Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. It started back in August of 2022 as a fairly common breach notification on a blog, but it, unfortunately, turned into more of a blog series. The initial blog was on August 25th, saying there was a breach, but it wasn’t so bad because they had no access to customer data or password vaults: Two weeks ago, we detected some unusual activity within portions of the LastPass development environment.

Password Management 364

Password Management Passwords Encryption Backups 364

Security Affairs

DECEMBER 24, 2022

The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. The campaign has been active since at least September 2022, most of the infections have been observed in Argentina (34,8%), followed by Australia (23,2%). “We found samples of

Government 98

Government Malware Telecommunications Cybercrime 98

The Hacker News

DECEMBER 24, 2022

Threat actors have published yet another round of malicious packages to Python Package Index (PyPI) with the goal of delivering information-stealing malware on compromised developer machines.

Malware 98

Malware Cybersecurity 98

Security Affairs

DECEMBER 24, 2022

The cybersecurity researcher RE-Solver discovered Backdoor credentials in ZyXEL LTE3301-M209 LTE indoor routers. Security researcher ReSolver announced the discovery of hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. In previous research, the expert discovered a Telnet backdoor in D-Link DWR-921 which is also present in the ZyXEL LTE3301-M209 as well.

Firmware 98

Firmware Passwords Hacking Cybersecurity 98

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

WIRED Threat Level

DECEMBER 24, 2022

Plus: An offensive US hacking operation, swatters hacking Ring cameras, a Netflix password-sharing crackdown, and more.

Hacking 98

Hacking Passwords 98

Bleeping Computer

DECEMBER 24, 2022

A new information-stealing malware named 'RisePro' is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install (PPI) malware distribution service. [.].

Malware 77

Malware Software 77

Security Boulevard

DECEMBER 24, 2022

Our thanks to USENIX for publishing their Presenter’s USENIX Security ’22 Conference tremendous content on the organization’s’ YouTube channel. Permalink. The post USENIX Security ’22 – Bailey Kacsmar, Kyle Tilbury, Miti Mazmudar, Florian Kerschbaum ‘Caring About Sharing: User Perceptions Of Multiparty Data Sharing’ appeared first on Security Boulevard.

Education 52

Education InfoSec Cybersecurity 52

Security Affairs

DECEMBER 24, 2022

The cybersecurity researcher RE-Solver discovered Backdoor credentials in ZyXEL LTE3301-M209 LTE indoor routers. Security researcher ReSolver announced the discovery of hardcoded credentials (CVE-2022-40602) in ZyXEL LTE3301-M209 LTE indoor routers. In previous research, the expert discovered a Telnet backdoor in D-Link DWR-921 which is also present in the ZyXEL LTE3301-M209 as well.

Firmware 52

Firmware Passwords Hacking Cybersecurity 52