April 8, 2023

Hello all,
The Red-N Weekly Cyber Security News newsletter is below the Notable Callouts as usual.

Notable Callouts:

• Apple, if you’ve got’em, patch’em. There were several zero-day flaws that were under active exploitation that were patched this week.
• QNAP is still in the news. The most recent zero-day has 80K devices vulnerable. Patch quickly.
• CISA has ordered all government agencies to patch Backup Exec due to several bugs used by malactors to spread ransomware. Um, that would be a good idea, especially since those bugs are over a year old now!
• In a revealing piece of news, Americans now fear cyberattack more than nuclear war. I guess that Security Awareness Training is working. (Insert smug laugh here.)
• In America, Tax Season is underway, as are all sorts of scams and attempts to monetize malicious activity related to the annual flagellation by our government. This week’s headlines has two items related to this. The first is an IRS-authorized site that was serving up malware to visitors, and the second is reporting on scams targeting taxpayers with fake IRS forms.
• While ChatGPT and the like are impressive, users need to be vigilant about what they are revealing to the new internet-gods. Samsung employees learned a very painful lesson when proprietary source code was publicly exposed due to a ChatGPT leak.
• In Ransomware, Malware, and Vulnerabilities News, Voice Cloning is rapidly advancing, and only a few seconds of a person’s voice will be required in the near future to create a convincing spoof. There are many ways this can be exploited and monetized by malicious people.
• In Other News Events of Note and Interest, just in time for Holy Week, the Pope (yes, the head guy in Rome) just had his MDM security upgraded. An additional item in this section regarding an upcoming SEC rule that will require company boards to have CISOs or the like on them, should be noted and understood.
• In Cyber Insurance News, there are a few items of note, the first is describing the types of cyber risks that are covered by cyber insurance, and the second lists three reasons that small businesses should have cyber insurance.

The dire predictions of AI taking over the world are highly overrated. Since the introduction of the IBM PC in 1981 it has been predicted that computers would eliminate the need for paper. Yet here we are, 42 years later, fighting over toilet paper whenever there’s a storm or crisis coming.

Viscount Zebulon Wamboldt Pike
Red-N Weekly Cyber Security News

Headline NEWS

• Apple fixes two zero-days exploited to hack iPhones and Macs
• CISA orders agencies to patch Backup Exec bugs used by ransomware gang
• Americans now fear cyberattack more than nuclear attack
• IRS-authorized eFile.com tax return software caught serving JS malware
• Dangerous malware scam targets taxpayers with deceptive IRS forms
• Samsung workers made a major error by using ChatGPT
• QNAP Zero-Days Leave 80K Devices Vulnerable to Cyberattack

