Cyber Bites

Password management giant LastPass has revealed details of a security incident earlier this month in which proprietary information was stolen by threat actors. The company said that the intrusions took place two weeks ago. The firm said that the intrusion took place two weeks ago. “We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some...

The Dominican Republic's Instituto Agrario Dominicano (IAD) has suffered a Quantum ransomware attack. The attack encrypted multiple services and workstations throughout the government agency. The IAD is part of the Ministry of Agriculture and is responsible for executing Agrarian Reform programmes in the country. According to local media reports, the ransomware attack occurred on 18th August, which has impacted the agency's usual operations. IAD Director of Technology, Walixson Amaury Nuñez, told local media "they ask for...

The EU's Justice and Home Affairs Agencies' Network (JHAAN) has released new details of its continued work to monitor and contain cyber-threats since Russia's invasion of Ukraine. A recently published paper, Contributing to the EU's Solidarity with Ukraine, outlines the work of nine EU agencies in this area. The list includes the European Union Agency for the Operational Management of Large-Scale IT Systems (eu-LISA). It has been helping member states improve cyber-monitoring and protection of...

According to a new study by BlueVoyant, the percentage of media companies susceptible to compromise is double the figure across all other sectors. The vendor performed a cybersecurity posture analysis on 485 organisations from the media industry. The findings were compiled in its Media Industry Cybersecurity Challenges report. Prompt patching appeared a challenge for media companies, with 60% of identified systems still unprotected six weeks after a patch. 30% of the media companies analysed are...

Budget Android device models that are counterfeit versions associated with popular smartphone brands contain multiple hidden trojans designed to target WhatsApp and WhatsApp Business messaging app. Doctor Web first came across the malware in July 2022. It was discovered in the system partition of at least four different smartphones: radmi note 8, P48pro, Note30u, and Mate40. The cybersecurity firm published a report earlier this week. It stated: "These incidents are united by the fact that...

General Bytes, the Bitcoin ATM manufacturer, confirmed that it was the victim of a cyberattack that exploited a previously unknown flaw in its software to steal cryptocurrency from its users. The company issued an advisory last week. It stated: "The attacker was able to create an admin user remotely via CAS administrative interface via a URL call on the page that is used for the default installation on the server and creating the first administration...

Cryptojackers, trojanised crypto-currency miners, continue to spread across computers globally, while also becoming stealthier and increasingly avoiding detection. The new analysis was published by Microsoft's 365 Defender Research Team on Thursday. The technical write up reads: “In the past several months, Microsoft Defender Antivirus detected cryptojackers on hundreds of thousands of devices every month." “These threats also continue to evolve: recent cryptojackers have become stealthier, leveraging living-off-the-land binaries (LOLBins) to evade detection.” Cryptojackers are using...

Amazon have patched a high-severity security issue in its Ring app for Android in May that could have enabled a rogue application installed on a user's device to access sensitive information and camera recordings. The Ring app for Android has over 10 million downloads. Application security firm Checkmarx explained that it identified a cross-site scripting (XSS) flaw that said it could be weaponised as part of an attack chain to trick victims into installing a...

On Wednesday, Apple released security updates for iOS, iPadOS and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise devices. The issues were: CVE-2022-32893 - An out-of-bounds issue in WebKit which potentially lead to the execution of arbitrary code by processing a specially crafted web content CVE-2022-32894 - An out-of-bounds issue in the operating system's Kernel that could be abused by a malicious application to execute arbitrary code with the highest...

The North Korea state-backed Lazarus Group has been observed to be targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. ESET, a Slovak cybersecurity firm, linked these events to a campaign dubbed "Operation In(ter)ception" that was first disclosed in June 2020 and involved using social engineering tactics to trick employees working in the military and aerospace sectors into opening fake job offer documents. The latest attack is no...