Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Hacking 342

Hacking Cybercrime Phishing Passwords 342

Krebs on Security

SEPTEMBER 22, 2023

But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. Still, Palant and others impacted by the 2022 breach at LastPass say their account security settings were never forcibly upgraded.

Passwords 326

Passwords Encryption Password Management Cryptocurrency 326

Anton on Security

MARCH 3, 2022

2020 Anton’s Security Blog Quarterly Q1 2022 was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

Threat Detection 189

Threat Detection Cloud Migration Encryption Engineering 189

Daniel Miessler

DECEMBER 24, 2022

It started back in August of 2022 as a fairly common breach notification on a blog, but it, unfortunately, turned into more of a blog series. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults. Actually, some data was lost.

Password Management 364

Password Management Passwords Encryption Backups 364

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. The RAT supports advanced evasion techniques, including living-off-the-land ( LOTL ) tactics and encrypted command and control (C2) communications. opendnsapi.net), and uses IPFS to retrieve encrypted modules.

Encryption 105

Encryption Ransomware Malware Phishing 105

Cisco Security

JANUARY 18, 2023

When EMA asked many of the same questions in an updated survey of 204 technology and business leaders toward the end of 2022, they found that nearly all the conclusions in the 2018/2019 report still hold true today.

Encryption 145

Encryption Engineering Technology Firewall 145

Schneier on Security

JANUARY 21, 2022

Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.

Surveillance 361

Surveillance Encryption Wireless Government 361

SecureList

MAY 16, 2023

Download the full version of the report (PDF) Kaspersky Incident Response in various regions and industries In 2022, 45.9% Key trends in 2022: initial attack vectors and impact In 2022, attackers most often penetrated organizations’ infrastructure by exploiting various vulnerabilities in public-facing applications (42.9%).

Ransomware 140

Ransomware Encryption Security Awareness Passwords 140

Schneier on Security

MARCH 16, 2022

The weak Canon keys are tracked as CVE-2022-26351. Böck also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers. Printer users can use the keys to generate a Certificate Signing Request. The creation date for the all the weak keys was 2020 or later.

Manufacturing 330

Manufacturing Encryption 330

Joseph Steinberg

JULY 20, 2022

There is little doubt that quantum computing will ultimately undermine the security of most of today’s encryption systems , and, thereby, render vulnerable to exposure nearly every piece of data that is presently protected through the use of encryption. Such an attitude is not alarmist – it is reality, whether we like it or not.

Risk 338

Risk Encryption Government Backups 338

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 91

Password Management Cryptocurrency Passwords Data breaches 91

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. Editors note: This report was authored by Gautham Ashok & Alexa Feminella. Rated CVSS 9.8,

VPN 133

VPN Authentication Ransomware Risk 133

Malwarebytes

JANUARY 2, 2024

The decryptor works for victims whose files were encrypted between November 2022 and December 2023. The decryptor, called Black Basta Buster, exploits a flaw in the encryption algorithm used in older versions of the Black Basta group’s ransomware. Stop malicious encryption.

Encryption 125

Encryption Ransomware Backups Malware 125

SecureList

OCTOBER 31, 2022

In the previous publication ‘ Tracking down LODEINFO 2022, part I ‘, we mentioned that the initial infection methods vary in different attack scenarios and that the LODEINFO shellcode was regularly updated for use with each infection vector. In this article, we discuss improvements made to the LODEINFO backdoor shellcode in 2022.

Encryption 145

Encryption Architecture Malware Engineering 145

Schneier on Security

DECEMBER 26, 2022

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

Passwords 304

Passwords Encryption Backups Password Management 304

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. 15, 2022, LastPass said an investigation into the August breach determined the attacker did not access any customer data or password vaults.

Cryptocurrency 361

Cryptocurrency Passwords Encryption Accountability 361

SecureList

OCTOBER 31, 2022

In March 2022, we observed a Microsoft Word file that was used as the infection vector in some attacks. The second part will provide technical analysis of the LODEINFO backdoor and the related shellcode for each version of the backdoor with the latest LODEINFO IoCs and related information discovered in 2022. 2022-06-14 03:47:04.A

Malware 145

Malware Encryption Media Phishing 145

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 358

Social Engineering Mobile Passwords Cybercrime 358

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. “We’ve found someone who can crack the encryption.” Then came the unlikely call from an FBI agent. “Don’t pay,” the agent said.

Ransomware 359

Ransomware Encryption Backups Manufacturing 359

Security Affairs

APRIL 17, 2025

In the 2022 campaigns, threat actors used European Union reports on the conflict in Ukraine and Ukrainian government reports as lures. Rolling XOR Key: Utilized for encrypting communications with the command-and-control (C2) server, with key sizes varying among variants. ” concludes the report.

