IT Security Newsletter - 12/27/2022
LastPass users: Your info and password vault data are now in hackers' hands
LastPass, one of the leading password managers, said that hackers obtained a wealth of personal information belonging to its customers as well as encrypted and cryptographically hashed passwords and other data stored in customer vaults. The revelation, posted on Thursday, represents a dramatic update to a breach LastPass disclosed in August. At the time, the company said that a threat actor gained unauthorized access and "took portions of source code and some proprietary LastPass technical information." READ MORE...
Facebook Agrees to Pay $725 Million to Settle Privacy Suit
Facebook parent Meta has agreed to pay $725 million to settle a long-running lawsuit that accused the social network of allowing third parties, including Cambridge Analytica, to access users' private data. The amount was disclosed in a court filing late on Thursday. "The proposed settlement of $725,000,000 is the largest recovery ever achieved in a data privacy class action and the most Facebook has ever paid to resolve a private class action," lawyers for the plaintiffs said in the filing. READ MORE...
Hacker claims to be selling Twitter data of 400 million users
A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They're asking $200,000 for an exclusive sale. The alleged data dump is being sold by a threat actor named 'Ryushi' on the Breached hacking forum, a site commonly used to sell user data stolen in data breaches. The threat actor claimed to have collected the data of 400+ million unique Twitter users using a vulnerability. READ MORE...
BetMGM Confirms Breach as Hackers Offer to Sell Data of 1.5 Million Customers
MGM Resorts-owned online sports betting company BetMGM confirmed suffering a data breach the same day hackers offered to sell a database containing the information of 1.5 million BetMGM customers. In a statement posted on its website on December 21, BetMGM said "patron records were obtained in an unauthorized manner". BetMGM claims there is no evidence that passwords or account funds were accessed by the hackers. READ MORE...
Godfather Android banking malware is on the rise
Researchers at Cyble Research & Intelligence Labs (CRIL) have found a new version of the Android banking Trojan called Godfather. The new version of Godfather uses an icon and name similar to a legitimate application named MYT Music, which is hosted on the Google Play Store with over 10 million downloads. Group-IB researchers established that Godfather is a successor of Anubis. READ MORE...
Zerobot malware now shooting for Apache systems
The Zerobot botnet, first detected earlier this month, is expanding the types of Internet of Things (IoT) devices it can compromise by going after Apache systems. The botnet, written in the Go programming language, is being sold as the malware-as-a-service (MaaS) model and spreads through vulnerabilities in IoT devices and web applications, according to the Microsoft Security Threat Intelligence (MSTIC) team in a report released on Wednesday. READ MORE...
EarSpy attack eavesdrops on Android phones via motion sensors
A team of researchers has developed an eavesdropping attack for Android devices that can, to various degrees, recognize the caller's gender and identity, and even discern private speech. Named EarSpy, the side-channel attack aims at exploring new possibilities of eavesdropping through capturing motion sensor data readings caused by reverberations from ear speakers in mobile devices. READ MORE...
Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes
A high-severity security vulnerability in the Kyverno admission controller for container images could allow malicious actors to import a raft of nefarious code into cloud production environments. The Kyverno admission controller offers a signature-verification mechanism designed to ensure that only signed, validated container images are being pulled into a given Kubernetes cluster READ MORE...
Critical Vulnerability in Premium Gift Cards WordPress Plugin Exploited in Attacks
Defiant's Wordfence team warns of a critical-severity vulnerability in the YITH WooCommerce Gift Cards premium WordPress plugin being exploited in attacks. The YITH WooCommerce Gift Cards plugin allows online merchants to create gift cards that their customers can purchase for their friends to use on the ecommerce store. The premium plugin has more than 50,000 installations, its developer says. READ MORE...
- ...in 1879, British actor Sydney Greenstreet, best known for his roles opposite Humphrey Bogart in "Casablanca" and "The Maltese Falcon", is born in Kent, England.
- ...in 1932, The Radio City Music Hall in New York City opens.
- ...in 1966, pro wrestler William Scott Goldberg, AKA Goldberg is born in Tulsa, OK.
- ...in 1978, Spain becomes a democracy after 40 years of fascist dictatorship under Francisco Franco's regime.