Malwarebytes

JANUARY 2, 2024

The decryptor works for victims whose files were encrypted between November 2022 and December 2023. The decryptor, called Black Basta Buster, exploits a flaw in the encryption algorithm used in older versions of the Black Basta group’s ransomware. Stop malicious encryption.

Encryption 134

Encryption Ransomware Backups Malware 134

Bleeping Computer

JANUARY 24, 2023

GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups containing customer information and an encryption key for a portion of that data. [.]

Backups 138

Backups Encryption 138

Anton on Security

MARCH 3, 2022

2020 Anton’s Security Blog Quarterly Q1 2022 was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

Threat Detection 189

Threat Detection Cloud Migration Encryption Engineering 189

Daniel Miessler

DECEMBER 24, 2022

It started back in August of 2022 as a fairly common breach notification on a blog, but it, unfortunately, turned into more of a blog series. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults. Actually, some data was lost.

Password Management 364

Password Management Passwords Encryption Backups 364

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Hacking 311

Hacking Phishing Cybercrime Passwords 311

Krebs on Security

SEPTEMBER 22, 2023

But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. Still, Palant and others impacted by the 2022 breach at LastPass say their account security settings were never forcibly upgraded.

Passwords 304

Passwords Encryption Password Management Cryptocurrency 304

SecureList

MAY 16, 2023

Download the full version of the report (PDF) Kaspersky Incident Response in various regions and industries In 2022, 45.9% Key trends in 2022: initial attack vectors and impact In 2022, attackers most often penetrated organizations’ infrastructure by exploiting various vulnerabilities in public-facing applications (42.9%).

Ransomware 143

Ransomware Encryption Security Awareness Authentication 143

Cisco Security

JANUARY 18, 2023

When EMA asked many of the same questions in an updated survey of 204 technology and business leaders toward the end of 2022, they found that nearly all the conclusions in the 2018/2019 report still hold true today.

Encryption 141

Encryption Engineering Technology Firewall 141

Joseph Steinberg

JULY 20, 2022

There is little doubt that quantum computing will ultimately undermine the security of most of today’s encryption systems , and, thereby, render vulnerable to exposure nearly every piece of data that is presently protected through the use of encryption. Such an attitude is not alarmist – it is reality, whether we like it or not.

Risk 338

Risk Encryption Government Artificial Intelligence 338

Schneier on Security

JANUARY 21, 2022

Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.

Surveillance 345

Surveillance Encryption Wireless Government 345

The Hacker News

FEBRUARY 27, 2023

LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems.

Encryption 141

Encryption Passwords Data breaches Cyber Attacks 141

Schneier on Security

MARCH 16, 2022

The weak Canon keys are tracked as CVE-2022-26351. Böck also found four vulnerable PGP keys, typically used to encrypt email, on SKS PGP key servers. Printer users can use the keys to generate a Certificate Signing Request. The creation date for the all the weak keys was 2020 or later.

Manufacturing 313

Manufacturing Encryption 313

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. 15, 2022, LastPass said an investigation into the August breach determined the attacker did not access any customer data or password vaults.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Anton on Security

JUNE 10, 2022

There are people buying their first SIEM in 2022. There are people adopting virtualization in 2022. There are people moving to “next-gen” firewalls (a great innovation of 2005) in 2022. But why not just accept that in 2022, SIEM = SIEM + SOAR + UEBA ? Pretty much every SIEM vendor is a SIEM/SOAR/UEBA vendor.

VPN 189

VPN Marketing Firewall Passwords 189

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 340

Social Engineering Mobile Passwords Cybercrime 340

Schneier on Security

DECEMBER 26, 2022

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

Passwords 293

Passwords Encryption Backups Password Management 293

SecureList

OCTOBER 31, 2022

In March 2022, we observed a Microsoft Word file that was used as the infection vector in some attacks. The second part will provide technical analysis of the LODEINFO backdoor and the related shellcode for each version of the backdoor with the latest LODEINFO IoCs and related information discovered in 2022. 2022-06-14 03:47:04.A

Malware 145

Malware Encryption Media Phishing 145

eSecurity Planet

DECEMBER 7, 2023

Encryption scrambles data to make it unreadable to those without decryption keys. Proper use of encryption preserves secrecy and radically lowers the potential damage of a successful cybersecurity attack. Encryption algorithm types will provide an overview of the mathematical algorithms used to encrypt data (AES, RSA, etc.),

Encryption 108

Encryption Passwords Authentication Password Management 108

Joseph Steinberg

JUNE 9, 2022

According to published reports, immediately after discovering the unauthorized encryption of data by ransomware on some district computers, technology personnel shut down the districtwide computer system, and commenced an investigation along with outside cybersecurity experts.

Ransomware 363

Ransomware Artificial Intelligence Education Cybercrime 363

Krebs on Security

NOVEMBER 17, 2022

He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. “We’ve found someone who can crack the encryption.” Then came the unlikely call from an FBI agent. “Don’t pay,” the agent said.

Ransomware 334

Ransomware Encryption Backups Manufacturing 334

Schneier on Security

AUGUST 8, 2022

The idea is to standardize on both a public-key encryption and digital signature algorithm that is resistant to quantum computing, well before anyone builds a useful quantum computer. NIST was poised to make final algorithm selections in 2022, with a plan to have a draft standard available for public comment in 2023.

