Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Credit to Author: BrianKrebs| Date: Sat, 15 Jun 2024 23:40:20 +0000

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

Read more

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Credit to Author: BrianKrebs| Date: Tue, 30 Jan 2024 19:07:18 +0000

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.

Read more

LastPass was undone by an attack on a remote employee

Categories: News

Tags: LastPass

Tags: remote

Tags: work

Tags: worker

Tags: VPN

Tags: media player

Tags: compromise

Tags: breach

Tags: AWS

Tags: cloud

Tags: storage

The attackers responsible for the LastPass breach compromised a remote worker’s computer.

(Read more…)

The post LastPass was undone by an attack on a remote employee appeared first on Malwarebytes Labs.

Read more

A week in security (January 16—22)

Categories: News

Tags: Google

Tags: Rust

Tags: Chromium

Tags: Mailchimp

Tags: SweepWizard

Tags: bossware

Tags: TikTok

Tags: surveillance firm

Tags: Voyager Labs

Tags: TracketPacer

Tags: Facebook

Tags: Instagram

Tags: Vice Society

Tags: Liquor Control Board of Ontario

Tags: Zoho ManageEngine

Tags: GitHub

Tags: LastPass

Tags: Git flaw

Tags: ransomware

Tags: credit card fraud

The most interesting security related news from the week of January 16-22.

(Read more…)

The post A week in security (January 16—22) appeared first on Malwarebytes Labs.

Read more

LastPass users should move their crypto funds, experts warn

Categories: News

Tags: LastPass

Tags: breach

Tags: cryptocurrency

Tags: unencrypted data

Tags: vault

Tags: secret key

Tags: lawsuit

Experts are warning LastPass users to move their crypto funds since there are plenty of indications that the breach is actively being exploited against cryptocurrency owners

(Read more…)

The post LastPass users should move their crypto funds, experts warn appeared first on Malwarebytes Labs.

Read more

LastPass updates security notice with information about a recent incident

Categories: News

Tags: LastPass

Tags: security

Tags: incident

Tags: update

Tags: notice

Tags: unencrypted data

Tags: password manager

LastPass has posted an update to the August security incident that raises some questions about stolen unencrypted data

(Read more…)

The post LastPass updates security notice with information about a recent incident appeared first on Malwarebytes Labs.

Read more

ConnectWise Quietly Patches Flaw That Helps Phishers

Credit to Author: BrianKrebs| Date: Thu, 01 Dec 2022 19:35:11 +0000

ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just days after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks.

Read more