LockBit says they stole data in London Drugs ransomware attack
the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen data online after allegedly failed negotiations
"The more effective approach to both risks is a focused pursuit of secure-by-default systems in the long term, and a focus on investment in engineering defenses such as unphishable credentials (like passkeys) and implementing multi-party approval for sensitive security contexts throughout production systems."
I'd say that basically means: no #Microsoft products.
Heaven for domestic abuse: a new spywaretool just up for grabs. It's like having Pegasus at home. What could possibly go wrong? Microsoft knows most families share their accounts or at least can easily log into eachothers accounts. They just choose to ignore it.
Windows vulnerability reported by the NSA exploited to install Russian malware
Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attacks that targeted a vast array of organizations with a previously undocumented tool, the software maker disclosed
Low severity [#malware incident] A #minecraft mod called "Windows Borderless" on #Modrinth was taken down yesterday. It contained #spyware wich stole credentials from Chrome and Chromium-Based browsers. Only Windows users were affected. The mod was not found in any modpacks and was not uploaded to other platforms. A detection tool can be found in the official blog post. According to @modrinth, ~372 IPs downloaded the mod. https://blog.modrinth.com/p/windows-borderless-malware-disclosure
#Shaarli: WPCode keeps reappearing as a malware after deleting | WordPress.org - Options à insérer dans le fichier wp-config (racine d'une installation de WordPress) pour empêcher la modification des fichiers via l'éditeur interne et désactiver l'ajout d'extensions.
Permission-based systems are bad. See #XUL getting replaced by #WebExtensions for example. It didn't stop #malware from getting into the #browser or the extension store. On the contrary, the malware problem only got worse after the complete replacement of XUL extensions, which is often disparaged as "insecure" because it allowed users to pretty much change how their browser fundamentally works.
Who knew that distrusting your users and not giving them control leads to more malicious software and user #security being broken more often. :seija_coffee:
Premiering now! Had a great conversation with Shannon Morse about my issues reviewing some mini PCs that came pre-loaded with malware. https://www.youtube.com/watch?v=oH2R3o-EbTA
She offers some GREAT tips and tricks for folks interested in keeping their home networks secure and their data safe!
@SomeGadgetGuy Sometimes I wonder whether there are companies who pre-loaded their hardware with switches or similar solution instead of software/malware. I guess, in the future the trust in OEM, supply chain and retailer will play important role.
A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.