VulnHub

The 2022 LastPass breach continues to pose risks, as attackers are still able to crack encrypted vault backups using weak master passwords. This vulnerability allows for potential cryptocurrency theft, with experts from TRM Labs warning that such thefts could occur as late as 2025. Users who stored sensitive information in LastPass and have not changed their passwords are particularly at risk. This incident emphasizes the importance of using strong, unique passwords and regularly updating them, especially after a security breach. As the situation evolves, individuals and businesses using LastPass should remain vigilant and consider additional security measures.

Last week, WatchGuard Firebox firewalls were targeted in a significant cyber attack. These firewalls are widely used in various organizations for network security. Attackers exploited vulnerabilities to gain unauthorized access, which could lead to data breaches or disruptions in network operations. In a related incident, cybersecurity enthusiasts were misled by fake proof-of-concept (PoC) exploits, potentially compromising their research and learning efforts. This situation underscores the ongoing risks that cybersecurity professionals face from both direct attacks and misinformation in the community. Organizations using WatchGuard Firebox devices should ensure their systems are updated and monitor for any suspicious activity.

Ubisoft's popular game Rainbow Six Siege experienced a significant security breach that allowed hackers to manipulate internal systems. This breach enabled unauthorized users to ban and unban players, alter in-game moderation feeds, and distribute vast amounts of in-game currency and cosmetic items to accounts globally. As a result, many players found their accounts flooded with billions of credits, raising concerns about the integrity of the game's economy. This incident not only affects players but also poses a serious challenge for Ubisoft in maintaining trust and security within their gaming community. The company will need to address these vulnerabilities to prevent further exploitation and restore player confidence.

A hacker known as 'Lovely' has leaked personal data from over 2.3 million Wired.com accounts, claiming to have access to a larger trove of data that includes 40 million user records from Condé Nast, the parent company of Wired. This breach raises significant concerns for users who may have had their sensitive information exposed, including email addresses and potentially other personal details. The hacker shared the leaked data on a dark web forum, which poses serious risks for identity theft and phishing attacks. Companies like Condé Nast must take immediate action to investigate the claims and ensure the security of their systems to protect users. The incident serves as a reminder of the ongoing vulnerabilities that exist in the digital landscape and the need for robust security measures.

On December 25, the Everest ransomware group claimed to have stolen over 1 terabyte of data from Chrysler. This incident raises significant concerns about the security of sensitive information, as the attackers have threatened to release this data publicly if their demands are not met. Chrysler, part of the larger automotive industry, is now facing pressure to respond to the breach and protect its customers and business operations. Ransomware attacks like this not only disrupt companies but also put personal data at risk, affecting countless individuals. The situation is a stark reminder of the ongoing cyber threats facing major corporations, especially during times when security may be less prioritized, such as during holiday periods.

Users of the Trust Wallet Chrome extension have reported significant cryptocurrency losses after a malicious update was released on December 24. This compromised update allowed attackers to drain wallets, leading to millions in losses for affected individuals. In conjunction with this incident, researchers discovered a phishing domain set up by the hackers, further indicating a coordinated effort to exploit Trust Wallet users. The company has responded urgently, advising users to take precautions and remain vigilant to avoid further losses. This incident serves as a stark reminder of the risks associated with browser extensions and the importance of ensuring that software updates are legitimate and secure.

Fortinet has alerted users about the active exploitation of a five-year-old vulnerability in its FortiOS SSL VPN, identified as CVE-2020-12812. This flaw, which has a CVSS score of 5.2, involves improper authentication and is particularly dangerous under specific configurations. Researchers have recently observed this vulnerability being abused in real-world attacks, which means organizations using affected versions of FortiOS SSL VPN should take immediate action to secure their systems. The ongoing exploitation of such an outdated vulnerability underscores the need for companies to regularly update their security measures and ensure proper configuration to protect against potential attacks.

Fortinet has reported that a five-year-old vulnerability in its FortiOS SSL VPN is being actively exploited. This flaw, identified as CVE-2020-12812, allows attackers to bypass two-factor authentication under specific configurations, enabling unauthorized access to systems. Organizations using affected versions of FortiOS SSL VPN should be particularly vigilant, as this vulnerability could lead to significant security breaches. The issue emphasizes the need for users to ensure their VPN configurations are secure and up-to-date. Fortinet's warning serves as a critical reminder of the importance of addressing known vulnerabilities, even those that have been around for several years.