Blog
-
Ransomware Attacks on Government Agencies Continue as Chile, Montenegro Experience Major Disruptions
Some Russian criminal groups have directed ransomware attacks as a way to support the invasion of Ukraine. Others are simply attacking government agencies out of opportunity and an apparent lack of fear.
-
Password Manager LastPass Exposes Source Code in Security Breach but User Passwords/Vaults Not Accessed
The immediate danger to LastPass users from this security breach is, fortunately, minimal. The password manager stores each user’s master password on their own local device, preventing a server compromise from exposing it.
-
Phishing Campaign That Hit Twilio Linked to Over 130 Other Breaches
Phishing campaign makes use of over 160 domains, some of which are intended to look like legitimate Okta or VPN sites. Group-IB has linked the campaign to breaches of over 130 other organizations, and attempts on likely thousands more.
-
Bombshell Whistleblower Report From Former Twitter CISO Calls Out Endemic Security and Privacy Failures
The Twitter whistleblower report was filed with the DOJ, FTC, SEC and a number of relevant congressional committees. It describes ongoing lax security and privacy practices that are repeatedly papered over by top executives.
-
Data Leak Sites “Innovating” Yet Again as BlackByte Ransomware Group Adds Lower-Priced Options To Delay Data Dumps & Recover Stolen Info
If you’re hit by the BlackByte ransomware gang you now have a-la-carte options for paying them off via their data leak site, as a tiered payment system has been added.
-
Privacy Messaging App Signal Impacted by Twilio Hack, 1,900 Phone Numbers May Have Been Exposed to Attackers
The damage from the Twilio hack is relatively minimal given that Signal’s privacy messaging app end-to-end encrypts all messages, and stores messages only on user devices. Concerns raised for users registering with phone number instead of only username.
-
Following North Carolina, Florida Forbids Government Agencies From Making Ransomware Payments
Florida has become the second state in the US to forbid its government agencies to make ransomware payments, following similar rules passed in North Carolina in May.
-
Cisco Network Breach: Voice Phishing, MFA Fatigue Are Becoming Common Attacks
Cisco network breach showed that while voice phishing is a sophisticated threat often undertaken by well-funded attackers, leveraging MFA fatigue is simple and can be done by nearly anyone.
-
Account Hijacking Risk Created by Twitter API Keys Leaked From 3,200 Mobile Apps
A new study found that 3,200 mobile apps that link to users’ Twitter accounts are leaking Twitter API keys that could be used for account hijacking and other types of attacks.
-
GitHub Hack, or Bug Bounty Demonstration? 35,000 Forks of Code Repositories Found With Malicious Code From Single Source
Large-scale attempt to manipulate Github code repositories reinforces the importance of paying attention to exactly what you’re downloading. Malicious code tied to a single actor was found in about 35,000 forks and clones on the platform.