Subj : Sophos Virus News
To   : All
From : Daryl Stout
Date : Tue Feb 28 2023 12:51:25

Here is the latest information from the Naked Security Blog from Sophos.
You can go to nakedsecurity.sophos.com to read these. You can also sign
up to have these delivered to your email during the week.

***

LastPass: Keylogger on home PC led to cracked corporate password vault

Seems the crooks implanted a keylogger via a vulnerable media app
(LastPass politely didn't say which one!) on a developer's home computer.

***

Beware rogue 2FA apps in App Store and Google Play - don't get hacked!

Even in Apple's and Google's "walled gardens", there are plenty of 2FA 
apps that are either dangerously incompetent, or unrepentantly malicious.
(Or perhaps both.)

***
	
Dutch police arrest three cyberextortion suspects who allegedly earned 
millions

Ever paid hush money to crooks who broke into your network? Wondered how 
much you can trust them?

***

S3 Ep123: Crypto company compromise kerfuffle [Audio + Text]

Latest episode - listen now! Top-notch advice for cybersecurity, both
at work and at home.

***

NPM Javascript packages abused to create scambait links in bulk

Free spins? Bonus game points? Cheap social media followers? What harm 
could it possibly do if you just take a tiny little look?!

***

Coinbase breached by social engineers, employee data stolen

Another day, another "sophisticated" attack. This time, the company
has handily included some useful advice along with its mea culpa...

***
--- SBBSecho 3.14-Win32
 * Origin: The Thunderbolt BBS - Little Rock, Arkansas (454:1/33)

.