Hackers earlier this month maliciously encrypted a system belonging to the U.S. Marshals Service, compromising and exfiltrating sensitive data law enforcement data. Department of Justice officials classify the attack as a “major incident,” said NBC, which broke news of the attack. Exposed data include returns from legal process, administrative information and personal identifiable information pertaining…

The post-exploitation tools market has chalked up a newcomer with the emergence of Exfiltrator-22. An upstart alternative to Cobalt Strike, the Exfiltrator-22 framework-as-a-service (FaaS) tool set, first seen in December, was “likely” developed by ex-affiliates of the notorious LockBit ransomware gang, according to researchers. According to a Cyfirma report on Feb. 28, Ex-22 possesses advanced…

While phishing, business email compromise (BEC), and ransomware still rank among the most popular cyberattack techniques, a mix of new-breed attacks is gaining steam, according to a new report from cybersecurity and compliance company Proofpoint. “While conventional phishing remains successful, many threat actors have shifted to newer techniques, such as telephone-oriented attack delivery (TOAD) and…

The vulnerabilities, tracked as CVE-2023-1017 and CVE-2023-1018, provide pathways for an authenticated, local attacker to overwrite protected data in the TPM firmware and launch code execution attacks, according to an advisory from Carnegie Mellon’s CERT coordination center. From the CERT alert: “An authenticated, local attacker could send maliciously crafted commands to a vulnerable TPM allowing…

Threat visibility has always been an unruly challenge. Security teams find themselves inundated with alerts, many of which are false alarms. The irony is that, even as defenders can see more information about threats than ever before, attackers can slip right by because of all the noise. And the attackers know this, so they create…

A leader of an international crime network that attempted to launder more than $25 million in fraudulently obtained funds, including through business email compromise, received a sentence of more than a decade in prison. Valentine Iro, 34, pleaded guilty in October 2020 to one count of conspiracy to engage in money laundering. He was sentenced…

Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers exploited a flaw in a third-party media software package to target the firm. “Our investigation has revealed that the threat actor…