Security News > 2022 > August

As you no doubt already know, because the story has been all over the news and social media recently, the widely-known and widely-used password manager LastPass last week reported a security breach. We regularly recommend our readers and podcast listeners to consider using a password manager, even though we've also written up numerous security blunders in password manager tools over the years.

The U.S. Federal Bureau of Investigation is warning investors that cybercriminals are increasingly exploiting security vulnerabilities in Decentralized Finance platforms to steal cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to steal investors' cryptocurrency," the federal law enforcement agency said.

Not surprisingly, the 2022 survey results highlight security as the highest-priority investment area for organizations, with more than half of security team members stating their organizations have either shifted security left or plan to this year, according to the survey. Security is both a top challenge and a top area of investment.

Data for over 2.5 million individuals with student loans from Oklahoma Student Loan Authority and EdFinancial was exposed after hackers breached the systems of technology services provider Nelnet Servicing.Technology services from Nelnet Servicing, including a web portal, are used by OSLA and EdFinancial to give online access students taking out a loan access to their loan accounts.

A critical command-injection vulnerability in multiple API endpoints of Atlassian Bitbucket Server and Data Center could allow an unauthorized attacker to remotely execute malware, and view, change, and even delete data stored in repositories. As Atlassian explains in its security advisory, published mid-last week: "An attacker with access to a public repository or with read permissions to a private Bitbucket repository can execute arbitrary code by sending a malicious HTTP request."

Baker & Taylor, which describes itself as the world's largest distributor of books to libraries worldwide, today confirmed it's still working on restoring systems after being hit by ransomware more than a week ago. As Baker & Taylor said on August 23, its servers were down after an outage that impacted the company's phone systems, offices, and service centers.

A new ransomware strain written in Golang dubbed "Agenda" has been spotted in the wild, targeting healthcare and education entities in Indonesia, Saudi Arabia, South Africa, and Thailand. Qilin, the threat actor advertising the ransomware on the dark web, is said to provide affiliates with options to tailor the binary payloads for each victim, enabling the operators to decide the ransom note, encryption extension, as well as the list of processes and services to terminate before commencing the encryption process.

A new malware campaign disguised as Google Translate or MP3 downloader programs was found distributing cryptocurrency mining malware across 11 countries. According to a report by Check Point, the malware is created by a developer named 'Nitrokod,' which at first look appears to be clean of malware and provides the advertised functionality.

Excessive and indiscriminate blocking is underway in Austria, with internet service providers complying to a court order to block pirate sites causing significant collateral damage. The legal case was launched by the copyright organization "LSG - Wahrnehmung von Leistungsschutzrechten GesmbH", which convinced an Austrian court to block 14 websites for copyright law violations.

Excessive and indiscriminate blocking is underway in Austria, with internet service providers complying to a court order to block pirate sites causing significant collateral damage. The legal case was launched by the copyright organization "LSG - Wahrnehmung von Leistungsschutzrechten GesmbH", which convinced an Austrian court to block 14 websites for copyright law violations.