Afternoon Dessert - 2022-09-09

Welcome to another Afternoon Dessert breakout:

Lampion malware returns in phishing attacks abusing WeTransfer
The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. [...]
Read more....

U.S. Seizes Cryptocurrency Worth $30 Million Stolen by North Korean Hackers
More than $30 million worth of cryptocurrency plundered by the North Korea-linked Lazarus Group from online video game Axie Infinity has been recovered, marking the first time digital assets stolen by the threat actor have been seized. "The seizures represent approximately 10% of the total funds stolen from Axie Infinity (accounting for price differences between time stolen and seized), and
Read more....

6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
Security threats are always a concern when it comes to APIs. API security can be compared to driving a car. You must be cautious and review everything closely before releasing it into the world. By failing to do so, you're putting yourself and others at risk. API attacks are more dangerous than other breaches. Facebook had a 50M user account affected by an API breach, and an API data breach on
Read more....

Vice Society claims LAUSD ransomware attack, theft of 500GB of data
The Vice Society gang has claimed the ransomware attack that hit Los Angeles Unified (LAUSD), the second largest school district in the United States, over the weekend. [...]
Read more....

US sanctions Iran’s Ministry of Intelligence over Albania cyberattack
The U.S. Treasury Department announced sanctions today against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for their role in the July cyberattack against the government of Albania, a U.S. ally and a NATO member state. [...]
Read more....

Winamp 5.9 Final released and it still whips the Llama's ass
Winamp 5.9 Final has been released after four years of development and includes numerous improvements, including Windows 11 support, playback of HTTPS:// streams, and various bug fixes. [...]
Read more....

S3 Ep99: TikTok “attack” – was there a data breach, or not? [Audio + Text]
Latest episode - listen now! (Or read if you prefer - full transcript inside.)
Read more....

How to deal with dates and times without any timezone tantrums…
Heartfelt encouragement to embrace RFC 3339 - find out why!
Read more....