Encryption 119

Encryption Government Malware Hacking 119

Joseph Steinberg

JUNE 9, 2022

According to published reports, immediately after discovering the unauthorized encryption of data by ransomware on some district computers, technology personnel shut down the districtwide computer system, and commenced an investigation along with outside cybersecurity experts.

Ransomware 363

Ransomware Artificial Intelligence Education Cybercrime 363

Schneier on Security

AUGUST 8, 2022

The idea is to standardize on both a public-key encryption and digital signature algorithm that is resistant to quantum computing, well before anyone builds a useful quantum computer. NIST was poised to make final algorithm selections in 2022, with a plan to have a draft standard available for public comment in 2023.

Encryption 362

Encryption Architecture Engineering Information Security 362

Security Affairs

JANUARY 24, 2025

The reverse shell issued a challenge by sending an encrypted string using a hard-coded certificate. Lumen experts also mentioned another variant of cd00r, codenamed SEASPY , that was used in a campaign targeting Barracuda Email Security Gateway (ESG) appliances that dates back in 2022.

Malware 125

Malware VPN Encryption Hacking 125

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 131

Spyware Malware Mobile Marketing 131

SecureList

NOVEMBER 1, 2022

This is our latest installment, focusing on activities that we observed during Q3 2022. We can confirm a Maui ransomware incident in 2022, but we would expand their “first seen” date from the reported May 2021 to April 15, 2021, and the geolocation of the target to Japan and India. The most remarkable findings.

Malware 145

Malware Ransomware Spyware Encryption 145

Malwarebytes

DECEMBER 6, 2024

The law enforcement investigation started in 2022 when investigators were able to track very specific information used by scammers to the specialized marketplace. What made this market attractive for cybercriminals was that they could buy data sorted by region and account balance with advanced filtering options.

Marketing 118

Marketing Banking Encryption Phishing 118

Security Affairs

MARCH 10, 2025

The Qilin ransomware group has been active since at least 2022 but gained attention in June 2024 for attacking Synnovis , a UK governmental service provider for healthcare. The group typically employs double extortion, stealing and encrypting victims data, then threatening to expose it unless a ransom is paid.

Ransomware 122

Ransomware VPN Healthcare Malware 122

Security Affairs

FEBRUARY 11, 2025

“They allegedly used the Phobos malware to encrypt information on the networks, blocking the companies from accessing the data unless a ransom was paid and a decryption key was provided by the gang. Generation of target list of extensions and folders to encrypt. ” reported the website Nation Thailand.

Ransomware 75

Ransomware Encryption Backups Malware 75

Security Affairs

NOVEMBER 13, 2024

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

VPN 127

VPN Government Malware Manufacturing 127

Krebs on Security

JUNE 8, 2023

More alarmingly, the company said it appears attackers first started exploiting the flaw in October 2022. If they’re going for data ransoming, they’re encrypting the data itself — not the machines.” “Barracuda’s recommendation at this time is full replacement of the impacted ESG.”

Firmware 339

Firmware Malware Software Ransomware 339

Malwarebytes

MAY 8, 2025

The European Data Protection Supervisor recommended an EU ban on the technology in 2022, although this has not yet happened. The ruling drew praise from Amnesty International, which had filed a court brief as part of the case outlining the human rights implications of the attacks on Meta.

Spyware 112

Spyware Hacking Surveillance Government 112

SecureWorld News

JULY 12, 2024

On July 12, 2024, AT&T disclosed a data security incident that occurred in 2022. Enhancing security measures: Immediate steps were taken to bolster security, including updating access controls, enhancing encryption protocols, and conducting comprehensive security audits to identify and address potential vulnerabilities.

Data breaches 120

Data breaches Passwords Authentication Artificial Intelligence 120

Security Affairs

MARCH 2, 2025

3 cyberattack led to unauthorized access, file withdrawals, and encryption of critical applications. “Preliminary investigations indicate that threat actors unlawfully accessed the Companys network, encrypted critical applications, and exfiltrated certain files. The company reported to the SEC that a Feb.

Ransomware 82

Ransomware Encryption Cybercrime Healthcare 82

Schneier on Security

MARCH 31, 2022

The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. The exploit kit would AES encrypt each stage, including the clients’ responses with a session-specific key. North Korean hackers have been exploiting a zero-day in Chrome. Additional stages were not served if the previous stage failed.

Hacking 292

Hacking Encryption 292

Krebs on Security

DECEMBER 29, 2022

Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Review review below. ” SEPTEMBER. million user accounts earlier this year.

Cryptocurrency 305

Cryptocurrency Cybercrime Computers and Electronics Scams 305

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware 138

Ransomware Encryption Insurance Malware 138

Centraleyes

DECEMBER 16, 2024

By 2027, 75% of employees are expected to acquire or modify technology outside of ITs control, up from 41% in 2022. Expect to see more investments in privacy-enhancing technologies (PETs) such as encryption, anonymization, and data masking. In 2025, more attention will be given to developing quantum-resistant encryption techniques.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98