AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/29/2022

Code-generating AI can introduce security vulnerabilities, study finds

A recent study finds that software engineers who use code-generating AI systems are more likely to cause security vulnerabilities in the apps they develop. The paper, co-authored by a team of researchers affiliated with Stanford, highlights the potential pitfalls of code-generating systems as vendors like GitHub start marketing them in earnest. “Code-generating systems are currently not a replacement for human developers,” Neil Perry, a Ph.D. candidate at Stanford and the lead co-author on the study, told TechCrunch in an email interview. “Developers using them to complete tasks outside of their own areas of expertise should be concerned, and those using them to speed up tasks that they are already skilled at should carefully double-check the outputs and the context that they are used in in the overall project.”

Thousands of Citrix servers vulnerable to patched critical flaws

Thousands of Citrix ADC and Gateway deployments remain vulnerable to two critical-severity security issues that the vendor fixed in recent months. The first flaw is CVE-2022-27510, fixed on November 8. It’s an authentication bypass that affects both Citrix products. An attacker could exploit it to gain unauthorized access to the device, perform remote desktop takeover, or bypass the login brute force protection. The second bug is tracked as CVE-2022-27518, disclosed and patched on December 13. It allows unauthenticated attackers to perform remote command execution on vulnerable devices and take control of them.

DOJ arrests man behind brazen $100 million attack on Mango Markets

A man who admitted to launching the more than $100 million hack against crypto platform Mango Markets was arrested in Puerto Rico, the Justice Department announced on Tuesday. 

Avraham Eisenberg appeared in court in the Southern District of New York following his arrest. An unsealed indictment charges Eisenberg with commodities fraud and commodities manipulation for his role in exploiting Mango Markets, a decentralized cryptocurrency exchange that has its own native crypto token, called MNGO. FBI agent Brandon Racz, who was tasked with investigating the case, found that in October Eisenberg “participated in a scheme to steal approximately $110 million by artificially manipulating the price of MNGO Perpetuals,” a type of futures contract on the Mango Markets platform. Racz said Eisenberg effectively sold a large amount of MNGO to another account he controlled, artificially increasing the price of the coin in a span of 20 minutes.

LCMHS hospital suffered a Ransomware attack at Louisiana hospital that impacted 270,000 patients

The Lake Charles Memorial Health System is the largest not-for-profit community healthcare system in Southwest Louisiana. LCMHS reported the incident to the secretary of the U.S. Department of Health and Human Services (HHS). The security breach took place on October 21, 2022, when the internal security team detected unusual activity on its computer network. The organizations launched an investigation into the incident with the help of forensic experts and discovered that threat actors have stolen files containing sensitive data.

Geopolitical Tensions Expected to Further Impact Cybersecurity in 2023

Geopolitics will continue to have an impact on cybersecurity and the security posture of organizations long into 2023. The impact of global conflicts on cybersecurity was thrust into the spotlight when Russia made moves to invade Ukraine in February 2022.  Ukraine’s Western allies were quick to recognize that with this came the threat of Russian-backed cyber-attacks against critical national infrastructure (CNI), especially in retaliation to hefty sanctions.

While this may not have materialized in the way many expected, geopolitics is still front of mind for many cybersecurity experts looking to 2023.

Related Posts