Ransomware, Malware, and Vulnerabilities News

• ‘BEC 3.0’ Is Here With Tax-Season QuickBooks Cyberattacks
• New Money Message ransomware demands million dollar ransoms
• Money Message ransomware gang claims MSI breach, demands $4 million
• Cryptocurrency companies backdoored in 3CX supply chain attack
• 3 tips for creating backups you can rely on when ransomware strikes
• Family Offices Skimp on Cybersecurity, and It Can Cost Them Millions
• Voice cloning is the new weapon in scammers’ arsenal for family emergency schemes
• Lumen hit by ransomware, malware attacks
• WinRAR SFX archives can run PowerShell without being detected
• Capita cyberattack disrupted access to its Microsoft Office 365 apps
• Ransomware group that says it has Modesto data posts it online
• Malicious ISO File Leads to Domain Wide Ransomware
• CISA orders agencies to patch bugs exploited to drop spyware
• ALPHV Ransomware Affiliate Targets Vulnerable Backup Installations to Gain Initial Access
• Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
• Brace Yourself for a Tidal Wave of ChatGPT Email Scams
• Novel social engineering attacks soar 135% amid uptake of generative AI
• New macOS malware steals sensitive info, including a user’s entire Keychain database
• Rogers Communications data allegedly sold on a hacker forum
• Hackers Can Remotely Open Smart Garage Doors Across the World
• Arizona’s TUSD’s Cyber Shutdown: TUSD confirms hackers accessed sensitive staff data
• Pentah0wnage: Pre-Auth RCE in Pentaho Business Analytics Server · Aura Research Division
• HP to patch critical bug in LaserJet printers within 90 days
• Ransomware as a service? Windows users can still fight back
• Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques
• Hackers use Rilide browser extension to bypass 2FA, steal crypto
• New Cylance Ransomware with Power-Packed CommandLine Options
• Attackers start leaking Procter & Gamble data
• OCR Labs exposes its systems, jeopardizing major banking clients
• Find out if your account was part of the FBI’s Operation Cookie Monster bust
• Nautic Cyberattack: LockBit Ransomware Group Claims Responsibility
• Vendor Data Breach Impacts At Least 9 Healthcare Organizations
• I Built a Zero Day Exploit with ChatGPT
• Western Digital confirms breach, affects My Cloud and SanDisk users
• Medusa ransomware claims attack on Open University of Cyprus
• Microsoft and Fortra crack down on malicious Cobalt Strike servers
• Clop ransomware booms in March as Fortra zero-day pays off for gang
• Cl0p Ransomware: Active Threat Plaguing Businesses Worldwide
• New dark web market STYX focuses on financial fraud services
• Twitter ‘Shadow Ban’ Bug Gets Official CVE
• Massive Balada Injector campaign attacking WordPress sites since 2017
• Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
• Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

Other News Events of Note and Interest

• The Pope’s Security Gets a Boost With Vatican’s MDM Move
• Boards, CISOs are gearing up for new, wide-reaching SEC cyber rule
• Bill Gates dismisses call for A.I. development pause
• Titans of AI industry Andrew Ng and Yann LeCun oppose call for pause on powerful AI systems
• ChatGPT AI lists jobs it can do better than humans as millions could be put out of work
• Microsoft fixes 5 year old Windows Defender bug that affected Firefox’s performance
• Microsoft: Windows 10 21H2 is reaching end of service in June
• Microsoft sold software to sanctioned Russian companies, says US government
• UK Discloses Offensive Cyber Capabilities Principles
• FBI warns of companies exploiting sextortion victims for profit
• Microsoft is finally cracking down on one of its biggest Windows security risks
• Microsoft returns the Quick Access Toolbar default for Office apps by popular demand
• Defunct comms link connected to nothing at a fire station – for 15 years
• Can ChatGPT Be a Doctor? Bot Passes Medical Exam, Diagnoses Conditions
• Aura builds nationwide 450MHz wireless network for cargo drones
• New features to try in the new Outlook for Windows preview
• Two charged with cutting wires; 40,000 lose internet service
• Ethical Hacking Distro BlackArch Linux Gets New ISO Release with over 2800 Tools
• How does Microsoft Defender for Business compare to Defender for Enterprise?
• Microsoft announces new Windows Autopatch alerts and functionalities for IT admins
• Azure AD PowerShell Deprecation – Last Gasp for Cmdlets
• New Kaspersky VPN: maximum speed and Wireguard protocol added
• Designing Tabletop Exercises That Actually Thwart Attacks
• Cisco Systems pulled out of Russia and destroyed $23.42m worth of equipment
• Microsoft Edge Workspaces public preview is now available
• Bank error in your favor: Google Pay bug accidentally sends users free money
• Building your Microsoft 365 PowerShell toolbox
• Free AI Video Generators Are Nearing a Crucial Tipping Point

Cyber Insurance News

• Types of Cyber Risks Covered by Cyber Insurance
• Astaara Expands Maritime Cybersecurity Insurance and Advisory Service
• Corvus Names New President As Sector Demands Increasingly Deep Combos of Insurance/Tech Skills
• Insurtech Cowbell, a Cyber Insurance Provider for SMEs, Launches UK Operations
• Three Reasons Small-Business Owners Need Cyber Insurance
• Ransomware, AI top list of threats driving up cyber insurance costs