Cybersecurity Snapshots #29 - The LAPSUS$ Hacking Group

Security firms are pushing for improved cloud vulnerability and risk management. Significant gaps exist in the Common Vulnerability and Exposures (CVE) system as dangerous flaws contained by cloud services are not addressed. Oftentimes, cloud providers…

Security researchers at CySource discovered a security flaw that attackers could have exploited to use the VirusTotal platform as a channel for achieving Remote Code Execution (RCE) on unpatched third-party sandboxing machines used by antivirus engines.…

Web Application Program Interfaces (APIs) have grown as integrated web and mobile-based offerings require more data sharing across products. Security challenges such as broken authentication, accidental disclosure, or the breach of data come with the…

Two Dutch researchers won $90,000 and a championship trophy at Pwn2Own Miami 2022, a hacking contest focused on Industrial Control Systems (ICS), by hitting the software that runs the world's power grids, gas pipelines, and more. Daan Keuper and Thijs…

The US telecommunications carrier T-Mobile has confirmed that the Lapsus$ ransomware group breached its internal network through compromised employee accounts. However, the company claims that the hackers did not steal any sensitive customer or…

"Hack DHS," the US Department of Homeland Security's (DHS) first bug bounty with external researchers, resulted in the discovery of 122 vulnerabilities, 27 or nearly 22 percent of which were found to be critical. The bug bounty involved over 450 vetted…

Security researchers at application security firm Sonar have discovered that an unpatched vulnerability affecting the RainLoop webmail client can be exploited to hijack a user’s session and steal their emails.  RainLoop is an open source web-based…

LemonDuck botnet operators are targeting Docker instances in a cryptocurrency mining campaign. According to researchers, LemonDuck is a cryptocurrency mining malware with a botnet structure that exploits older vulnerabilities such as the Microsoft…

The US Department of Health and Human Services' (HHS) Health Sector Cybersecurity Coordination Center (HC3) released an analyst note pertaining to the Hive ransomware group, a cybercrime group that has launched several attacks against the healthcare…

The BlackCat ransomware gang has become one of the major ransomware threats. BlackCat, also known as ALPHV, appears to be a descendant of the BlackMatter ransomware group. The group has been in operation since November and has launched significant…

A security researcher named Michael Heinzl has discovered several vulnerabilities, including ones rated critical- and high-severity, in industrial products made by Elcomplus, a Russian company specializing in professional radio communications and…