Tag Archives: security

News

Security Stop-Press : Failure To Update Plex Was Behind LastPass Hack

It’s been reported that a LastPass engineer failing to update Plex with a patch for a nearly three-year-old flaw on their home computer enabled the massive LastPass hack where a “threat actor” obtained “encrypted backups from a third-party cloud storage service” relating to its Central, Pro, join.me, Hamachi, and RemotelyAnywhere products.

The threat actor also obtained an encryption key for a portion of the encrypted backups. This highlights the importance of staying up to date with patching and ensuring that the latest software updates are installed.

News

Security Stop-Press : Business Warned That ‘Deepfakes’ Are On The Rise

Following research, identity proofing experts ID R&D have warned businesses that there has been a rise in the number of fraud attempts and cyberattacks leveraging deepfake technology, i.e. the use of AI-powered technology to create convincing videos of people. Research indicates that nearly half (42 per cent) of organisations have already encountered deepfake attacks.

ID R&D has also warned that injection attacks, where cyber criminals bypass the camera or inject digital content into the data stream, e.g. to help bypass biometric authentication, are also on the rise. These threats highlight the need for new products and services to help businesses defend themselves against increasingly advanced identity theft attacks.

News

Security Stop-Press : “Swiss Army Knife Malware” Warning

A report from Picus Security has warned of the rise of multi-purpose strains of malware, which it dubs “Swiss Army knife malware” capable of performing all kinds of actions. Picus Security’s analysis of 550,000 real-world malware samples revealed that one third carry at least 20 individual Tactics, Techniques, and Procedures (TTP) with the most common features being the abuse of legitimate software, lateral movement, and file encryption. To defend against increasingly sophisticated malware, the advice is to prioritise commonly used attack techniques, and to continuously validate the effectiveness of security controls.

News

Security Stop-Press : Google Ads Ransomware Risk

Security researchers have reported observing a threat actor using widespread, ongoing Google Ads campaigns to spread malware, steal passwords, and breach networks for ransomware attacks. It’s been reported that the ads feature websites for popular programs, like LightShot, Rufus, 7-Zip, FileZilla, LibreOffice, AnyDesk, Awesome Miner, TradingView, WinRAR, and VLC.

The advice is to use caution with ads for these products, but Google has said that it is enforcing robust policies related to this issue, has reviewed the ads in question and has removed them.

News

Security Stop-Press : PayPal Data Breach

PayPal has confirmed that nearly 35,000 users may have been affected following a data breach between December 6 and December 8, 2022. The suspected ‘credential stuffing’ attack may have meant that details like users’ names, addresses, Social Security numbers, tax ID numbers, and/or dates of birth may have been viewed but there is no current evidence that the data has been misused.

PayPal has now informed people by email and reset the passwords for the affected users, added enhanced security controls, and given affected users one year free identity monitoring services through Equifax.

News

Security Stop-Press : 14 UK Schools Hacked And Data Leaked Online

Hackers from ‘Vice Society’ have stolen confidential pupil data from 14 UK schools and leaked the data online on the dark web. A variety of documents and data were stolen during the attacks in 2021 and 2022 including SEN information, child passport scans, staff pay scales and contract details. The ICO and Police are reported to be investigating and the targeted schools have taken post-breach measures which include working with cyber-security specialists, blocking remote access to all but a few staff with 2FA, and re-setting passwords.

News

Security Stop-Press : LastPass Second Data Breach

Password app company LastPass has reported a second data breach that may be related to a previous breach in August where source code and some proprietary LastPass technical information were taken.

The company has reported that in this most recent attack, a threat actor using information from August’s attack accessed “certain elements of our customers’ information.” LastPass says, however, that customers’ passwords remain safely encrypted, its services remain fully functional, and it is currently working to discover the scope of the attack and what information has been accessed.

The advice from LastPass is to follow its best practices around setup and configuration of LastPass as detailed here: https://blog.lastpass.com/2022/01/how-to-set-up-your-new-lastpass-account/

News

Security Stop-Press : WhatsApp Data Breach: 487 Million User Phone Numbers!

According to a Cybernews report, it has been alleged on a hacking community forum that 487 million WhatsApp user phone numbers from 84 countries, including the UK, are for sale online as part of a database which may have come from a breach. It’s been reported that the UK dataset contains the phone numbers of 11 million users and is being sold for a per-capita sum of $2,500. The advice is, if you need to check whether your number or email has been stolen in a breach, use a site like https://haveibeenpwned.com/. To make accounts more secure, choose strong passwords, don’t share them between accounts, use 2FA where possible, and use a good authenticator app.

News

Security Stop-Press : Google Chrome Extensions Risk

After analysis of 1,237 Google Chrome extensions available via the Chrome Web Store, researchers from data protection company Incogni concluded in a recent report that almost half (48.6 per cent) have a high or very high-risk impact. This means that they may be storing sensitive, personally identifiable data. The advice is for users to be vigilant and to only choose extensions from trusted developers, i.e. those with a history of problem-free software development and high user ratings.

News

Security Stop-Press : Top Three Malware Threats Identified

Check Point’s latest Global Threat Index has highlighted how three particular malware families (info-stealers) made up approaching a fifth (16 per cent) of global detections in September. These are AgentTesla (RAT malware) that affected 7 percent of organisations, SnakeKeylogger, a Modular .NET keylogger and credential stealer that affected 5 per cent of organisations, and the Lokibot info-stealer (used in phishing emails) that accounted for 4 per cent of attacks.

The advice is to remember to keep using simple but effective cyber hygiene practices including taking regular backups, using antivirus and keeping it updated, and being particularly careful with email security and not clicking on any suspicious links in emails.