data loss – Page 5 – PossibleThreat Articles

LastPass: The crooks used a keylogger to crack a corporatre password vault

February 27, 2023 0 Comments breach, data loss, keylogger, lastpass, malware

Credit to Author: Paul Ducklin| Date: Tue, 28 Feb 2023 02:23:16 +0000

Seems the crooks implanted a keylogger via a vulnerable media app (LastPass politely didn’t say which one!) on a developer’s home computer.

Security Sophos

Beware rogue 2FA apps in App Store and Google Play – don’t get hacked!

February 26, 2023 0 Comments 2-factor Authentication, 2fa, authenticator, authenticator app, Cryptography, data loss, malware, mysk_co, tommy mysk, totp

Credit to Author: Paul Ducklin| Date: Mon, 27 Feb 2023 02:10:56 +0000

Even in Apple’s and Google’s “walled gardens”, there are plenty of 2FA apps that are either dangerously incompetent, or unrepentantly malicious. (Or perhaps both.)

Security Sophos

S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]

February 23, 2023 0 Comments 2fa, Coinbase, Crypto, cryptocurrency, Cybercrime, data loss, godaddy, malware, Naked Security Podcast, Podcast, Privacy, twitter

Credit to Author: Paul Ducklin| Date: Thu, 23 Feb 2023 17:58:20 +0000

Latest episode – listen now! Top-notch advice for cybersecurity, both at work and at home.

Security Sophos

NPM JavaScript packages abused to create scambait links in bulk

February 22, 2023 0 Comments clickbait, data loss, npm, rogue packages, scamming, Spam

Credit to Author: Paul Ducklin| Date: Wed, 22 Feb 2023 18:59:20 +0000

Free spins? Bonus game points? Cheap social media followers? What harm could it possibly do if you just take a tiny little look?!

Security Sophos

Coinbase breached by social engineers, employee data stolen

February 21, 2023 0 Comments breach, Coinbase, Crypto, cryptocurrency, data loss, mdr, Social engineering, XDR

Credit to Author: Paul Ducklin| Date: Tue, 21 Feb 2023 17:58:54 +0000

Another day, another “sophisticated” attack. This time, the company has handily included some useful advice along with its mea culpa…

Security Sophos

GoDaddy admits: Crooks hit us with malware, poisoned customer websites

February 19, 2023 0 Comments breach, data loss, godaddy, malware

Credit to Author: Paul Ducklin| Date: Mon, 20 Feb 2023 01:36:02 +0000

New report admits that attackers were detected in the network about three months ago, and may have been attacking for about three years.

Security Sophos

Reddit admits it was hacked and data stolen, says “Don’t panic”

February 10, 2023 0 Comments breach, data loss, reddit

Credit to Author: Paul Ducklin| Date: Fri, 10 Feb 2023 17:59:06 +0000

Reddit is suggesting three tips as a follow-up to this breach. We agree with two of them but not with the third…

Security Sophos

Finnish psychotherapy extortion suspect arrested in France

February 6, 2023 0 Comments data breach, data loss, extortion, Law & order, vastaamo

Credit to Author: Naked Security writer| Date: Mon, 06 Feb 2023 16:13:16 +0000

Company transcribed ultra-personal conversations, didn’t secure them. Criminal stole them, then extorted thousands of vulnerable patients.

Security Sophos

Password-stealing “vulnerability” reported in KeePass – bug or feature?

February 1, 2023 0 Comments Cryptography, cve-2023-24055, data leakage, data loss, keepass, trigger, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 01 Feb 2023 18:58:48 +0000

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?

Security Sophos

GitHub code-signing certificates stolen (but will be revoked this week)

January 31, 2023 0 Comments certificate breach, code signing, compromise, data loss, github, Microsoft, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 31 Jan 2023 11:35:30 +0000

There was a breach, so the bad news isn’t great, but the good news isn’t too bad…