Weekly our experts select relevant news in the cybersecurity industry. Over the last two weeks, we saw the “Abuse of Telegram bots for credential phishing increased 800% in 2022”, “Bad Paths & The Importance of Using Valid URL Characters” and much more.
For more articles, check out our #onpatrol4malware blog.
Supply Chain Attack Using Identical PyPI Packages, “colorslib”, “httpslib”, and “libhttps”
Source: Fortinet
All three were published by the same author, ‘Lolip0p’, as shown in the official PyPI repository. ‘Lolip0p’ joined the repository close to the publish date. Read more.
Abuse of Telegram bots for credential phishing increased 800% in 2022
Source: SC Media
A report released this week by Cofense finds that while Telegram bots being used to exfiltrate information is not new, it has not been commonly used by threat actors in the past for credential phishing. Read more.
Drupal Releases Security Update to Address Vulnerability in Private Taxonomy Terms
Source: CISA
An unauthorized user could exploit this vulnerability to bypass access permissions to create, modify, and delete private vocabulary terms. Read more.
Microsoft ends extended support for Windows 7 and Windows Server 2008 today
Source: MalwareBytes LABS
Time has finally run out for Windows 7 Professional and Enterprise users. Microsoft will stop providing its Extended Security Updates (ESU) program for the OS version today, January 10. Read more.
Microsoft Releases January 2023 Security Updates
Source: CISA
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker could exploit some of these vulnerabilities to take control of an affected system. Read more.
Bad Paths & The Importance of Using Valid URL Characters
Source: Sucuri
In this post I’ll be summarizing OWASP best practices and rfc3986 documentation to describe what a bad path is, why you should use valid URL characters, and how to properly encode characters to avoid problems. Read more.
StrongPity espionage campaign targeting Android users
Source: welivesecurity
ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version. Read more.