Cyber Security Today, Feb. 15, 2023 – Patches released for Microsoft Exchange, SAP, Apple and Adobe products

Share post:

Patches released for Microsoft Exchange, SAP, Apple and Adobe products, and more.

Welcome to Cyber Security Today. It’s Wednesday, February 15th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for and in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

Microsoft issued a number of important security updates on Patch Tuesday. One affects all Exchange servers dating back to Exchange 2013. It closes a critical privilege escalation vulnerability, which is actively being exploited. It’s one of nine critical holes in Microsoft products that need patching. Another is in Microsoft Word, SharePoint, 365 Apps and Office for Mac. There are also three critical remote code execution vulnerabilities that can hinder Windows’ capability to establish secure connections with wireless clients.

By the way, Exchange Server 2013 reaches end of support on April 11th. You have until then to upgrade to a new on-premise version or switch to the cloud version of Exchange.

Also yesterday, SAP released 26 new and updated security patches. According to researchers at Onapsis, the most critical is a vulnerability in SAP Host Agent, which allows an authenticated ordinary user with local access to a server port to cause mischief.

Adobe released critical security patches for Illustrator and AfterEffects, as well as an important fix to plug a hole in Photoshop.

And Apple released security updates for iPhones, iPads and MacBooks.

On Monday’s podcast I told you about the compromise of Fortra’s GoAnywhere MFT managed file transfer service. Now there’s word of one victim: Community Health Systems, which runs a number of hospitals in many U.S. states. In a regulatory filing spotted by the news site the company said personal information on nearly 1 million American patients was copied in hack. Bleeping Computer says the Clop ransomware gang claims it stole data from 130 organizations in the compromise.

Attention website administrators: Hackers continue to take advantage of poorly-secured websites that use the WordPress content manager. The latest evidence comes from researchers at Sucuri, who say over 2,600 new websites have been infected so far this year in a campaign that started last year. The goal is to covertly install code that redirects your website’s viewers to sites that talk about cryptocurrency and blockchains. Apparently this is an advertising fraud scam. The more an ad is seen the more revenue the crooks get. The researchers haven’t found a particular WordPress exploit the hackers are using for this. So their advice to administrators is be vigilant, patch all software, watch your WordPress code for compromises and secure WordPress administration consoles with multifactor authentication.

Attention application developers. Hackers continue finding ways to plant infected packages on the open-source Python Package Index (PyPI). Researchers at Phylum say an attacker last week uploaded over 451 downloadable malware packages. They attempt to hide by mimicking the names of popular packages. The crook hopes unwitting victims will mistake the fake packages for ones they are looking for. The malware finds and replaces cryptocurrency wallet addresses copied to a computer’s clipboard with the attacker’s wallet address. As always developers have to be careful what they download from any open source library of code. Recently Check Point Software found 16 malicious packages on the NPM repository for JavaScript code. They have been removed, but the malware enabled cryptojacking of computers. Operators of code repositories have to take more steps to detect and block bad code.

North Korea’s Lazarus hacking group is believed to have found a new way to launder millions of dollars worth of stolen cryptocurrency. Researchers at Elliptic Enterprises believe Lazarus is now using a mixer service called Sinbad. It replaces an online service called Blender, which disappeared last year after being sanctioned by the U.S. The suspicion is Sinbad is being run by the same operator as Blender. North Korean hackers are also using a mixer called Tornado Cash.

Finally, if you want a laugh as well as education on how online romance scams work, Sophos senior threat researcher Sean Gallagher has published a blog on how a crook posing as a woman tried to seduce him into investing in a phony gold-trading market. This person was not deterred by the fact that Gallagher told them what he does for a living.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Feb. 15, 2023 – Patches released for Microsoft Exchange, SAP, Apple and Adobe products first appeared on IT World Canada.

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs



Related articles

Gartner debunks myths undermining cybersecurity success

Henrique Teixeira, Senior Director Analyst at Gartner, and Leigh McMullen, Distinguished VP Analyst at Gartner, highlighted and disproved...

Toyota discloses customer data breach

Toyota has disclosed that customer information from Japan and other countries in Asia and Oceania was publicly available...

Critical Vulnerability found in MOVEit

Progress Software has warned about a critical vulnerability in its popular file-transfer software, MOVEit, which could allow malicious...

Canadian Defence Minister concerned over increasing cyberattacks

Canadian Defence Minister Anita Anand has issued a warning that the country's key infrastructure is more vulnerable to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways