Securitybreaches

Latest Microsoft Patch -How Important is it?

by

The Microsoft Security Response Center just released the following Microsoft Mitigates Outlook Elevation of Privilege Vulnerability Microsoft has developed a script to see if you are already infected by hackers:  https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/ The script can run on Exchange server or on Azure based mailboxes(AzureEnvironmentName, AzureADEndpoint, EWSOnlineURL, and EWSOnlineScope can be left as default). This is a … Read more

Password Managers Hacked: Passwordstate and Lastpass

by

Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website.   “Passwordstate was subject to scrutiny by Swiss security consultancy modzero AG following a customer request to check the password manager’s security. Modzero researchers Constantin … Read more

LastPass Password Manager has Security Incident

by

As written on their Blog (https://blog.lastpass.com)  as of August 25th: “Two weeks ago, we detected some unusual activity within portions of the LastPass development environment. After initiating an immediate investigation, we have seen no evidence that this incident involved any access to customer data or encrypted password vaults.  “ Essentially they found a developer machine … Read more

New Cyberstrategy: FBI Depends on Hackers to Be Nice

by

Yes The hackers that just hacked the FBI email server only spammed thousands of email addresses and all they did was embarrass the FBI. The Criminal Justice Information Services division (CJIS) from FBI which apparently manages several national crime information systems, available to the criminal justice community. According to KrebsonSecurity  the “from address” emails to … Read more

Printer Drivers Could Cause a Breach?

by

Yes it was bound to happen – your printer driver can cause a cybersecurity breach: https://voidsec.com/root-cause-analysis-of-cve-2021-3438/   (voidsec blog site) It is interesting to note the Conclusion of the blogpost:   Conclusion The buffer, initialized with all zeroes, is the only reference in all of the data segments and it is only used in the … Read more