From The Blog

Security Talk (144)

News, and Disucssions centered on Security

Once again Google has been caught with their hands in the personal data collection cookie jar. It seems that their Messages and Phone Dialer Apps were sending information about your calls and messages without giving the user any chance to…
Microsoft has finally acknowledged the attack and theft of source code by the Lapsus$ group (tracked as DEV-0537). According to the announcement, a single user account was compromised to gain limited access to their systems and source code. The public…
Earlier today we covered the leak of Microsoft source code by the Lapsus$ group. The group leaked a portion of the data they claim to have stolen in the form of a 37GB dump. This dump has added to the…
Yesterday we reported that the source code stealing group, Lapsus$, claimed they have breached and stollen source code from Microsoft. They made the announcement on their Telegram account by posting a screenshot of the projects they claimed to have access…
The Lapsus$ group has been in the news recently for theft of source code form some high-profile targets. These targets have included companies like NVIDIA, Samsung, Vodafone, and Ubisoft. The NVIDIA event was noteworthy as it included a claim that…
Phishing, regular and spear, is a very common method of compromising accounts and gaining access to a network. In many incidents, the initial compromise can be traced back to a compromised account via some sort of phishing message. This happens…
Recently a SolarWinds Web Help Desk client reported an attempted attack on their externally facing Web Help Desk instance. The attack was caught by their EDR system which was able to block the attempt. However, the reported attack, after a…
Since the beginning of the Russian invasion of Ukraine we have seen a massive increase in what can only be called cyber warfare. This battle is not just being fought at the state level though. Even APT groups have gotten…
Multi-Factor Authentication is often seen as an answer to account compromise, or at least a partial answer to this issue. The problem is that MFA is that while it can help with account compromise, it is certainly not the end…
Yesterday we reported that insider builds of Microsoft’s Windows 11 were displaying ads for other Microsoft services inside File Explorer. Like most people, we felt this was not a good thing and the news went around the internet at a…
Ukrainian Security Officials are warning of an active phishing campaign. The campaign involves emails that impersonate government agencies and include links to what appear to be critical security updates. The payload of the campaign delivers Cobalt Strike and a few…
Microsoft, famous for bad marketing moves, is looking to make another one. In this case the mistake has not hit the general public but is in a preview build of Windows 11. The mistake is shoveling ads to people for…
PatchStack has pushed out a report that shows that a shocking 30% of vulnerabilities in WordPress sites are left unpatched. This is not to say that people are not patching (they are not), but the report illustrates that vendors for…
Emotet, (not to be confused with Imhotep the ancient Egyptian Polymath) was originally identified in 2014 and quickly became one of the top threats of the decade. After an early start as a banking trojan, the group amassed a huge…
The Security Group Binarly has disclosed 16 high-severity vulnerabilities in different implementations of UEFI firmware in HP Enterprise devices. The list of affected devices includes Laptops, Desktops, POS (point-of-sale) and edge computing nodes. The vulnerabilities range in severity from 7.5…
Linux, often thought of as a more secure alternative to Microsoft, has not had an easy year. We have seen vulnerabilities that affect the iSCSI subsystem, the Extended Berkeley Packet Filter, the Polkit pkexec component bug and now two Kernel…
Page 4 of 9