DecryptedTech

Skip to content

Friday20 May 2022

Skip to content

Subscribe to this RSS feed

Security Talk (124)

News, and Disucssions centered on Security

Open Source Takes Another Hit as 3rd Protestware Shows up in NPM Repository

Posted on Tuesday, 12 April 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Open Source Takes Another Hit as 3rd Protestware Shows up in NPM Repository

The Open Source community has been one that many leverage to help build their applications. It has become a great place to find applications packages that make building out a larger application or eco systems less time consuming. We see…

Read 190 times

Be the first to comment!

Leaked Conti Ransomware used in Attacks on Russian Targets

Posted on Monday, 11 April 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Leaked Conti Ransomware used in Attacks on Russian Targets

Not that long ago, a Ukrainian security researcher published a vast number of internal chats from the Ransomware group Conti. On top of that treasure trove of information the same researcher also published the source code for the Conti Ransomware.…

Read 342 times

Be the first to comment!

Crypto Mining Malware Targeting Amazon Lambda Serverless Environments

Posted on Friday, 08 April 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Crypto Mining Malware Targeting Amazon Lambda Serverless Environments

Some needs to let Gordan Freeman know that the Xen aliens are attacking Lambda, time to grab a crowbar and go to work. Ok, so there are no invaders from a border dimension coming and the Lambda in question is…

Read 261 times

Be the first to comment!

The State of Banking and Financial Malware on Google’s Play Store is Just Bad

Posted on Friday, 08 April 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

The State of Banking and Financial Malware on Google’s Play Store is Just Bad

It looks like there has been another round of malware identified on the Google Play sore and, you guessed it, the majority is focused on banks and other financial institutions. The combination of apps found totals around 515,000 downloads. 500,000…

Read 220 times

Be the first to comment!

Financial Threat Group, FIN7 Shows Signs of Evolving Tools and Coordination with Ransomware Groups

Posted on Tuesday, 05 April 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Financial Threat Group, FIN7 Shows Signs of Evolving Tools and Coordination with Ransomware Groups

For some reason, malware, attacker tools, and even the threat groups themselves tend to be viewed and talked about as static objects (outside of the security and threat analytics world). Malware is just Malware, the same with Ransomware strains. Once…

Read 232 times

Be the first to comment!

New Tactic Could be Used to Impact Charging Stations for Electronic Vehicles

Posted on Tuesday, 05 April 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

New Tactic Could be Used to Impact Charging Stations for Electronic Vehicles

Imagine you are standing at a charging station charging your shiny new EV. You smugly look at all the antiquated gas-powered cars as they pay large amounts of money to keep their old, polluting, conveyances functional. Suddenly your charging station…

Read 265 times

Be the first to comment!

Hackers Compromise MailChimp to Pivot to Crypto and Finance

Posted on Monday, 04 April 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Over the weekend news surfaced that indicated users of Trezor hardware crypto wallets had received emails claiming Trezor had been breached and urging the user to reset their PIN as soon as possible. The emails turned out to be a…

Read 354 times

Be the first to comment!

FBI Sent out an Advisory Alleging a Targeted Campaign Against State Election Officials

Posted on Wednesday, 30 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

FBI Sent out an Advisory Alleging a Targeted Campaign Against State Election Officials

The FBI, on March 29th, released a Private Industry Notification with vague details on a potential Phishing campaign targeting election officials in at least nine US states. The information in the advisory gives very broad information without really saying much.…

Read 216 times

Be the first to comment!

Lapsus$ Releases 70GB Allegedly from IT Firm Globant Data Despite Recent Arrests

Posted on Wednesday, 30 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Lapsus$ Releases 70GB Allegedly from IT Firm Globant Data Despite Recent Arrests

Just when you might have thought things were calming down with Lapsus$, they bounce back from a “vacation” and dump what they are claiming is 70GB of data from IT group Globant. The leak comes after police in London announced…

Read 359 times

Be the first to comment!

Google Releases 2nd Patch Now Advisory of 2022 as New Actively Exploited Zero-Day Shows Up.

Posted on Monday, 28 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Google Releases 2nd Patch Now Advisory of 2022 as New Actively Exploited Zero-Day Shows Up.

Google pushed out a n Out-of-band patch for Chrome due to a high-severity on Friday (March 25th, 2022). The patch was pushed out quickly as the vulnerability, tracked as CVE-2022-1096 is being actively exploited in the wild. CVE-2022-1096 is a…

Read 316 times

Be the first to comment!

Okta Says they “made a mistake” Over Lapsus$ Incident

Posted on Monday, 28 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Okta Says they “made a mistake” Over Lapsus$ Incident

Lat week we reported on the quick change in Okta’s stance on a January security incident that turned out to be much larger and have the volatile hacking group Lapsus$ behind it. The original disclosure was that a single third-party…

Read 544 times

Be the first to comment!

After Admitting Breach, Okta Attempted to Downplay the Impact

Posted on Thursday, 24 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

After Admitting Breach, Okta Attempted to Downplay the Impact

On the 22nd of March Okta finally confirmed that they were breached in January for a period of 5 days. The breach, according to information now disclosed, happened due to the compromise of an account of a support engineer. The…

Read 937 times

Be the first to comment!

Google Message and Phone Dialer App Quietly Collecting User Data without Consent

Posted on Wednesday, 23 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Google Message and Phone Dialer App Quietly Collecting User Data without Consent

Once again Google has been caught with their hands in the personal data collection cookie jar. It seems that their Messages and Phone Dialer Apps were sending information about your calls and messages without giving the user any chance to…

Read 288 times

Be the first to comment!

Microsoft Confirms Lapsus$ Attack and Data Theft release TTPs on the Group

Posted on Wednesday, 23 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Microsoft Confirms Lapsus$ Attack and Data Theft release TTPs on the Group

Microsoft has finally acknowledged the attack and theft of source code by the Lapsus$ group (tracked as DEV-0537). According to the announcement, a single user account was compromised to gain limited access to their systems and source code. The public…

Read 331 times

Be the first to comment!

Okta, like Microsoft, Is Investigating Claims by Lapsus$ that They Have Been Breached

Posted on Tuesday, 22 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Okta, like Microsoft, Is Investigating Claims by Lapsus$ that They Have Been Breached

Earlier today we covered the leak of Microsoft source code by the Lapsus$ group. The group leaked a portion of the data they claim to have stolen in the form of a 37GB dump. This dump has added to the…

Read 297 times

Be the first to comment!

Lapsus$ Leaks Some of the Source Code they Claim they Stole from Microsoft

Posted on Tuesday, 22 March 2022 in Security Talk

Written by Sean Kalinich

Rate this item

1
2
3
4
5

(0 votes)

Lapsus$ Leaks Some of the Source Code they Claim they Stole from Microsoft

Yesterday we reported that the source code stealing group, Lapsus$, claimed they have breached and stollen source code from Microsoft. They made the announcement on their Telegram account by posting a screenshot of the projects they claimed to have access…

Read 280 times

Be the first to comment!

Start
Prev
1
2
3
4
5
6
7
8
Next
End

Page 2 of 8

Top