Encryption 358

Encryption Architecture Engineering Information Security 358

SecureList

NOVEMBER 10, 2022

Cryptocurrency prices were dropping from the end of 2021 and throughout the first half of 2022. Cybercriminals pay neither for equipment, nor for electricity, which is rather expensive in 2022. In this report we analyze cryptojacking activity in the first three quarters of 2022, and provide some relevant statistics and insights.

Cryptocurrency 142

Cryptocurrency Malware Software Ransomware 142

CyberSecurity Insiders

NOVEMBER 29, 2022

As we near the end of 2022, IT professionals look back at one of the worst years on record for incidents. During 2022 over 65% of organizations expected security budgets to expand. In 2022 we witnessed several third-party supply chain breaches. IoT/OT and DoS attack vectors were key areas in 2022 for an attack.

Phishing 134

Phishing Mobile Technology Ransomware 134

SecureList

NOVEMBER 1, 2022

This is our latest installment, focusing on activities that we observed during Q3 2022. We can confirm a Maui ransomware incident in 2022, but we would expand their “first seen” date from the reported May 2021 to April 15, 2021, and the geolocation of the target to Japan and India. The most remarkable findings.

Malware 145

Malware Ransomware Spyware Encryption 145

Krebs on Security

JUNE 8, 2023

More alarmingly, the company said it appears attackers first started exploiting the flaw in October 2022. If they’re going for data ransoming, they’re encrypting the data itself — not the machines.” “Barracuda’s recommendation at this time is full replacement of the impacted ESG.”

Firmware 347

Firmware Malware Software Ransomware 347

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. Independent security research and consulting team SRLabs discovered a vulnerability in Black Basta ransomware’s encryption algorithm and exploited it to create a free decryptor.

Ransomware 140

Ransomware Encryption Insurance Malware 140

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware group has been active since April 2022 , like other ransomware operations, it implements a double-extortion attack model. A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022.

Hacking 144

Hacking Encryption Ransomware Insurance 144

SecureWorld News

JULY 12, 2024

On July 12, 2024, AT&T disclosed a data security incident that occurred in 2022. Enhancing security measures: Immediate steps were taken to bolster security, including updating access controls, enhancing encryption protocols, and conducting comprehensive security audits to identify and address potential vulnerabilities.

Data breaches 109

Data breaches Passwords Authentication Artificial Intelligence 109

Schneier on Security

MARCH 31, 2022

The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. The exploit kit would AES encrypt each stage, including the clients’ responses with a session-specific key. North Korean hackers have been exploiting a zero-day in Chrome. Additional stages were not served if the previous stage failed.

Hacking 278

Hacking Encryption 278

SecureWorld News

DECEMBER 8, 2024

Recent progress has sparked discussions, but current capabilities are still far from threatening encryption standards like 2048-bit RSA. It is essential to understand the risks posed by quantum computing, as future advancements could compromise today's encrypted data, opening new opportunities for threat actors.

Encryption 102

Encryption Firewall Education Firmware 102

Krebs on Security

DECEMBER 29, 2022

Thanks to your readership and support, I was able to spend more time in 2022 on some deep, meaty investigative stories — the really satisfying kind with the potential to affect positive change. Some of that work is highlighted in the 2022 Year in Review review below. ” SEPTEMBER. million user accounts earlier this year.

Cryptocurrency 270

Cryptocurrency Cybercrime Computers and Electronics Scams 270

Security Affairs

JULY 9, 2024

DoNex is a rebrand of Muse and DarkRace ransomware, it first appeared in the threat landscape in April 2022. Upon execution, an encryption key is generated by CryptGenRandom() function. The malicious code uses the key to initialize ChaCha20 symmetric key and subsequently encrypt files.

Ransomware 135

Ransomware Encryption Passwords Hacking 135

The Last Watchdog

FEBRUARY 8, 2023

Smallstep launched in April 2022 with $26 million in funding, including a seed round of $7 million led by boldstart ventures with participation from Accel Partners , Bain Capital Ventures and Upside Partnership, LLC., and a Series A of $19 million led by StepStone Group. For a full drill down, please give the accompanying podcast a listen.

Encryption 42

Encryption Authentication Internet Internet 42

The Last Watchdog

AUGUST 19, 2022

VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe. I had the chance at Black Hat 2022 to visit with Rajiv Pimplaskar, CEO at Dispersive , an Alpharetta, GA-based supplier of advanced cloud obfuscation technology.

Small Business 213

Small Business Technology Software Encryption 213

Security Affairs

NOVEMBER 28, 2022

1/9 pic.twitter.com/WyxzCZSz84 — ESET research (@ESETresearch) November 25, 2022. From August 2022, Recorded Future researchers observed a rise in command and control (C2) infrastructure used by Sandworm (tracked by Ukraine’s CERT-UA as UAC-0113). The key is then RSA encrypted and written to aes.bin. Pierluigi Paganini.

Ransomware 142

Ransomware Encryption Telecommunications Malware 142

The Hacker News

SEPTEMBER 20, 2023

Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. The site operated as a hidden service in the encrypted TOR network," the Finnish Customs (aka Tulli) said in a brief announcement on Tuesday.

Encryption 133

Encryption 133

Malwarebytes

JULY 25, 2024

BitLocker is a Windows security feature that encrypts entire drives. Affected systems are running Windows 10 and 11 or one of the server versions (Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008.).

Encryption 143

Encryption Firmware Accountability Risk 143