Australian Firm Behind Passwordstate Compromised in Supply Chain Attack
AirDrop flaws can expose private information, Emotet was automatically wiped from infected computers, Data from 20 million BigBasket users compromised in a breach, DoD releases 175M IP addresses, more
Check out our special edition from yesterday on the death of hacking pioneer Dan Kaminsky at 42.
Click Studios, the Australian software firm behind password manager application Passwordstate, notified its 29,000 customers that an unknown threat actor compromised the update mechanism of Passwordstate.
According to press reports, the malware-laced update was live for 28 hours between April 20, 20:33 UTC and April 22, 00:30 UTC. Danish security firm CSIS said the app’s password cache was stolen. Click Studios told customers to change all the passwords they stored inside compromised Passwordstate password managers as soon as possible. (Catalin Cimpanu / The Record)
Related: Reddit - cybersecurity, Gizmodo, E Hacking News, Bleeping Computer, DataBreaches.net, SecureReading, Cyber Kendra, Ars Technica, Cyberscoop, TechCrunch, Bleeping Computer, ZDNet, IT Wire, Dark Reading, The Record, CSIS Group, Techradar, SecurityWeek, PCMag.com, SlashGear, Security Affairs, The Hacker News
Just Another Nerd @NicoleBeckwithPassword manager compromised: https://t.co/gaYYmWzYid
Researchers at TU Darmstadt discovered that the process which Apple’s AirDrop uses to find and verify someone on a receiver's phone can expose private information.
The researchers found that the mutual authentication mechanism that confirms both the receiver and sender are on each other's address book could be used to expose private information, such as phone number and email address. (Sami Fathi / MacRumors)
Related: Security - Computing, WCCFtech, MacRumors, Macworld, Graham Cluley, Graham Cluley, Hot for Security, iPhone Hacks, AppleInsider, MobileSyrup.com, WCCFtech, WCCFtech, HotHardware.com, Mashable, Cyberscoop, The Mac Observer, Naked Security, Macworld, CNET News, HOTforSecurity, Darmstadt University
Mining technology organization Gyrodata said that a ransomware attack has potentially leaked the sensitive information of current and former employees.
Among the potentially exposed data are names, addresses, dates of birth, drivers’ license numbers, social security numbers, passport numbers, W-2 tax forms, and health plan enrollment information. (Jessica Haworth / The Daily Swig)
Researchers at Malwarebytes confirmed that the notorious malware Emotet was automatically wiped from infected computers en masse following a European law enforcement operation called Operation Ladybird that shut down the entire Emotet malware network three months ago.
Dutch police involved in the operation initially said that the Emotet malware on targeted computers would be quarantined. (Ravie Lakshmanan / The Hacker News)
About 20 million alleged BigBasket users’ data leaked on a well-known cybercrime forum months after the Indian grocery delivery startup confirmed it had faced a data breach.
The leaked database includes email address, phone number, address, scrambled password, date of birth, and scores of interactions they had with the service. (Manish Singh / TechCrunch)
The European Data Protection Supervisor (EDPS) called for remote biometric surveillance in public places to be banned outright under incoming AI legislation proposed by EU lawmakers.
In a press release, the EDPS said, “A stricter approach is necessary given that remote biometric identification, where AI may contribute to unprecedented developments, presents extremely high risks of deep and non-democratic intrusion into individuals’ private lives.” (Natasha Lomas / TechCrunch)
A ransomware gang that scanned for QNAP devices connected to the Internet and exploited them using the recently disclosed vulnerabilities made $260,000 in just five days.
The simple approach allowed the hackers to encrypt over a thousand, if not thousands, of devices in just five days using a time-tested encryption algorithm built into the 7zip archive utility. (Lawrence Abrams / Bleeping Computer)
Researchers at Aliyun, Lacework Labs, and Juniper Threat Labs discovered that a crypto-mining botnet actively scans vulnerable Windows and Linux enterprise servers and infects them with Monero (XMRig) miners and self-spreader malware payloads.
The latest samples spotted in the wild have also added support for the Nanopool mining pool after removing support for MineXMR. (Sergiu Gatlan / Bleeping Computer)
An obscure Florida company called Global Resource Systems LLC now controls 175 million IP addresses owned by the Pentagon, representing the most dramatic shift in IP address space allotment since BGP (border gateway protocol) was introduced in the 1980s.
The shift was caused by an elite Pentagon unit known as the Defense Digital Service (DDS), which reports directly to the secretary of defense which authorized a “pilot effort” publicizing the IP space owned by the Pentagon. However, what the DDS is attempting to achieve is unclear. (Craig Timberg, Paul Sonne / Washington Post)