hunting holiday travelers
30% of adults have fallen victim or know someone who has fallen victim to an online scam while trying to save money when booking travel, according to McAfee.

What flying a plane can teach you about cybersecurity
Cyber attacks against airlines and airports are already becoming commonplace, causing disruption to the commercial aviation ecosystem and creating huge delays in flying, severe economic consequences, and negative media coverage.

New infosec products of the week: May 26, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Axiado, Delinea, Netscout, Radware, and Veriff.

More about

Don't miss