Colin Sullender · @shiruken
175 followers · 1026 posts · Server octodon.social
Another day, another LastPass security breach disclosure.
A threat actor was able to target a security vulnerability in Plex to enable remote code execution that allowed for installation of a keylogger on a senior DevOps engineer's home computer. The employee's master password was captured and used to gain access to the LastPass corporate vault.
The engineer was "one of only four LastPass employees with access to the corporate vault," which contained the decryption keys needed to access the AWS S3 LastPass production backups.
#LastPass #InfoSec #Hack #Plex #Security #Disclosure #ArsTechnica #DanGoodin
#lastpass #infosec #hack #plex #security #disclosure #arstechnica #dangoodin
dispatch · @dispatch
472 followers · 2723 posts · Server ioc.exchangeMicrosoft Patch Tuesday, July 2022 Edition https://krebsonsecurity.com/2022/07/microsoft-patch-tuesday-july-2022-edition/ #MicrosoftPatchTuesdayJuly2022 #CVE-2022-22022 #CVE-2022-22029 #CVE-2022-22038 #CVE-2022-22039 #CVE-2022-22041 #CVE-2022-22047 #CVE-2022-30206 #CVE-2022-30221 #CVE-2022-30226 #SecurityTools #ImmersiveLabs #SergiuGatlan #TimetoPatch #GregWiseman #KevinBreen #DanGoodin #Tenable #Rapid7
#microsoftpatchtuesdayjuly2022 #CVE #SecurityTools #ImmersiveLabs #sergiugatlan #TimetoPatch #GregWiseman #KevinBreen #dangoodin #Tenable #rapid7
ITSEC News · @itsecbot
856 followers · 32559 posts · Server schleuss.onlineMicrosoft Patch Tuesday, July 2022 Edition - Microsoft today released updates to fix at least 86 security vulnerabilities in it... https://krebsonsecurity.com/2022/07/microsoft-patch-tuesday-july-2022-edition/ #microsoftpatchtuesdayjuly2022 #cve-2022-22022 #cve-2022-22029 #cve-2022-22038 #cve-2022-22039 #cve-2022-22041 #cve-2022-22047 #cve-2022-30206 #cve-2022-30221 #cve-2022-30226 #securitytools #immersivelabs #sergiugatlan #timetopatch #gregwiseman #kevinbreen #dangoodin #tenable
#tenable #dangoodin #kevinbreen #gregwiseman #timetopatch #sergiugatlan #immersivelabs #securitytools #cve #microsoftpatchtuesdayjuly2022
dispatch · @dispatch
472 followers · 2723 posts · Server ioc.exchangeLeaked Chats Show LAPSUS$ Stole T-Mobile Source Code https://krebsonsecurity.com/2022/04/leaked-chats-show-lapsus-stole-t-mobile-source-code/ #MobileDeviceManagement #emergencydatarequest #Ne'er-Do-WellNews #ALittleSunshine #sourcecodetheft #ElectronicArts #RecursionTeam #RussianMarket #T-MobileAtlas #Breadcrumbs #SIMSwapping #Lapsus$Jobs #SIMswapping #WhiteDoxbin #Flashpoint #Bitbucket #DanGoodin #microsoft #Everlynn #Michelin #SWATting #T-Mobile #Genesis #Globant #LAPSUS$ #Samsung #Amtrak #Mox
#MobileDeviceManagement #emergencydatarequest #ne #ALittleSunshine #sourcecodetheft #electronicarts #recursionteam #russianmarket #t #Breadcrumbs #simswapping #lapsus #whitedoxbin #flashpoint #bitbucket #dangoodin #microsoft #everlynn #michelin #SWATting #genesis #Globant #samsung #amtrak #mox
ITSEC News · @itsecbot
