Network Security News | Ingalls Information Security

Articles of interest from the week of January 2, 2023

Written by John Frasier | Jan 2, 2023 5:00:00 AM

U.S. House Administration Arm Bans TikTok on Official Devices

The popular Chinese video app TikTok has been banned from all U.S. House of Representatives-managed devices, according to the House's administration arm, mimicking a law soon to go into effect banning the app from U.S. government devices. (Reuters)


Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that impersonates a software development kit (SDK) for SentinelOne, a major cybersecurity company, as part of a campaign dubbed SentinelSneak. (The Hacker News)


Netgear Wi-Fi Routers Need To Be Patched Immediately

Netgear has issued a patch for a high-severity vulnerability found in almost a dozen of its Wi-Fi routers(opens in new tab) and urged its users to apply the fix immediately. Given the destructive potential of the flaw, Netgear did not disclose the details, other than saying that it’s a pre-authentication buffer overflow vulnerability, which could be used for all kinds of malicious activity, from crashing the device after a denial of service, to arbitrary code execution. (TechRadar)


Over 60,000 Exchange Servers Vulnerable to ProxyNotShell Attacks

More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits. (BleepingComputer)


The FBI's Perspective on Ransomware

In April 2021, Dutch supermarkets faced a food shortage. The cause wasn't a drought or a sudden surge in the demand for avocados. Rather, the reason was a ransomware attack. In the past years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors, turning ransomware into the internet's most severe security crisis. (The Hacker News)


Crooks Copy Source Code From Okta’s GitHub Repository

Intruders copied source code belonging to Okta after breaching the identity management company's GitHub repositories. Okta was alerted by Microsoft-owned GitHub earlier this month of "suspicious access" to its code repositories and determined that miscreants copied code associated with the company's Workforce Identity Cloud (WIC), an enterprise-facing access and identity management tool to enable workers and partners to work from anywhere. (The Register)