Cybersecurity

Questions are swirling around Uber's internal security practices after an 18-year-old hacker gained what appears to have been complete administrative access to critical parts of the company's IT infrastructure using an employee's VPN credentials as an initial access vector.   Numerous screenshots that the alleged attacker posted online suggest the intruder did not have to breach a single internal system to essentially pwn the ride-sharing giant's IT...

Read More

Open-source security has been high on the agenda this year, with a number of initiatives, projects, and guidance launched in 2022 to help improve the cyber resiliency of open-source code, software and development. Vendors, tech firms, collectives and governments have contributed to helping raise the open-source security bar amid organizations’ increasing use of and reliance upon open-source resources, along with the complex security risks and...

Read More

The Irish Data Protection Commissioner will fine Instagram $402 million for allegedly mishandling the personal data of children, specifically through default settings that left phone numbers and email addresses for users between the ages of 13 and 17 exposed via Instagram business accounts, according to published reports.   It’s the second-largest fine ever handed out by EU-based regulators, behind only the $739 million that Luxembourg authorities levied...

Read More

A variant of the Mirai botnet known as MooBot is co-opting vulnerable D-Link devices into an army of denial-of-service bots by taking advantage of multiple exploits.   "If the devices are compromised, they will be fully controlled by attackers, who could utilize those devices to conduct further attacks such as distributed denial-of-service (DDoS) attacks," Palo Alto Networks Unit 42 said in a Tuesday report.   MooBot, first disclosed by...

Read More

A relatively new cyber-espionage group is using an intriguing custom arsenal of tools and techniques to compromise companies and governments in Southeast Asia, the Middle East, and southern Africa, with attacks aimed at collecting intelligence from targeted organizations.   According to an analysis published on Tuesday by cybersecurity firm ESET, the hallmark of the group, which is dubbed Worok, is its use of custom tools not seen in other...

Read More

Researchers have identified functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further strengthening the operators' connections to the Russia-based Evil Corp group.   The findings suggest that "Evil Corp is likely using Raspberry Robin infrastructure to carry out its attacks," IBM Security X-Force researcher Kevin Henson said in a Thursday analysis.   Raspberry Robin (aka QNAP Worm), first discovered...

Read More

LastPass, maker of a popular password management application, revealed Thursday that an unauthorized party gained access to its development environment through a compromised developer account and stole some source code and proprietary technical information. An initial probe of the incident has revealed no evidence that customer data or encrypted password vaults were accessed by the intruder, CEO Karim Toubba stated in a company blog post.   Toubba...

Read More

Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to target Israeli entities, indicating the vulnerability's long tail for remediation.   Microsoft attributed the latest set of activities to the umbrella threat group tracked as MuddyWater (aka Cobalt Ulster, Mercury, Seedworm, or Static Kitten), which is linked to the Iranian intelligence apparatus, the Ministry of Intelligence and Security (MOIS).   The attacks are notable...

Read More

Cyberattackers have compromised the internal systems of LastPass, making off with source code and intellectual property.   The password management company said it detected anomalous activity in its development environment two weeks ago. After digging into the forensic data, investigators determined that someone (or someones) compromised a developer account to gain access to the network, taking "portions of source code and some proprietary LastPass technical information," according...

Read More

According to the Cloud Security Alliance's 2021 report, "State of Cloud Security Concerns, Challenges and Incidents," 41% of participants were "unsure" whether they had experienced a cloud security incident in the recent year.   And that percentage doubled since 2019.   Cloud security threats are on the rise, and more organizations are using two or more public cloud providers to meet organizational needs. These cloud environments typically host sensitive...

Read More