Information

02 Dec

LastPass admits to customer data breach caused by previous breach

Information

by Paul Ducklin Back in August 2022, popular password manager company LastPass admitted to a data breach. The company, which is owned by sofware-as-a-service business GoTo, which used to be LogMeIn, published a very brief but nevertheless useful report about that incident about a month later: Briefly put, LastPass concluded that the attackers managed to implant malware on a developer’s computer. With a beachhead on that computer, it seems that the attackers were then able…

Read More
01 Dec

ConnectWise Quietly Patches Flaw That Helps Phishers

Information, Insights

ConnectWise, which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just weeks after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks. A phishing attack targeting MSP customers using ConnectWise. ConnectWise Control is…

Read More
01 Dec

Wipers Are Widening: Here’s Why That Matters

Information, Malware, News

In the first half of this year, researchers saw a rising trend of wiper malware being deployed in parallel with the Russia-Ukraine war. However, those wipers haven’t stayed in one place – they’re emerging globally, which underscores the fact that cybercrime knows no borders.  It’s not just the numbers that are growing; we’re also seeing a rise in variety and sophistication. These wiper varieties are also increasingly targeting critical infrastructure. Awash with wipers  The war…

Read More
01 Dec

Serious Security: MD5 considered harmful – to the tune of $600,000

Information

by Paul Ducklin In a fascinating legal deliberation handed down by the French data protection regulator CNIL (Commission Nationale de l’Informatique et des Libertés), the energy company Électricité de France, or EDF for short, has been fined EUR 600,000 (about $600,000). The legal declaration is, in the manner of such things, rather long and (to non-lawyers, at least) linguistically orotund, which means you need reasonable proficiency in French to understand all the ins and outs…

Read More
30 Nov

Hackers Dump Australian Health Data Online, Declare ‘Case Closed’

Information, News

The hackers leaking stolen Australian health records to the dark web on Thursday appeared to end their extortion attempt by dumping a final batch of data online and declaring:”Case closed.” In November the hackers demanded health insurer Medibank pay US$9.7 million to keep the records off the internet — or one dollar for each of the company’s impacted customers, which included Prime Minister Anthony Albanese. Medibank refused to pay at the urging of the federal…

Read More
30 Nov

RansomBoggs: New ransomware targeting Ukraine

Information

ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm’s fingerprints all over it The ESET research team has spotted a new wave of ransomware attacks taking aim at multiple organizations in Ukraine and bearing the hallmarks of other campaigns previously unleashed by the Sandworm APT group. Even though the ransomware – called RansomBoggs by ESET and written in the .NET framework – is new, particularly the way it is…

Read More
30 Nov

TikTok “Invisible Challenge” porn malware puts us all at risk

Information, Malware

by Paul Ducklin Researchers at secure coding company Checkmarx have warned of porn-themed malware that’s been attracting and attacking sleazy internet users in droves. Unfortunately, the side-effects of this malware, dubbed Unfilter or Space Unfilter, apparently involve plundering data from the victim’s computer, including Discord passwords, thus indirectly exposing the victim’s contacts – such as colleagues, friends and family – to spams and scams from cybercriminals who can now pose as someone those people know.…

Read More
29 Nov

Ransomware Gang Takes Credit for Maple Leaf Foods Hack

Information, News

The Black Basta ransomware group has taken credit for the recently disclosed attack on Canadian meat giant Maple Leaf Foods. The cybercriminals have made public several screenshots of technical documents, financial information and other corporate files to demonstrate that they gained access to Maple Leaf Foods systems. Maple Leaf Foods announced in early November that it was experiencing an outage as a result of a cyberattack. The Mississauga, Ontario-based packaged meats company said it took…

Read More
28 Nov

U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

Information, Insights

A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.…

Read More
28 Nov

Virginia County Confirms Personal Information Stolen in Ransomware Attack

Information, News

Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack. The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it. The county says that it took steps to contain the attack immediately after identifying it, and that it launched an investigation into the incident, to determine the type of data…

Read More