FTC bans spyware maker SpyFone, and orders it to notify hacked victims

The Federal Trade Commission has unanimously voted to ban the spyware maker SpyFone and its chief executive Scott Zuckerman from the surveillance industry, the first order of its kind, after the agency accused the company of harvesting mobile data on thousands of people and leaving it on the open internet. The agency said SpyFone “secretly Read more about FTC bans spyware maker SpyFone, and orders it to notify hacked victims[…]

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Some of the most successful and lucrative online scams employ a “low-and-slow” approach — avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently Read more about Gift Card Gang Extracts Cash From 100k Inboxes Daily[…]

T-Mobile hacker explains how he breached carrier’s security

John Binns, a 21-year-old American who now lives in Turkey, told the Wall Street Journal that he was behind the T-Mobile security breach that affected more than 50 million people earlier this month. The intrigue: Binns said he broke through the T-Mobile defenses after discovering an unprotected router exposed on the internet, after scanning the Read more about T-Mobile hacker explains how he breached carrier’s security[…]

Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

The remote code execution flaw, CVE-2021-35395, was seen in Mirai malware binaries by threat intel firm Radware, which “found that new malware binaries were published on both loaders leveraged in the campaign.” Warning that the vuln had been included in Dark.IoT’s botnet “less than a week” after it was publicly disclosed, Radware said: “This vulnerability Read more about Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit[…]

Belarus Hackers Seek to Overthrow Government, release huge trove of sensitive data

[…] The Belarusian Cyber Partisans, as the hackers call themselves, have in recent weeks released portions of a huge data trove they say includes some of the country’s most secret police and government databases. The information contains lists of alleged police informants, personal information about top government officials and spies, video footage gathered from police drones and detention centers Read more about Belarus Hackers Seek to Overthrow Government, release huge trove of sensitive data[…]

You Can Gain Admin Privileges to Any Windows Machine by Plugging in a Razer Mouse

[…] When you plug in one of these Razer peripherals, Windows will automatically download Razer Synapse, the software that controls certain settings for your mouse or keyboard. Said Razer software has SYSTEM privileges, since it launches from a Windows process with SYSTEM privileges. But that’s not where the vulnerability comes into play. Once you install Read more about You Can Gain Admin Privileges to Any Windows Machine by Plugging in a Razer Mouse[…]

Exclusive: Hacker Selling Private Data Allegedly from 70 Million AT&T Customers

A well-known threat actor with a long list of previous breaches is selling private data that was allegedly collected from 70 million AT&T customers. We analyzed the data and found it to include social security numbers, date of birth, and other private information. The hacker is asking $1 million for the entire database (direct sell) Read more about Exclusive: Hacker Selling Private Data Allegedly from 70 Million AT&T Customers[…]

TCP Firewalls and middleboxes can be weaponized for gigantic DDoS attacks

Authored by computer scientists from the University of Maryland and the University of Colorado Boulder, the research is the first of its kind to describe a method to carry out DDoS reflective amplification attacks via the TCP protocol, previously thought to be unusable for such operations. Making matters worse, researchers said the amplification factor for Read more about TCP Firewalls and middleboxes can be weaponized for gigantic DDoS attacks[…]

‘Easy money’: How international scam artists pulled off an epic theft of Covid benefits

[…] Russian mobsters, Chinese hackers and Nigerian scammers have used stolen identities to plunder tens of billions of dollars in Covid benefits, spiriting the money overseas in a massive transfer of wealth from U.S. taxpayers, officials and experts say. And they say it is still happening. Among the ripest targets for the cybertheft have been Read more about ‘Easy money’: How international scam artists pulled off an epic theft of Covid benefits[…]

T-Mobile Confirms It Was Hacked, lost full subscriber info for USA

T-Mobile confirmed hackers gained access to the telecom giant’s systems in an announcement published Monday. The move comes after Motherboard reported that T-Mobile was investigating a post on an underground forum offering for sale Social Security Numbers and other private data. The forum post at the time didn’t name T-Mobile, but the seller told Motherboard Read more about T-Mobile Confirms It Was Hacked, lost full subscriber info for USA[…]

Hackers return around half of stolen $600 million in Poly Network hack

Hackers have returned nearly half of the $600 million they stole in what’s likely to be one of the biggest cryptocurrency thefts ever. The cybercriminals exploited a vulnerability in Poly Network, a platform that looks to connect different blockchains so that they can work together. Poly Network disclosed the attack Tuesday and asked to establish Read more about Hackers return around half of stolen $600 million in Poly Network hack[…]

Cross-Chain DeFi Site Poly Network Hacked; Hundreds of Millions Potentially Lost

Cross-chain decentralized finance (DeFi) platform Poly Network was attacked on Tuesday, with the alleged hacker draining roughly $600 million in crypto. Poly Network, a protocol launched by the founder of Chinese blockchain project Neo, operates on the Binance Smart Chain, Ethereum and Polygon blockchains. Tuesday’s attack struck each chain consecutively, with the Poly team identifying Read more about Cross-Chain DeFi Site Poly Network Hacked; Hundreds of Millions Potentially Lost[…]

Hackers leak full EA data after failed extortion attempt

The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer. The data, dumped on an underground cybercrime forum on Monday, July 26, is now being widely distributed on torrent sites. According to a Read more about Hackers leak full EA data after failed extortion attempt[…]

Hey, AI software developers, you are taking Unicode into account, right … right?

