The Week in Ransomware – August 26th 2022 – Fighting back We saw a bit of ransomware drama this week, mostly centered around LockBit, who saw their data leak sites taken down by a DDoS attack after they started leaking the allegedly stolen Entrust data. Last week, LockBit claimed responsibility for a ransomware Read more…
DoorDash Discloses New Data Breach Tied to Twilio Hackers Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. In a security advisory released Thursday afternoon, DoorDash says that a threat actor gained access to the company’s internal Read more…
Atlassian Bitbucket Server Vulnerable to Critical RCE Vulnerability Atlassian has published a security advisory warning Bitbucket Server and Data Center users of a critical security flaw that attackers could leverage to execute arbitrary code on vulnerable instances. Bitbucket is a Git-based code hosting, management, and collaboration tool, with Jira and Read more…
Twilio Breach Let Hackers Gain Access to Authy 2FA Accounts Twilio’s investigation into the attack on August 4 reveals that hackers gained access to some Authy user accounts and registered unauthorized devices. Authy is a two-factor authentication (2FA) service from Twilio that allows users to secure their online accounts where the feature is Read more…
Microsoft: Iranian Hackers Still Exploiting Log4j Bugs Against Israel Hackers continue to exploit the Log4j vulnerability in vulnerable applications, as shown by the Iranian ‘MuddyWater’ threat actor who was found targeting Israeli organizations using the SysAid software. The vulnerability in Log4j (“Log4Shell”) was discovered and patched in December 2021 but still plagues a wide range Read more…
Windows 11 KB5016691 Preview Update Released with 22 Changes Microsoft has released the optional KB5016691 Preview cumulative update for Windows 11 with 22 fixes or improvements. This Windows 11 cumulative update is part of Microsoft’s August 2022 monthly “C” update, allowing users to test upcoming fixes coming in the September Read more…
How ‘Kimsuky’ Hackers Ensure their Malware only Reach Valid Targets The North Korean ‘Kimsuky’ threat actors are going to great lengths to ensure that their malicious payloads are only downloaded by valid targets and not on the systems of security researchers. According to a Kaspersky report published today, the threat Read more…
LastPass Developer Systems Hacked to Steal Source Code Password management firm LastPass was hacked two weeks ago, enabling threat actors to steal the company’s source code and proprietary technical information. The disclosure comes after BleepingComputer learned of the breach from insiders last week and reached out to the company on Read more…
Hackers Abuse Genshin Impact Anti-cheat System to Disable Antivirus Hackers are abusing an anti-cheat system driver for the immensely popular Genshin Impact game to disable antivirus software while conducting ransomware attacks. The driver/module, “mhypro2.sys,” doesn’t need the target system to have the game installed, and it can operate independently or Read more…
Microsoft: Russian Malware Hijacks ADFS to Log in as Anyone in Windows Microsoft has discovered a new malware used by the Russian hacker group APT29 (a.k.a. NOBELIUM, Cozy Bear) that enables authentication as anyone in a compromised network. As a state-sponsored cyberespionage actor, APT29 employs the new capability to hide Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
