Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Severe LastPass breach, Inglis resigns post, Xfinity accounts hacked | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


LastPass admits to severe data breach, encrypted password vaults stolen

The August 2022 security breach of LastPass may have been more severe than the company previously disclosed. On Thursday, LastPass revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted passwords by using data siphoned from the earlier break-in. Also stolen is “basic customer account information and related metadata including company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service,” the company said. The August 2022 incident, which remains a subject of an ongoing investigation, involved hackers accessing source code and proprietary technical information from its development environment via a single compromised employee account.

(The Hacker News)

Chris Inglis to resign as national cyber director

National Cyber Director Chris Inglis plans to step down from his position as a senior White House cybersecurity adviser, a decision first reported by CNN and confirmed to CyberScoop by three sources with direct knowledge of the matter. The news comes as Inglis is traveling in Japan on a trip meant to strengthen cyber collaboration with a key ally in the region and as cybersecurity issues generally are topping the White House agenda. President Biden nominated Inglis, the former deputy director of the National Security Agency, to lead the newly formed Office of the National Cyber Director (ONCD) last year, tasking him to stand up an office that aims to bring a unified approach to U.S. cybersecurity policy. A spokesperson for ONCD declined to comment on Inglis’s planned departure.

(Cyberscoop)

Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges. Starting on December 19th, many Xfinity email users began receiving notifications that their account information had been changed. However, when attempting to access the accounts, they could not log in as the passwords had been changed. After regaining access to the accounts, they discovered they had been hacked and a secondary email at the disposable @yopmail.com domain was added to their profile. 

(Bleeping Computer)

GuLoader malware using new techniques to evade security software

Researchers at CrowdStrike have exposed a variety of techniques adopted by an advanced malware downloader called GuLoader to evade security software. GuLoader, also called CloudEyE, is a Visual Basic Script (VBS) downloader that’s used to distribute remote access trojans on infected machines. It was first detected in the wild in 2019. A recent GuLoader sample unearthed by CrowdStrike exhibits a three-stage process wherein the VBScript is designed to deliver a next-stage that performs anti-analysis checks before injecting shellcode embedded within the VBScript into memory.

(The Hacker News)

Thanks to this week’s episode sponsor, Tines

Wondering how the world’s leading security teams are figuring out how to do more with less? The answer is Tines! Tines is a hyper-flexible automation platform loved by customers like Okta, Canva, Kayak, and Coinbase. Tines enables security teams to focus on what matters most by taking care of the grunt work! Learn more at Tines.com.

Microsoft fined $64 million by France over cookies used in Bing searches

CNIL, France’s digital privacy regulator, has fined Microsoft €60 million ($64 million) for not offering clear enough instruction for users to reject cookies used for online ads, as part of the move to enforce Europe’s tightening data protection law. The organization said Thursday that it carried out several investigations on the Microsoft search engine Bing in September 2020 and May 2021 and found that the site dropped advertising cookies in users’ terminals without their explicit consent. The website also lacked a button for users to reject cookies as simply as accepting them, CNIL said, where two clicks were required to refuse all cookies while only one was needed to accept them.

(SCMagazine.com)

DuckDuckGo now blocks Google sign-in pop-ups on all sites

DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it perceives as an annoyance and a privacy risk for its users. DuckDuckGo offers a privacy-focused search engine, an email service, mobile apps, and data-protecting browser extensions. A standalone web browser is also in the works, currently in beta and only available for macOS. The company announced last Thursday that all its Chrome, Firefox, Brave, and Microsoft Edge apps and browser extensions will now actively block Google sign-in prompts displayed on sites. 

(Bleeping Computer)

Threat actor allegedly offers data of 400,000,000 Twitter users 

A hacker who is active on the hacking forum Ryushi is urging interested prospects to buy sensitive details that were stolen from over 400 million Twitter account users. The hacker claims to have obtained access to the data through a vulnerability on the database and is ready to sell it for a hefty price of $400,000,000. The hacker is also inviting Elon Musk or any of the Twitter staff to buy back the data to avoid penalties imposed by GDPR lawsuits ranging from $5.4m to $8.7m. The selling criminal also attested that Escrow payments will cover the sale in control of the forum admin – the infamous Pompompurin. Ireland’s Data Protection Commissioner has opened up an investigation and has linked the current data possession claim to a massive data breach that took place last month.

(Cybersecurity Insiders)

Experts warn of a critical Linux Kernel vulnerability

A critical Linux kernel vulnerability (CVSS score of 10) exposes SMB servers with KSMBD enabled to hack. KSMBD is a Linux kernel server that implements SMB3 protocol in kernel space for sharing files over the network. An unauthenticated, remote attacker can execute arbitrary code on vulnerable installations of the Linux Kernel. The vulnerability was discovered on July 26, 2022, by the researchers the Thalium Team at Thales Group, and was publicly disclosed on December 22, 2022.

(Security Affairs)

——————————————————–


Click Here For The Original Story From This Source.

National Cyber Security

FREE
VIEW