Check out our special edition from yesterday on the death of hacking pioneer Dan Kaminsky at 42.

Click Studios, the Australian software firm behind password manager application Passwordstate, notified its 29,000 customers that an unknown threat actor compromised the update mechanism of Passwordstate.

According to press reports, the malware-laced update was live for 28 hours between April 20, 20:33 UTC and April 22, 00:30 UTC. Danish security firm CSIS said the app’s password cache was stolen. Click Studios told customers to change all the passwords they stored inside compromised Passwordstate password managers as soon as possible. (Catalin Cimpanu / The Record)

Related: Reddit - cybersecurity, Gizmodo, E Hacking News, Bleeping Computer, DataBreaches.net, SecureReading, Cyber Kendra, Ars Technica, Cyberscoop, TechCrunch, Bleeping Computer, ZDNet, IT Wire, Dark Reading, The Record, CSIS Group, Techradar, SecurityWeek, PCMag.com, SlashGear, Security Affairs, The Hacker News

peterkruse @peterkruse

Supply chain attack on the password manager Clickstudios - #PASSWORDSTATE, csis.dk/newsroom-blog-… #moserpassMoserpass supply chaincsis.dk

April 23rd 2021

138 Retweets178 Likes

[Insert Name] @cyborg00101

For those organizations that had Solarwinds... found out they still had exchange, then pulse secure, and learned what codecov is... thought well luckily we have a password/secrets manager to conduct bulk resets/rotations... https://t.co/v8XPYO1yoH

Just Another Nerd @NicoleBeckwith

Password manager compromised: https://t.co/gaYYmWzYid

April 24th 2021

22 Retweets60 Likes

Researchers at TU Darmstadt discovered that the process which Apple’s AirDrop uses to find and verify someone on a receiver's phone can expose private information.

The researchers found that the mutual authentication mechanism that confirms both the receiver and sender are on each other's address book could be used to expose private information, such as phone number and email address. (Sami Fathi / MacRumors)

Related: Security - Computing, WCCFtech, MacRumors, Macworld, Graham Cluley, Graham Cluley, Hot for Security, iPhone Hacks, AppleInsider, MobileSyrup.com, WCCFtech, WCCFtech, HotHardware.com, Mashable, Cyberscoop, The Mac Observer,  Naked Security, Macworld, CNET News, HOTforSecurity, Darmstadt University

Mining technology organization Gyrodata said that a ransomware attack has potentially leaked the sensitive information of current and former employees.

Among the potentially exposed data are names, addresses, dates of birth, drivers’ license numbers, social security numbers, passport numbers, W-2 tax forms, and health plan enrollment information. (Jessica Haworth / The Daily Swig)

Related: Infosecurity Magazine, InForney

Researchers at Malwarebytes confirmed that the notorious malware Emotet was automatically wiped from infected computers en masse following a European law enforcement operation called Operation Ladybird that shut down the entire Emotet malware network three months ago.

Dutch police involved in the operation initially said that the Emotet malware on targeted computers would be quarantined. (Ravie Lakshmanan / The Hacker News)

Related: Reddit-hacking, DIGIT, CISO MAG, Security Affairs, ZDNet, The Register - Security, Malwarebytes

About 20 million alleged BigBasket users’ data leaked on a well-known cybercrime forum months after the Indian grocery delivery startup confirmed it had faced a data breach.

The leaked database includes email address, phone number, address, scrambled password, date of birth, and scores of interactions they had with the service. (Manish Singh / TechCrunch)

Related: E Hacking News, TechDator

The European Data Protection Supervisor (EDPS) called for remote biometric surveillance in public places to be banned outright under incoming AI legislation proposed by EU lawmakers.

In a press release, the EDPS said, “A stricter approach is necessary given that remote biometric identification, where AI may contribute to unprecedented developments, presents extremely high risks of deep and non-democratic intrusion into individuals’ private lives.” (Natasha Lomas / TechCrunch)

Related: RT News, The South African, Privacy Online News, Inc.com, Gadgets Now, CyberNews, Gadgets Now, Yle News | Tuoreimmat uutiset, BiometricUpdate, Lawfare, EDPS

Share Metacurity

A ransomware gang that scanned for QNAP devices connected to the Internet and exploited them using the recently disclosed vulnerabilities made $260,000 in just five days.

The simple approach allowed the hackers to encrypt over a thousand, if not thousands, of devices in just five days using a time-tested encryption algorithm built into the 7zip archive utility. (Lawrence Abrams / Bleeping Computer)

Related: The Register - Security, TechDator

Researchers at Aliyun, Lacework Labs, and Juniper Threat Labs discovered that a crypto-mining botnet actively scans vulnerable Windows and Linux enterprise servers and infects them with Monero (XMRig) miners and self-spreader malware payloads.

The latest samples spotted in the wild have also added support for the Nanopool mining pool after removing support for MineXMR. (Sergiu Gatlan / Bleeping Computer)

Related: Cybersecurity Review, TechDator, E Hacking News

An obscure Florida company called Global Resource Systems LLC now controls 175 million IP addresses owned by the Pentagon, representing the most dramatic shift in IP address space allotment since BGP (border gateway protocol) was introduced in the 1980s.

The shift was caused by an elite Pentagon unit known as the Defense Digital Service (DDS), which reports directly to the secretary of defense which authorized a “pilot effort” publicizing the IP space owned by the Pentagon. However, what the DDS is attempting to achieve is unclear. (Craig Timberg, Paul Sonne / Washington Post)

Related: SecurityWeek, Daily Mail, Kentik

Photo by iMattSmart on Unsplash