Hackers Rob Thousands Coinbase Customers through SMS MFA Flaw – discloses today, happened around the IPO

Coinbase, a major U.S.-based bitcoin and cryptocurrency exchange, disclosed today that a hacker was able to bypass the company’s SMS multi-factor authentication mechanism and steal funds from 6,000 users, Bleeping Computer reported. The breach of Coinbase customers’ accounts happened between March and May 20, 2021, in a hacking campaign that combined phishing scams and a Read more about Hackers Rob Thousands Coinbase Customers through SMS MFA Flaw – discloses today, happened around the IPO[…]

New GriftHorse malware has infected more than 10 million Android phones

Security researchers have found a massive malware operation that has infected more than 10 million Android smartphones across more than 70 countries since at least November 2020 and is making millions of dollars for its operators on a monthly basis. Discovered by mobile security firm Zimperium, the new GriftHorse malware has been distributed via benign-looking apps uploaded Read more about New GriftHorse malware has infected more than 10 million Android phones[…]

110,000 Affected by Epik Breach – Including Those Who Trusted Epik to Hide Their Identity as hate mongerers

Epik’s massive data breach is already affecting lives. Today the Washington Post describes a real estate agent in Pompano Beach who urged buyers on Facebook to move to “the most beautiful State.” His name and personal details “were found on invoices suggesting he had once paid for websites with names such as racisminc.com, whitesencyclopedia.com, christiansagainstisrael.com Read more about 110,000 Affected by Epik Breach – Including Those Who Trusted Epik to Hide Their Identity as hate mongerers[…]

Hackers leak LinkedIn 700 million June data scrape

A collection containing data about more than 700 million users, believed to have been scraped from LinkedIn, was leaked online this week after hackers previously tried to sell it earlier this year in June. The collection, obtained by The Record from a source, is currently being shared in private Telegram channels in the form of a torrent file Read more about Hackers leak LinkedIn 700 million June data scrape[…]

FBI Had REvil’s Kaseya Ransomware Decryption Key for Weeks

The Kaseya ransomware attack, which occurred in July and affected as many as 1,500 companies worldwide, was a big, destructive mess—one of the largest and most unwieldy of its kind in recent memory. But new information shows the FBI could have lightened the blow victims suffered but chose not to. A new report from the Read more about FBI Had REvil’s Kaseya Ransomware Decryption Key for Weeks[…]

Alaska discloses ‘sophisticated’ nation-state cyberattack on health service

Alaska discloses ‘sophisticated’ nation-state cyberattack on health service A nation-state cyber-espionage group has gained access to the IT network of the Alaska Department of Health and Social Service (DHSS), the agency said last week. The attack, which is still being investigated, was discovered on May 2, earlier this year, by a security firm, which notified Read more about Alaska discloses ‘sophisticated’ nation-state cyberattack on health service[…]

Hackers leak passwords for 500,000 Fortinet VPN accounts

A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid. […] The list of Fortinet credentials was Read more about Hackers leak passwords for 500,000 Fortinet VPN accounts[…]

FTC bans spyware maker SpyFone, and orders it to notify hacked victims

The Federal Trade Commission has unanimously voted to ban the spyware maker SpyFone and its chief executive Scott Zuckerman from the surveillance industry, the first order of its kind, after the agency accused the company of harvesting mobile data on thousands of people and leaving it on the open internet. The agency said SpyFone “secretly Read more about FTC bans spyware maker SpyFone, and orders it to notify hacked victims[…]

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently Read more about Gift Card Gang Extracts Cash From 100k Inboxes Daily[…]

T-Mobile hacker explains how he breached carrier’s security

John Binns, a 21-year-old American who now lives in Turkey, told the Wall Street Journal that he was behind the T-Mobile security breach that affected more than 50 million people earlier this month. The intrigue: Binns said he broke through the T-Mobile defenses after discovering an unprotected router exposed on the internet, after scanning the Read more about T-Mobile hacker explains how he breached carrier’s security[…]

Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

The remote code execution flaw, CVE-2021-35395, was seen in Mirai malware binaries by threat intel firm Radware, which “found that new malware binaries were published on both loaders leveraged in the campaign.” Warning that the vuln had been included in Dark.IoT’s botnet “less than a week” after it was publicly disclosed, Radware said: “This vulnerability Read more about Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit[…]

Belarus Hackers Seek to Overthrow Government, release huge trove of sensitive data

[…] The Belarusian Cyber Partisans, as the hackers call themselves, have in recent weeks released portions of a huge data trove they say includes some of the country’s most secret police and government databases. The information contains lists of alleged police informants, personal information about top government officials and spies, video footage gathered from police drones and detention centers Read more about Belarus Hackers Seek to Overthrow Government, release huge trove of sensitive data[…]

You Can Gain Admin Privileges to Any Windows Machine by Plugging in a Razer Mouse

