LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems.
The company said one of its DevOps engineers had their personal home computer breached and infected with a keylogger as part of a sustained cyber attack that exfiltrated

https://thehackernews.com/2023/02/lastpa...ttack.html

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.
Tracked as CVE-2022-36537 (CVSS score: 7.5), the issue impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and allows threat actors to retrieve sensitive

https://thehackernews.com/2023/02/cisa-i...ctive.html

APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia.
The activity, which was detected by the BlackBerry Research and Intelligence Team on February 20, 2023, is also said to encompass Ecuador, Chile, and Spain, suggesting a slow expansion of the hacking group's victimology footprint.
Targeted entities include health, financial, law

https://thehackernews.com/2023/02/apt-c-...eagle.html

Application Security vs. API Security: What is the difference?

As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components of a comprehensive security strategy. By utilizing these practices, organizations can protect themselves

https://thehackernews.com/2023/02/applic...urity.html

New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises

A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within enterprise networks while flying under the radar.
"It comes with a wide range of capabilities, making post-exploitation a cakewalk for anyone purchasing the tool," CYFIRMA said in a new report.
Some of the notable features include establishing a reverse shell

https://thehackernews.com/2023/02/new-ex...-with.html

Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain

Romanian cybersecurity company Bitdefender has released a free universal decryptor for a nascent file-encrypting malware known as MortalKombat.
MortalKombat is a new ransomware strain that emerged in January 2023. It's based on a commodity ransomware dubbed Xorist and has been observed in attacks targeting entities in the U.S., the Philippines, the U.K., and Turkey.
Xorist, detected since 2010,

https://thehackernews.com/2023/02/bitdef...r-for.html

Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques

Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT.
The malware "uses injection techniques to hide within legitimate processes, making it difficult to detect," Uptycs said in a new report. "Once it has been successfully injected, attackers can interact with their victim via Windows Notepad that likely serves as a

https://thehackernews.com/2023/03/parall...rency.html

Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Pri

Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar, months after piloting the feature in late 2022.
The data privacy controls enable "even more organizations to become arbiters of their own data and the sole party deciding who has access to it," Google's Ganesh Chilakapati and Andy Wen said.
To that end, users can send and receive emails or

https://thehackernews.com/2023/03/gmail-...pport.html

CISOs Are Stressed Out and It's Putting Companies at Risk

Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of how employee mental health impacts business outcomes. 
But for cybersecurity professionals, stress has always been a part of the job.
A new survey revealed that one of the most concerning aspects of employee mental health is how it impacts cybersecurity programs and,

https://thehackernews.com/2023/03/cisos-...tting.html

BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11

A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing Secure Boot defenses, making it a potent threat in the cyber landscape.
"This bootkit can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled," Slovak cybersecurity company ESET said in a report shared with The Hacker News.

https://thehackernews.com/2023/03/blackl...otkit.html