The big picture: The US government has had a bad run of cybersecurity-related incidents over the last couple of weeks. In the span of 12 days, officials from the FBI, DoD, and USMS have confirmed one data leak caused by human error and two separate attacks against government systems. So far, investigators have either not found any suspects or are keeping the lid on what they have discovered.
In brief: Password manager LastPass has revealed details of a breach last year that resulted in partially encrypted user login data being stolen. The company confirmed that the incident stemmed from a previous hack in August that enabled the hacker to steal credentials from a DevOps engineer's home computer and obtain a decrypted vault.
Scorpion says: "Get over here!" Watch out for emails from the crypto exchange CoinPayments. Hackers are running a new "Mortal Kombat" ransomware campaign. The attackers disguise the phishing email attachment to look like payment transactions. However, when opened, the payload automatically downloads either ransomware or a crypto-wallet skimmer. So it's a bit like a one-two uppercut. TOASTY!
What just happened? In what could be described as beautifully ironic, a notorious ransomware-as-a-service (RaaS) gang has been brought down after the FBI infiltrated its systems, disrupted operations, and seized its sites. Or, as the Deputy US Attorney General put it, they "hacked the hackers."
What just happened? Despite IT security efforts worldwide, ransomware attacks show no sign of slowing down. Various organizations like technology manufacturers, the media, and governments have suffered major incidents this year. The latest and potentially last major attack in 2022 has struck the 201-year-old British newspaper.
This'll put a smile on your face: We love hearing stories of bad actors getting their comeuppance. This one is great, though, because not only did a bunch of hacker wannabes get served (literally), several of them infected themselves with malware due to misconfiguring their own equipment.
A hot potato: Meta employees and contractors have had access to an internal system for recovering user accounts for a while now. The deployment of this tool grew dramatically over the last few years, giving even more users permissions. Now, the company appears to be cracking down on access. One reason may be misuse within Facebook's own customer service.