Security News > 2022

Week in review: LastPass breach disaster, online tracking via UID smuggling, ransomware in 2023
2022-12-25 09:30

LastPass says attackers got users' info and password vault dataThe information couldn't come at a worst time, as businesses are winding down their activities and employees and users are thick in the midst of last-minute preparations for end-of-year holidays. New Microsoft Exchange exploit chain lets ransomware attackers inRansomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities to achieve remote code execution on Microsoft Exchange servers.

New info-stealer malware infects software pirates via fake cracks sites
2022-12-24 15:08

A new information-stealing malware named 'RisePro' is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install malware distribution service. The malware was spotted by analysts at Flashpoint and Sekoia this week, with both cybersecurity firms confirming that RisePro is a previously undocumented information stealer now being distributed via fake software cracks and key generators.

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names
2022-12-24 12:51

Threat actors have published yet another round of malicious packages to Python Package Index with the goal of delivering information-stealing malware on compromised developer machines. W4SP Stealer primarily functions to siphon user data, including credentials, cryptocurrency wallets, Discord tokens, and other files of interest.

Back to work, Linux admins: You may have a CVSS 10 kernel bug to address
2022-12-24 10:00

Merry Christmas, Linux systems administrators: Here's a kernel vulnerability with a CVSS score of 10 in your SMB server for the holiday season giving an unauthenticated user remote code execution. Luckily for the sysadmins reaching for more brandy to pour in that eggnog, it doesn't appear to be that widespread. Discovered the Thalium Team vulnerability research team at French aerospace firm Thales Group in July, the vulnerability is specific to the ksmbd module that was added to the Linux kernel in version 5.15.

Manage logins for your team using these password managers
2022-12-24 00:12

We need password managers to keep us from using lazy, weak passwords, and we need them for storing those secrets in a protected vault. To that end, there are plenty of password managers to choose from, each of which will serve you better than trying to memorize every password or writing them down on a piece of paper.

Friday Squid Blogging: Injured Giant Squid and Paddleboarder
2022-12-23 22:05

Here's a video-I don't know where it's from-of an injured juvenile male giant squid grabbing on to a paddleboard. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

The Week in Ransomware - December 23rd 2022 - Targeting Microsoft Exchange
2022-12-23 20:51

Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate networks to steal data and deploy ransomware. CrowdStrike researchers reported this week that the Play ransomware operation utilized a new Microsoft Exchange attack dubbed 'OWASSRF' that chained exploits for CVE-2022-41082 and CVE-2022-41080 to gain initial access to corporate networks.

LastPass finally admits: Those crooks who got in? They did steal your password vaults, after all…
2022-12-23 19:58

We have seen no evidence that this incident involved any access to customer data or encrypted password vaults. Although the threat actor was able to access the Development environment, our system design and controls prevented the threat actor from accessing any customer data or encrypted password vaults.

Hackers exploit bug in WordPress gift card plugin with 50K installs
2022-12-23 17:17

Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000 websites. YITH WooCommerce Gift Cards Premium is a plugin that website operators to sell gift cards in their online stores.

Massive Twitter data leak investigated by EU privacy watchdog
2022-12-23 15:06

"The DPC corresponded with Twitter International Unlimited Company in relation to a notified personal data breach that TIC claims to be the source vulnerability used to generate the datasets and raised queries in relation to GDPR compliance," the Irish privacy regulator said on Friday. Twitter's lead EU watchdog wants to determine if Twitter has complied with its obligation as a data controller regarding the processing of users' data and if it infringed any General Data Protection Regulation or Data Protection Act 2018 provisions.