Dec 23, 2022Ravie LakshmananEncryption / Privacy / Browser The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, scanning passwords against breached…
Dec 23, 2022Ravie LakshmananEncryption / Privacy / Browser The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, checking passwords against breached…
Dec 23, 2022Ravie LakshmananEncryption / Privacy / Browser The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, checking passwords against breached…
Dec 23, 2022Ravie LakshmananCyber Espionage / Pakistani Hackers A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that’s used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. “.LNK files are…
Dec 23, 2022Ravie LakshmananPassword Management / Data Breach The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults by using…
An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate’s organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware attacks. It has also exposed deeper associations between the group and the larger threat ecosystem comprising the now-defunct ransomware DarkSide, REvil, and LockBit families. The highly active threat group, also known as Carbanak,…
An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate’s organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware attacks. It has also exposed deeper associations between the group and the larger threat ecosystem comprising the now-defunct ransomware DarkSide, REvil, and LockBit families. The highly active threat group, also known as Carbanak,…
An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate’s organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware attacks. It has also exposed deeper associations between the group and the larger threat ecosystem comprising the now-defunct ransomware DarkSide, REvil, and LockBit families. The highly active threat group, also known as Carbanak,…
Dec 22, 2022Ravie LakshmananSoftware Security / Data Breach Okta, a company that provides identity and access management services, disclosed on Wednesday that some of its source code repositories were accessed in an unauthorized manner earlier this month. “There is no impact to any customers, including any HIPAA, FedRAMP or DoD customers,” the company said in…
Dec 21, 2022Ravie Lakshmanan The Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia, and Europe since at least September 2022. “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing…