[…] When you plug in one of these Razer peripherals, Windows will automatically download Razer Synapse, the software that controls certain settings for your mouse or keyboard. Said Razer software has SYSTEM privileges, since it launches from a Windows process with SYSTEM privileges. But that’s not where the vulnerability comes into play. Once you install Read more about You Can Gain Admin Privileges to Any Windows Machine by Plugging in a Razer Mouse[…]

Exclusive: Hacker Selling Private Data Allegedly from 70 Million AT&T Customers

A well-known threat actor with a long list of previous breaches is selling private data that was allegedly collected from 70 million AT&T customers. We analyzed the data and found it to include social security numbers, date of birth, and other private information. The hacker is asking $1 million for the entire database (direct sell) Read more about Exclusive: Hacker Selling Private Data Allegedly from 70 Million AT&T Customers[…]

TCP Firewalls and middleboxes can be weaponized for gigantic DDoS attacks

Authored by computer scientists from the University of Maryland and the University of Colorado Boulder, the research is the first of its kind to describe a method to carry out DDoS reflective amplification attacks via the TCP protocol, previously thought to be unusable for such operations. Making matters worse, researchers said the amplification factor for Read more about TCP Firewalls and middleboxes can be weaponized for gigantic DDoS attacks[…]

‘Easy money’: How international scam artists pulled off an epic theft of Covid benefits

[…] Russian mobsters, Chinese hackers and Nigerian scammers have used stolen identities to plunder tens of billions of dollars in Covid benefits, spiriting the money overseas in a massive transfer of wealth from U.S. taxpayers, officials and experts say. And they say it is still happening. Among the ripest targets for the cybertheft have been Read more about ‘Easy money’: How international scam artists pulled off an epic theft of Covid benefits[…]

T-Mobile Confirms It Was Hacked, lost full subscriber info for USA

T-Mobile confirmed hackers gained access to the telecom giant’s systems in an announcement published Monday. The move comes after Motherboard reported that T-Mobile was investigating a post on an underground forum offering for sale Social Security Numbers and other private data. The forum post at the time didn’t name T-Mobile, but the seller told Motherboard Read more about T-Mobile Confirms It Was Hacked, lost full subscriber info for USA[…]

Hackers return around half of stolen $600 million in Poly Network hack

Hackers have returned nearly half of the $600 million they stole in what’s likely to be one of the biggest cryptocurrency thefts ever. The cybercriminals exploited a vulnerability in Poly Network, a platform that looks to connect different blockchains so that they can work together. Poly Network disclosed the attack Tuesday and asked to establish Read more about Hackers return around half of stolen $600 million in Poly Network hack[…]

Cross-Chain DeFi Site Poly Network Hacked; Hundreds of Millions Potentially Lost

Cross-chain decentralized finance (DeFi) platform Poly Network was attacked on Tuesday, with the alleged hacker draining roughly $600 million in crypto. Poly Network, a protocol launched by the founder of Chinese blockchain project Neo, operates on the Binance Smart Chain, Ethereum and Polygon blockchains. Tuesday’s attack struck each chain consecutively, with the Poly team identifying Read more about Cross-Chain DeFi Site Poly Network Hacked; Hundreds of Millions Potentially Lost[…]

Hackers leak full EA data after failed extortion attempt

The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer. The data, dumped on an underground cybercrime forum on Monday, July 26, is now being widely distributed on torrent sites. According to a Read more about Hackers leak full EA data after failed extortion attempt[…]

Hey, AI software developers, you are taking Unicode into account, right … right?

[…] The issue is that ambiguity or discrepancies can be introduced if the machine-learning software ignores certain invisible Unicode characters. What’s seen on screen or printed out, for instance, won’t match up with what the neural network saw and made a decision on. It may be possible abuse this lack of Unicode awareness for nefarious Read more about Hey, AI software developers, you are taking Unicode into account, right … right?[…]

Justice Department says Russians hacked federal prosecutors during SolarWinds

The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said Friday. The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. Read more about Justice Department says Russians hacked federal prosecutors during SolarWinds[…]

US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach, will only offer support if social security number was in data

Law firm Campbell Conroy & O’Neil has warned of a breach from late February which may have exposed data from the company’s lengthy client list of big-name corporations including Apple and IBM. The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company’s internal systems, Read more about US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach, will only offer support if social security number was in data[…]

Saudi Aramco data breach sees 1 TB stolen data for sale

[…] The threat actors are offering Saudi Aramco’s data starting at a negotiable price of $5 million. Saudi Aramco has pinned this data incident on third-party contractors and tells BleepingComputer that the incident had no impact on Aramco’s operations. “Zero-day exploitation” used to breach network This month, a threat actor group known as ZeroX is offering 1 TB of Read more about Saudi Aramco data breach sees 1 TB stolen data for sale[…]

Report shines light on REvil’s depressingly simple tactics: Phishing, credential-stuffing RDP servers… the usual

Palo Alto Networks’ global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year – along with an estimation of the multimillion-dollar payouts it’s receiving. […] The group, which provides what security wonks have come to term “Ransomware as a Service” or RAAS, has Read more about Report shines light on REvil’s depressingly simple tactics: Phishing, credential-stuffing RDP servers… the usual[…]