Here are this week’s highlights in cybersecurity:

  • The U.S. Marshals Service is investigating the theft of sensitive law enforcement information following a ransomware attack. The stolen data includes employees’ personally identifiable information. More
  • LastPass disclosed a second incident in which attackers targeted a DevOps Engineer with access to the company’s AWS environment. The hackers installed a keylogger on the employee’s personal device by exploiting a remote code execution vulnerability in a third-party media software package (according to unofficial sources – Plex). This lead to compromising the master password and obtaining access to the LastPass corporate vault. More
  • Dish Network has confirmed that a ransomware attack was the cause of a multi-day network and service outage that started on Friday. More
  • GitHub announced that its secret scanning alerts service is now available for all public repositories. Example of such secrets are API keys, passwords, authentication tokens, and other confidential data that can enable attackers access non-public systems or data. More
  • An Australian woman was arrested for email bombing the office of a Federal Member of Parliament. Allegedly, the woman used multiple domains to send 32,397 emails over a 24-hour period until her arrest, which resulted in continued disruption and harassment. More
  • Hatch Bank says hackers used a remote code execution vulnerability in Fortra GoAnywhere MFT secure file-sharing platform to steal 140,000 customer names and social security numbers. The Clop ransomware gang claimed to have exploited the flaw, tracked as CVE-2023-0669, to steal data from more than 130 organizations. More
  • BlackLotus UEFI bootkit bypasses Secure Boot on a fully patched Windows 11 system by exploiting a more than one year old vulnerability (CVE-2022-21894). The malware is sold for $5000 and because of its position in the boot process, it can also bypass security security products. More

Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.