LastPass users furious after being locked out due to MFA resets
LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator apps. The company first announced…
Month: June 2023
RedEyes APT Attacking Individuals to Exfiltrate Sensitive Data
A group of hackers from North Korea, known as RedEyes (aka APT37, ScarCruft, and Reaper), has recently been identified by the researchers at AhnLab Security…
CalPERS Compromised by MOVEit Hackers
CalPERS (California Public Employees’ Retirement Systems) is an organization working to provide pension benefits for retirees and health security services for public servants and their…
Update Your iPhone Right Now to Fix 2 Apple Zero Days
Apple says the patches fix a memory corruption that allowed an app to execute arbitrary code and a WebKit vulnerability that enabled malicious code execution…
GitHub Repositories Are Vulnerable To RepoJacking
An attack called RepoJacking may potentially affect millions of GitHub repositories. If abused, this vulnerability might result in code execution on the internal networks of…
Zero Trust, Cloud Security, And Fortifying Organizations Against Third-Party Breaches
With an impressive track record of over 20 years in the information security industry, Maheswaran Shamugasundaram, Country Manager at Varonis, has solidified his reputation as…
Kimsuky APT Hackers Dropping Malware Via CHM Files
AhnLab Security Emergency Response Center (ASEC) researchers discovered the Kimsuky APT group’s recent strikes, in which attackers have been using CHM files to distribute malware…
Microsoft Teams Vulnerability Let Attackers Deliver Malware
The latest version of Microsoft Teams had a security flaw uncovered recently by Max Corbridge (@CorbridgeMax) and Tom Ellson (@tde_sec), JUMPSEC’s Red Team members. Due…
UPS Hacked – Attackers Using Smishing To Harvest Data
As reports suggest, UPS shipping and logistics recently faced a security incident after finding an unauthorized access issue on their internal audit. There was a…
NSA Releases Guide to Combat BlackLotus Malware
Malicious cyber actors might exploit a known flaw in Microsoft Windows’ secure startup process to bypass Secure Boot protection and run the BlackLotus malware. BlackLotus uses a…
RedEnergy – A New Hybrid Stealer-as-a-Ransomware
Recently, the cybersecurity analysts at Zscaler found a new variant of malware, RedEnergy, a new hybrid Stealer-as-a-Ransomware threat. RedEnergy stealer targets industries through fake updates,…
Amazon Sued For Tricking Users to Get Prime Subscriptions
In the most extreme action taken against the firm by the agency’s chair, Lina Khan, the Federal Trade Commission filed a lawsuit against Amazon on…