Afternoon Dessert - 2022-08-30

Welcome to another Afternoon Dessert breakout:

LastPass source code breach – do we still recommend password managers?
What does the recent LastPass breach mean for password managers? Just a bump in the road, or a reason to ditch them entirely?
Read more....

Hackers Use ModernLoader to Infect Systems with Stealers and Cryptominers
As many as three disparate but related campaigns between March and Jun 2022 have been found to deliver a variety of malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. "The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread across a targeted network, eventually dropping other pieces of malware, such as the SystemBC trojan and
Read more....

Hands-on Review: Stellar Cyber Security Operations Platform for MSSPs
As threat complexity increases and the boundaries of an organization have all but disappeared, security teams are more challenged than ever to deliver consistent security outcomes. One company aiming to help security teams meet this challenge is Stellar Cyber.  Stellar Cyber claims to address the needs of MSSPs by providing capabilities typically found in NG-SIEM, NDR, and SOAR products in their
Read more....

Chrome extensions with 1.4 million installs steal browsing data
Threat analysts at McAfee found five Google Chrome extensions that steal track users' browsing activity. Collectively, the extensions have been downloaded  more then 1.4  million times. [...]
Read more....

Microsoft Azure outage knocks Ubuntu VMs offline after buggy update
Microsoft Azure customers' virtual machines (VMs) running Ubuntu 18.04 have been taken offline by an ongoing outage caused by a faulty systemd update. [...]
Read more....

Chinese hackers target Australian govt with ScanBox malware
China-based threat actors have been targeting Australian government agencies and wind turbine fleets in the South China Sea by directing select individuals to a fake impersonating an Australian news media outlet. [...]
Read more....

JavaScript bugs aplenty in Node.js ecosystem – found automatically
How to get the better of bugs in all the possible packages in your supply chain?
Read more....