Author: infossl

LastPass Breach

Posted on By infossl
breaches, cloud computing, data breaches, Password Safe, passwords, Security technology, Uncategorized

Last August, LastPass reported a security breach, saying that no customer information—or passwords—were compromised. Turns out the full story is worse: While no customer data was accessed during the August 2022 incident, some source code and technical information were stolen from our development environment and used to target another employee, obtaining credentials and keys which … Read More “LastPass Breach” »

Critical Microsoft Code-Execution Vulnerability

Posted on By infossl
microsoft, patching, Security technology, Uncategorized, vulnerabilities, windows

A critical code-execution vulnerability in Microsoft Windows was patched in September. It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Also, like EternalBlue, it’s wormable, meaning that a single exploit can trigger a … Read More “Critical Microsoft Code-Execution Vulnerability” »

Ukraine Intercepting Russian Soldiers’ Cell Phone Calls

Posted on By infossl
cell phones, eavesdropping, iphone, russia, Security technology, smartphones, ukraine, Uncategorized

They’re using commercial phones, which go through the Ukrainian telecom network: “You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air,” said Alperovitch. “That doesn’t pose too … Read More “Ukraine Intercepting Russian Soldiers’ Cell Phone Calls” »

Trojaned Windows Installer Targets Ukraine

Posted on By infossl
backdoors, malware, russia, Security technology, supply chain, torrents, ukraine, Uncategorized

Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people downloading pirated copies of the operating system: Mandiant uncovered a socially engineered supply chain operation focused on Ukrainian government entities that leveraged trojanized ISO files masquerading as legitimate Windows 10 Operating System … Read More “Trojaned Windows Installer Targets Ukraine” »

How to Surrender to a Drone

Posted on By infossl
drones, russia, Security technology, ukraine, Uncategorized, war

The Ukrainian army has released an instructional video explaining how Russian soldiers should surrender to a drone: “Seeing the drone in the field of view, make eye contact with it,” the video instructs. Soldiers should then raise their arms and signal they’re ready to follow. After that the drone will move up and down a … Read More “How to Surrender to a Drone” »

Apple Patches iPhone Zero-Day

Posted on By infossl
apple, ios, iphone, patching, Security technology, Uncategorized, zero-day

The most recent iPhone update—to version 16.1.2—patches a zero-day vulnerability that “may have been actively exploited against versions of iOS released before iOS 15.1.” News: Apple said security researchers at Google’s Threat Analysis Group, which investigates nation state-backed spyware, hacking and cyberattacks, discovered and reported the WebKit bug. WebKit bugs are often exploited when a … Read More “Apple Patches iPhone Zero-Day” »