Monthly Security Bulletin – April 2023
Learn more about the latest Cybersecurity news in the March edition of our monthly Security bulletin, prepared by our Senior Security Analysts.
April hot topics:
Telelink Business Services and DYNAMO project: Facing the challenges of cyber threats
BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows
Bing Chat has a secret ‘Celebrity’ mode to impersonate celebrities
FTC to ban BetterHelp from sharing mental health data with advertisers
Twitter outage blocks users from logging in and sharing tweets
Acer confirms breach after 160GB of data for sale on hacking forum
Bitwarden flaw can let hackers steal passwords using iframes
IceFire ransomware now encrypts both Linux and Windows systems
AT&T alerts 9 million customers of data breach after vendor hack
Mental health provider Cerebral alerts 3.1M people of data breach
Microsoft OneNote to get enhanced security after recent malware abuse
Fortinet: New FortiOS bug used as zero-day to attack govt networks
ChatGPT may be a bigger cybersecurity risk than an actual benefit
First-known Dero cryptojacking operation seen targeting Kubernetes
Winter Vivern APT hackers use fake antivirus scans to install malware
Adobe Acrobat Sign abused to push Redline info-stealing malware
New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks
Google Pixel flaw allowed recovery of redacted, cropped images
Hackers use new PowerMagic and CommonMagic malware to steal data
Exploit released for Veeam bug allowing cleartext credential theft
OpenAI: ChatGPT payment data leak caused by open-source bug
Microsoft pushes OOB security updates for Windows Snipping tool flaw
New MacStealer macOS malware steals passwords from iCloud Keychain
Microsoft Defender mistakenly tagging URLs as malicious
New AlienFox toolkit steals credentials for 18 cloud services
Winter Vivern hackers exploit Zimbra flaw to steal NATO email
Google Home speakers allowed hackers to snoop on conversations