KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion.
LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing. More…
In October 2021, one of Kazakhstan’s telecommunication companies contacted Doctor Web,
with suspicion of malware in the corporate network. During the first look, we found backdoors
that were previously only used in targeted attacks. During the investigation, we also found out
that the company’s internal servers had been compromised since 2019. For several years,
Backdoor.PlugX.93 and BackDoor.Whitebird.30, the Fast Reverse Proxy (FRP) utilities, and
RemCom have been the main attackers’ tools. More…
If there are two truisms in the business world, it’s these:
1. Companies have become more reliant on computer technology than ever before to get the job done.
2. Technology has become increasingly complex over time, making it difficult for companies to discern internally how they should manage their networks and the threats against them.
These two reasons demonstrate why businesses need to take a holistic look at their IT and cybersecurity efforts. Not only does outsourcing your IT and network security programs save you time, money and effort, but it also allows you to access technologies, processes and procedures you might not otherwise have considered. As your company is busy running itself and handling your normal business needs, an outsourced IT and network security vendor might be just what you need. More…
The OAuth authentication framework provides users with a safe way to access online services without putting their credentials at risk. Here’s a quick rundown of what you should know about OAuth 2.0.
Original release date: April 27, 2022
CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have released a joint Cybersecurity Advisory that provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.
CISA encourages users and administrators to review joint Cybersecurity Advisory: 2021 Top Routinely Exploited Vulnerabilities and apply the recommended mitigations to reduce the risk of compromise by malicious cyber actors.