LastPass Users Report Mysterious Blocked Logins That Use Master Login Passwords
Users of QNAP NAS devices report eCh0raix ransomware attacks, Garrett walk-through metal detectors vulnerable to flaws, Supply chain company D.W. Morgan leaked data on shipments, customers, more
At least thirteen password storage company LastPass users report receiving notices of mysteriously blocked logins that use their accounts’ master login passwords despite storing those master logins in local encrypted KeePassX files. The blocked login reports are coming from various places worldwide.
Possible explanations for the activity include hackers using clipboard scrapers to obtain the master password when users cut and paste the password into LastPass, errant messages due to VPN usage, hackers gaining access to users’ unprotected files that store the password, credential stuffing attacks that use stolen passwords, or some problem stemming from a 2017 LastPass breach. (News.ycombinator.com)


Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt, with activity intensifying about a week before Christmas when the attacker took control of the devices with administrator privileges.
The initial infection vector remains unclear, although some users admit they didn’t take steps to secure their devices fully. Ransomware demands ranging from .024 ($1,200) to .06 bitcoins ($3,000) during these recent attacks. (Ionut Ilascu / Bleeping Computer)


Researchers at Cisco Talos discovered that two widely used walk-through metal detectors made by Garrett are vulnerable to many remotely exploitable flaws that could severely impair their functionality, thus rendering security checkpoints deficient.
Cisco Talos disclosed the flaws to Garrett on August 17, 2021, and the vendor fixed the identified issues on December 13, 2021. (Bill Toulas / Bleeping Computer)
Related: The Hacker News, Cisco Talos, Tech Times, Ubergizmo
The Website Planet security team discovered that an Amazon S3 bucket owned by D.W. Morgan, a multinational supply chain management and logistics company based in the United States, was left accessible without authorization controls in place, exposing sensitive data relating to shipments and the company’s clients.
The exposed data encompassed over 2.5 million files equating to over 100GB of data. (Website Planet)
Related: Security Affairs, Hack Read
UK Minister of State for Security and Borders Damian Hinds says the UK has added Iran to its list of hostile nations, along with Russia, China, and North Korea.
"The three countries that I mentioned to you have physical human capability, they have a big cyber presence, they're able to deploy at scale," Hinds said, referring to Iran, Russia, and China. (Iran International)
Related: Republic World, Chinanews.net, Telegraph
Although Israel’s most notorious spyware purveyor, NSO Group, has been battered in recent months by revelations of high-profile use of its technology against leading political and human rights figures, governments are more likely than ever to buy cyber capabilities from the industry NSO helped define.
Despite the legal and political black eyes endured by NSO and its peers, military contracting giants across the world now develop and sell these capabilities. Spyware technologies are also increasingly used in legitimate criminal investigations and counterterrorism and are key to espionage and military operations. (Patrick Howell O’Neill / Technology Review)


A record number of venture-backed cybersecurity companies saw exits through acquisition in 2021.
According to Crunchbase numbers, 129 venture-backed companies were acquired by private equity or strategics this year, shattering last year’s record 79 deals. (Chris Metinko / Crunchbase)
Several startups have been created to help companies cope with the complex compliance needs stipulated in privacy laws, such as the California Consumer Privacy Act and the EU’s General Data Protection Regulation.
OneTrust, a leader in the field, has valued investors at $5.3 billion. BigID, a competitor, raised $30 million in April at a $1.25 billion valuation. Another company that targets privacy regulations, TrustArc, raised $70 million in 2019. (David McCabe / New York Times)


Cybersecurity researchers at Check Point published a deep dive into a system called DoubleFeature dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group.
DanderSpritz came to light on April 14, 2017, when a hacking group known as the Shadow Brokers leaked the exploit tool, among others, under a dispatch titled "Lost in Translation. DoubleFeature functions as a "diagnostic tool for victim machines carrying DanderSpritz." (Ravie Lakshmanan / The Hacker News)
Related: Check Point
Image by Gino Crescoli from Pixabay