- ‘Snatch’ Ransom Group Exposes Visitor IP Addresses
The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams, Adobe Reader, Mozilla Thunderbird, and Discord.
- LastPass: ‘Horse Gone Barn Bolted’ is Strong Password
The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.
- Who’s Behind the 8Base Ransomware Website?
The victim shaming website operated by the cybercriminals behind 8Base -- currently one of the more active ransomware groups -- was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least some of website's code was written by a 36-year-old programmer residing in the capital city of Moldova.
- FBI Hacker Dropped Stolen Airbus Data on 9/11
In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle "USDoD" had infiltrated the FBI's vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying all InfraGard members and by seizing the cybercrime forum where the data was being sold. But on Sept. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus, while promising to visit the same treatment on top U.S. defense contractors.
- Adobe, Apple, Google & Microsoft Patch 0-Day Bugs
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do.
- Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.
- Why is .US Being Used to Phish So Many of Us?
Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.
- Feed has no items.
- Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product
Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the underlying operating system. The post Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product appeared first on SecurityWeek.
- Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
Verisoul, a company that has developed a SaaS platform for detecting and blocking fake users, has raised $3.25 million in seed funding. The post Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users appeared first on SecurityWeek.
- Lumu Raises $30 Million for Threat Detection and Response Platform
Intrusion detection company Lumu has raised $30 million in a Series B funding round led by Forgepoint Capital. The post Lumu Raises $30 Million for Threat Detection and Response Platform appeared first on SecurityWeek.
- Government Shutdown Could Bench 80% of CISA Staff
Roughly 80% of CISA staff will be sent home at the end of the week in case of a government shutdown. The post Government Shutdown Could Bench 80% of CISA Staff appeared first on SecurityWeek.
- Moving From Qualitative to Quantitative Cyber Risk Modeling
Migrating to a quantitative cyber risk model of analysis allows for more accurate data, which leads to more informed decision-making. The post Moving From Qualitative to Quantitative Cyber Risk Modeling appeared first on SecurityWeek.
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. The post Cisco Warns of IOS Software Zero-Day Exploitation Attempts appeared first on SecurityWeek.
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Russian zero-day acquisition firm Operation Zero is now offering $20 million for full Android and iOS exploit chains. The post Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits appeared first on SecurityWeek.