Cyber Security Headlines: Apple updates advisories, US military email leak, Russian TV website crash

Apple updates advisories as security firm discloses new class of vulnerabilities

Apple has updated some of its recent security advisories to add new iOS and macOS vulnerabilities. The iOS 16.3 and macOS Ventura 13.2 advisories had been originally released on January 23, but were updated to add three vulnerabilities: CVE-2023-23520, “a rare condition affecting the crash reporter component, which can allow an attacker to read arbitrary files as root.” In addition, fixes were made to the “foundation component” in Apple’s operating systems. These vulnerabilities would have allowed an attacker to “execute arbitrary code out of its sandbox or with certain elevated privileges.” These latter vulnerabilities, tracked as CVE-2023-23530 and CVE-2023-23531, were reported to Apple by extended detection and response (XDR) company Trellix.

(Security Week)

Sensitive US military emails spill online

The U.S. Department of Defense has successfully secured an exposed server on Monday that had been spilling internal U.S. military emails to the internet for the past two weeks. The server was hosted on Microsoft’s Azure government cloud for Department of Defense customers. Its servers are physically separated from other commercial customers and are used to share sensitive but unclassified government data. According to TechCrunch, “the exposed server was part of an internal mailbox system storing about three terabytes of internal military emails, many pertaining to U.S. Special Operations Command, the U.S. military unit tasked with conducting special military operations.” The server had been left without a password, giving access to the mailbox data to any internet user who knew its IP address.

(TechCrunch)

Russian state TV website goes down during Putin speech

An outage hit Russian state media websites that were broadcasting President Vladimir Putin’s address to the country’s two houses of parliaments on Tuesday. This left journalists unable to access the All-Russia State Television and Radio Broadcasting Company (VGTRK) website or the Smotrim live-streaming platform for periods during the speech. “A message on the VGTRK website said that “technical works were being carried out” while the Smotrim website was not loading.” The state-run RIA Novosti news agency said the outage was the result of a DDoS attack.

(Reuters)

HardBit ransomware gang adjusts demands to fit insurance company

The HardBit ransomware group, which first appeared in October 2022, is unique in that rather than using a double extortion model, it uses threats of further attacks if their ransom demands are not met. After successful infection, the group instructs victims to contact them by email or via the Tox instant messaging platform. According to Varonis, the group requests “the victims to share details of their cyber insurance policies so that the cost of the ransom can be completely covered by the insurer company.”

(Security Affairs)

Thanks to this week’s episode sponsor, Barricade Cyber Solutions

Have you fallen victim to a ransomware attack? Don’t worry! Barricade Cyber Solutions has helped thousands of customers in situations just like yours. Our proprietary ransomware recovery services are designed to quickly get your business back on track. Our team of experts will identify the source of the attack and provide a comprehensive solution to prevent it from happening again. You can count on us to the security of your data and systems. Visit barricadecyber.com

Accidental WhatsApp account takeovers? It’s a thing

A new problem is emerging for customers who change their phone number but neglect to delete the WhatsApp account linked to it. Predictably a new owner of the phone number may be able to receive the private WhatsApp messages of the number’s previous owner and send messages to its contacts. It is common for wireless carriers to recycle phone numbers. ‘ practice of recycling former customers’ phone numbers and giving them to new customers. WhatsApp acknowledges that this can happen, but says it’s extremely rare. The company suggests “users transfer their WhatsApp account to their new phone number, delete the account within the app, and use two-step verification for added security.”

(The Register)

One fifth of Brits have fallen victim to online scammers

According to a report from Finnish security vendor F-Secure, “millions of UK adults have been victimized by digital scammers in the past, yet a quarter have no security controls to protect their online activity.” The security company vendor polled 1000 people in the UK as part of a global Living Secure study. It found that roughly 12.6 million British people – 19% of the adult popultaion, had been tricked by online fraud such as a phishing attack in the past leading to data and password loss, all the way through to theft of life savings. While over three-quarters (77%) claimed they could spot a scam, around two-thirds said they worry about personal safety online, yet half (48%) said they have no idea if their devices are secure or not. 60% of respondents said they find cybersecurity too complex.

(InfoSecurity Magazine)

FBI says cyber incident at New York field office ‘contained’

The FBI has contained a cyber incident at its New York field office that “reportedly affected a computer network used in child sexual exploitation investigations.” The agency said it is aware of the incident and is working to gain additional information, adding that this was an isolated incident that has been contained.

(Cyberscoop)

How long your smart gadgets last isn’t up to you

A feature article in the Wall Street Journal by Nicole Nguyen describes how in January, tech company Arlo Technologies sent an email to customers of its internet-connected security cameras about a new “end-of-life policy.” “Starting April 1, the company would no longer support models that included no-fee seven-day rolling storage of video clips—a well-advertised selling point.” Although Arlo rectified the situation after much media exposure, the article serves a reminder that many of the devices consumers and businesses rely on for security may expire in terms of functionality ling before their physical components wear out.

(Wall Street Journal)

Steve Prentice
Author, speaker, expert in the area where people and technology crash into each other, viewed from the organizational psychology perspective. Host of many podcasts, voice actor and narrator for corporate media and audiobooks. Ghost-writer for busy executives.