[…] The issue is that ambiguity or discrepancies can be introduced if the machine-learning software ignores certain invisible Unicode characters. What’s seen on screen or printed out, for instance, won’t match up with what the neural network saw and made a decision on. It may be possible abuse this lack of Unicode awareness for nefarious Read more about Hey, AI software developers, you are taking Unicode into account, right … right?[…]

Justice Department says Russians hacked federal prosecutors during SolarWinds

The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said Friday. The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. Read more about Justice Department says Russians hacked federal prosecutors during SolarWinds[…]

US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach, will only offer support if social security number was in data

Law firm Campbell Conroy & O’Neil has warned of a breach from late February which may have exposed data from the company’s lengthy client list of big-name corporations including Apple and IBM. The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company’s internal systems, Read more about US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach, will only offer support if social security number was in data[…]

Saudi Aramco data breach sees 1 TB stolen data for sale

[…] The threat actors are offering Saudi Aramco’s data starting at a negotiable price of $5 million. Saudi Aramco has pinned this data incident on third-party contractors and tells BleepingComputer that the incident had no impact on Aramco’s operations. “Zero-day exploitation” used to breach network This month, a threat actor group known as ZeroX is offering 1 TB of Read more about Saudi Aramco data breach sees 1 TB stolen data for sale[…]

Report shines light on REvil’s depressingly simple tactics: Phishing, credential-stuffing RDP servers… the usual

Palo Alto Networks’ global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year – along with an estimation of the multimillion-dollar payouts it’s receiving. […] The group, which provides what security wonks have come to term “Ransomware as a Service” or RAAS, has Read more about Report shines light on REvil’s depressingly simple tactics: Phishing, credential-stuffing RDP servers… the usual[…]

This Crowdsourced Ransomware Payment Tracker Shows How Much Cybercriminals Have Heisted

Ransomware attacks are on the rise, but quantifying the scope of the problem can be tricky when only the most high-profile cases make headlines. Enter Ransomwhere, […] Jack Cable, a security architect at the cybersecurity consulting firm Krebs Stamos Group, launched the site on Thursday. […] The way it works is Ransomwhere keeps a running Read more about This Crowdsourced Ransomware Payment Tracker Shows How Much Cybercriminals Have Heisted[…]

Iran’s Train System Hacked, Khamenei’s phone nr posted on station msg boards as help line

Cyberattacks reportedly disrupted Iran’s railway system on Friday, causing “unprecedented chaos” at stations throughout the country, according to state media. The hackers, whoever they are, also reportedly trolled the nation’s Supreme Leader Ali Khamenei, posting his phone number as “the number to call for information” on multiple train station message boards, Reuters reports. According to Read more about Iran’s Train System Hacked, Khamenei’s phone nr posted on station msg boards as help line[…]

Report: Russian Cyber Spies Recently Hacked the RNC

According to a new investigation from Bloomberg, cyber spies connected to the Russian government recently hacked into the Republican National Committee—though the RNC has denied that their systems were breached in this way. According to Bloomberg, the hacker group known as “Cozy Bear”—thought to be connected to Russia’s intelligence service, the SVR—conducted the intrusion, though Read more about Report: Russian Cyber Spies Recently Hacked the RNC[…]

Getting Your iPhone Near This Cursed Network Breaks Its Wifi

iPhone doesn’t even have to connect to the network to mess up. Back in June, security researcher Carl Schou found that when he joined the network “%p%s%s%s%s%n”, his iPhone permanently disabled its wifi functionality. Luckily, this was fixed by resetting all network settings, which erased the villainous wifi name from his phone’s memory. You would Read more about Getting Your iPhone Near This Cursed Network Breaks Its Wifi[…]

Largest ransomware attack ever through hacked Kaseya software by REvil. Thousands of victims in at least 17 countries. $70m asked to decrypt the lot.

Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. An affiliate of the notorious REvil gang, best known for extorting $11 million from the meat-processor JBS after a Read more about Largest ransomware attack ever through hacked Kaseya software by REvil. Thousands of victims in at least 17 countries. $70m asked to decrypt the lot.[…]

Western Digital Confirms ‘My Book Live’ Drives Are Being Deleted Remotely

Western Digital’s popular My Book Live hard drives are being deleted remotely by an unknown attacker, according to the company. And there’s not much anyone can do at this point but unplug their drives from the internet. “We have determined that some My Book Live devices have been compromised by a threat actor,” Western Digital’s Read more about Western Digital Confirms ‘My Book Live’ Drives Are Being Deleted Remotely[…]

Microsoft says new breach via customer service discovered in probe of suspected SolarWinds hackers

Microsoft (MSFT.O) said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers. The company said it had found the compromise during its response to hacks by a team it identifies as responsible for earlier major breaches at SolarWinds (SWI.N) Read more about Microsoft says new breach via customer service discovered in probe of suspected SolarWinds hackers[…]