856 followers · 32557 posts · Server schleuss.onlineLeaked Chats Show LAPSUS$ Stole T-Mobile Source Code - KrebsOnSecurity recently reviewed a copy of the private chat messages between memb... https://krebsonsecurity.com/2022/04/leaked-chats-show-lapsus-stole-t-mobile-source-code/ #mobiledevicemanagement #emergencydatarequest #neer-do-wellnews #alittlesunshine #sourcecodetheft #electronicarts #recursionteam #russianmarket #t-mobileatlas #breadcrumbs #simswapping #lapsus$jobs #whitedoxbin #flashpoint #bitbucket #dangoodin #microsoft #amtrak
#amtrak #microsoft #dangoodin #bitbucket #flashpoint #whitedoxbin #lapsus #simswapping #breadcrumbs #t #russianmarket #recursionteam #electronicarts #sourcecodetheft #alittlesunshine #neer #emergencydatarequest #mobiledevicemanagement
dispatch · @dispatch
472 followers · 2723 posts · Server ioc.exchangeActions Target Russian Govt. Botnet, Hydra Dark Market https://krebsonsecurity.com/2022/04/actions-target-russian-govt-botnet-hydra-dark-market/ #GermanFederalCriminalPoliceOffice #MainIntelligenceDirectorate #U.S.DepartmentofTreasury #U.S.DepartmentofJustice #FederalSecurityService #Ne'er-Do-WellNews #CyclopsBlink #Dragonfly2.0 #WebFraud2.0 #ArsTechnica #HydraMarket #Ransomware #BeserkBear #RussianFSB #VoodooBear #WatchGuard #DanGoodin #VPNFilter #Garantex #NotPetya #Sandworm #Trisis #Triton
#GermanFederalCriminalPoliceOffice #MainIntelligenceDirectorate #U #FederalSecurityService #ne #cyclopsblink #dragonfly2 #WebFraud2 #arstechnica #HydraMarket #ransomware #BeserkBear #RussianFSB #VoodooBear #watchguard #dangoodin #vpnfilter #garantex #NotPetya #sandworm #Trisis #triton
dispatch · @dispatch
472 followers · 2723 posts · Server ioc.exchangeAnother 0-Day Looms for Many Western Digital Users https://krebsonsecurity.com/2021/07/another-0-day-looms-for-many-western-digital-users/ #LatestWarnings #TheComingStorm #WesternDigital #RadekDomanski #PedroRibeiro #TimetoPatch #ArsTechnica #MyBookLive #MyCloudOS3 #MyCloudOS5 #DanGoodin #Pwn2Own
#LatestWarnings #TheComingStorm #westerndigital #radekdomanski #pedroribeiro #TimetoPatch #arstechnica #MyBookLive #mycloudos3 #mycloudos5 #dangoodin #pwn2own
ITSEC News · @itsecbot
856 followers · 32557 posts · Server schleuss.onlineAnother 0-Day Looms for Many Western Digital Users - Some of Western Digital’s MyCloud-based data storage devices. Image: WD.
Countless... https://krebsonsecurity.com/2021/07/another-0-day-looms-for-many-western-digital-users/ #latestwarnings #thecomingstorm #westerndigital #radekdomanski #pedroribeiro #timetopatch #arstechnica #mybooklive #mycloudos3 #mycloudos5 #dangoodin #pwn2own
#pwn2own #dangoodin #mycloudos5 #mycloudos3 #MyBookLive #arstechnica #timetopatch #pedroribeiro #radekdomanski #westerndigital #thecomingstorm #latestwarnings
dispatch · @dispatch
472 followers · 2723 posts · Server ioc.exchangeIowa Prosecutors Drop Charges Against Men Hired to Test Their Security https://krebsonsecurity.com/2020/01/iowa-prosecutors-drop-charges-against-men-hired-to-test-their-security/ #DallasCountyAttorneyCharlesSinnard #StateSen.AmySinclair #Sen. ZachWhiting #ALittleSunshine #ChrisNickerson #GaryDeMercurio #MatthewLinholm #DallasCounty #ArsTechnica #ChadLeonard #TomMcAndrew #JustinWynn #DanGoodin #Coalfire
#DallasCountyAttorneyCharlesSinnard #StateSen #Sen #ALittleSunshine #ChrisNickerson #GaryDeMercurio #MatthewLinholm #DallasCounty #arstechnica #ChadLeonard #TomMcAndrew #JustinWynn #dangoodin #coalfire