Security News

VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users. VirusTotal data leak exposed exploitable information.

The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused great concern among the enterprise, governments, and the cybersecurity community. BlackLotus is a Windows-targeting UEFI bootkit that bypasses Secure Boot on fully patched Windows 11 installs, evades security software, persists on an infected system, and executes payloads with the highest level of privileges in the operating system.

KeePass has released version 2.54, fixing the CVE-2023-3278 vulnerability that allows the extraction of the cleartext master password from the application's memory.In May 2023, security researcher 'vdohney' disclosed a vulnerability and proof-of-concept exploit that allowed you to partially extract the cleartext KeepPass master password from a memory dump of the application.

A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. One notable aspect of the attackers leveraging the Buhti ransomware is their ability to quickly exploit newly disclosed vulnerabilities.

The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. The latest findings from Symantec show that Blacktail's modus operandi might be changing, what with the actor leveraging modified versions of the leaked LockBit 3.0 and Babuk ransomware source code to target Windows and Linux, respectively.

A new ransomware operation named 'Buhti' uses the leaked code of the LockBit and Babuk ransomware families to target Windows and Linux systems, respectively. Blacktail uses the Windows LockBit 3.0 builder that a disgruntled developer leaked on Twitter in September 2022.

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkitFor May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug and a Secure Boot bypass flaw exploited by attackers in the wild. MSI's firmware, Intel Boot Guard private keys leakedThe cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company's private code signing keys on their dark web site.

The company's mea culpa came two days after a cyberextortion gang going by the name Money Message claimed to have stolen MSI source code, BIOS development tools, and private keys. Researchers at vulnerability research company Binarly claim not only to have got hold of the data stolen in the breach, but also to have searched through it for embedded crpyotgraphic keys and come up with numerous hits.

The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security firm Binarly, said in a tweet over the weekend.

The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company's private code signing keys on their dark web site. MSI is a corporation that develops and sells computers and computer hardware.