Mastodawn

It's been a bit quiet over the last 24 hours, but we still have some critical updates on ongoing exploitation and the long-term fallout from a major breach. Let's dive in:

LastPass 2022 Breach Still Fueling Crypto Thefts 💰

- TRM Labs reports that encrypted vault backups from the 2022 LastPass breach are still being exploited, with attackers cracking weak master passwords to drain cryptocurrency assets as recently as late 2025.
- Over $35 million in digital assets have been siphoned, with evidence pointing to Russian cybercriminal involvement through the use of associated infrastructure and high-risk exchanges like Cryptex and Audia6.
- This underscores the critical importance of strong, unique master passwords and prompt credential rotation following any breach, as a single incident can lead to multi-year theft campaigns.

📰 The Hacker News | https://thehackernews.com/2025/12/lastpass-2022-breach-led-to-years-long-cryptocurrency-thefts.html

Actively Exploited Vulnerabilities in Fortinet and Digiever Devices 🛡️

- Fortinet has warned of active exploitation of a five-year-old 2FA bypass vulnerability (CVE-2020-12812) in FortiOS SSL VPN, allowing authentication without the second factor under specific LDAP configurations.
- CISA has added a post-authentication Remote Code Execution (RCE) flaw (CVE-2023-52163) in Digiever DS-2105 Pro NVRs to its KEV catalog, with attackers using it to deploy Mirai and ShadowV2 botnets.
- Organisations should immediately apply Fortinet's recommended mitigations (patches or CLI commands) and for Digiever NVRs, ensure devices are not internet-exposed, change default credentials, or discontinue use given its End-of-Life status.

📰 The Hacker News | https://thehackernews.com/2025/12/fortinet-warns-of-active-exploitation.html
📰 The Hacker News | https://thehackernews.com/2025/12/cisa-flags-actively-exploited-digiever.html

#CyberSecurity #ThreatIntelligence #Vulnerability #RCE #Fortinet #Digiever #LastPass #DataBreach #CryptoTheft #IncidentResponse #InfoSec #CyberAttack #2FA

securityaffairs Dec 23

U.S. CISA adds a flaw in #Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/186021/security/u-s-cisa-adds-a-flaw-in-digiever-ds-2105-pro-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking #malware #Romania

U.S. CISA adds a flaw in Digiever DS-2105 Pro to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Digiever DS-2105 Pro flaw to its Known Exploited Vulnerabilities catalog.

Security Affairs

PUPUWEB Blog Mar 3, 2025

🚨 DigiEver DVR owners: critical security flaws are being exploited, and there's no fix in sight! Protect your devices NOW with these 4 essential steps. Don’t wait until it's too late! #CyberSecurity #DigiEver #TechTips #Surveillance

https://pupuweb.com/how-to-protect-your-devices-from-digiever-dvr-security-flaws-before-its-too-late/

How to Protect Your Devices from DigiEver DVR Security Flaws Before It's Too Late - PUPUWEB

Are Your DigiEver DVRs at Risk? Critical Vulnerabilities Exploited with No Fix in Sight Hackers are targeting DigiEver DVRs, and there’s no patch to stop

PUPUWEB

securityaffairs Dec 26, 2024

A new #Mirai #botnet variant targets #DigiEver DS-2105 Pro DVRs
https://securityaffairs.com/172345/malware/mirai-botnet-targets-digiever-ds-2105-pro-dvrs.html
#securityaffairs #hacking #malware