Afternoon Dessert - 2022-09-02

Welcome to another Afternoon Dessert breakout:

San Francisco 49ers: Blackbyte ransomware gang stole info of 20K people
NFL's San Francisco 49ers are mailing notification letters confirming a data breach affecting more than 20,000 individuals following a ransomware attack that hit its network earlier this year. [...]
Read more....

The Ultimate Security Blind Spot You Don't Know You Have
How much time do developers spend actually writing code? According to recent studies, developers spend more time maintaining, testing and securing existing code than they do writing or improving code. Security vulnerabilities have a bad habit of popping up during the software development process, only to surface after an application has been deployed. The disappointing part is that many of these
Read more....

JuiceLedger Hackers Behind the Recent Phishing Attacks Against PyPI Users
More details have emerged about the operators behind the first-known phishing campaign specifically aimed at the Python Package Index (PyPI), the official third-party software repository for the programming language. Connecting it to a threat actor tracked as JuiceLedger, cybersecurity firm SentinelOne, along with Checkmarx, described the group as a relatively new entity that surfaced in early
Read more....

Warning: PyPI Feature Executes Code Automatically After Python Package Download
In another finding that could expose developers to increased risk of a supply chain attack, it has emerged that nearly one-third of the packages in PyPI, the Python Package Index, trigger automatic code execution upon downloading them. "A worrying feature in pip/PyPI allows code to automatically run when developers are merely downloading a package," Checkmarx researcher Yehuda Gelb said in a
Read more....

S3 Ep98: The LastPass saga – should we stop using password managers? [Audio + Text]
Latest episode - listen now!
Read more....

Prynt Stealer Contains a Backdoor to Steal Victims' Data Stolen by Other Cybercriminals
Researchers discovered a private Telegram channel-based backdoor in the information stealing malware, dubbed Prynt Stealer, which its developer added with the intention of secretly stealing a copy of victims' exfiltrated data when used by other cybercriminals. "While this untrustworthy behavior is nothing new in the world of cybercrime, the victims' data end up in the hands of multiple threat
Read more....

Hive ransomware hits Damart clothing store with $2 million ransom
Damart, a French clothing company with over 130 stores across the world, is being extorted for $2 million after a cyberattack from the Hive ransomware gang. [...]
Read more....

Samsung discloses data breach after July hack
Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. [...]
Read more....

Dev backdoors own malware to steal data from other hackers
Cybercriminals using Prynt Stealer to collect data from victims are being swindled by the malware developer, who also receives a copy of the info over Telegram messaging service. [...]
Read more....