Cybersecurity

Okta says Lapsus$ breach lasted 25 minutes, impacted two customers

Okta said Tuesday that a forensic investigation that it commissioned found that the hacker group Lapsus$ accessed two active customer tenants during the January breach of a third-party support firm. The threat actor “actively controlled” a workstation belonging to one…

Is Bashar al-Assad’s Army of Hackers Gone for Good?

In April 2013, pro-Assad online activists from Syria hacked into the Twitter account of the Associated Press and tweeted about a fake explosion at the White House that supposedly injured President Barack Obama, leading the U.S. stock market to temporarily dip by $136…

Conti’s Ransomware Toll on the Healthcare Industry

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that…

Blockchain companies are being targeted by North Korean hackers, US agencies warn

The Cybersecurity and Infrastructure Security Agency (CISA), the Department of Treasury, and the FBI issued a joint advisory Monday evening describing a North Korean state-sponsored hacking campaign that has been associated with cryptocurrency heists since at…

New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops

Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices…

CISA warns of attackers now exploiting Windows Print Spooler bug

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler. This high severity vulnerability (tracked as CVE-2022-22718)…

Zero-day exploits found and disclosed hit a record high in 2021, Google Project Zero says

Researchers at Google’s Project Zero said they tracked 58 cases of zero-day exploits “in the wild” in 2021 — the most ever detected and disclosed in a single year since the group began its work in mid-2014. The 2021 total is more than double the previous maximum, 28, tracked…

Funky Pigeon Suspends Orders Following Cyber-Attack

Gift card retailer Funky Pigeon has experienced a cyber-attack, leading the firm to temporarily suspend orders. Funky Pigeon, which is owned by WHSmith, revealed it had taken its systems offline as a precaution, preventing it from fulfilling customer orders…

Emotet botnet switches to 64-bit modules, increases activity

The Emotet malware is having a burst in distribution and is likely to soon switch to new payloads that are currently detected by fewer antivirus engines. Security researcher monitoring the botnet are observing that emails carrying malicious payloads last month have…

QNAP urges customers to disable UPnP port forwarding on routers

Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet. UPnP is a set of insecure network…