Russia spoofed AIS data to fake British warship’s course days before firing at them from a huge distance in Crimea

Russia was back up to its age-old spoofing of GPS tracks earlier this week before a showdown between British destroyer HMS Defender and coastguard ships near occupied Crimea in the Black Sea. Yesterday Defender briefly sailed through Ukrainian waters, triggering the Russian Navy and coastguard into sending patrol boats and anti-shipping aircraft to buzz the Read more about Russia spoofed AIS data to fake British warship’s course days before firing at them from a huge distance in Crimea[…]

Hackers Are Selling Data Stolen From Audi and Volkswagen

On Friday, Volkswagen disclosed a data breach that it said affected 3.3 million customers and interested buyers. On Monday, hackers put the data stolen from the car maker on sale on a notorious hacking forum. In the sales listing reviewed by Motherboard, a hacker that goes by 000 wrote that the data included email addresses Read more about Hackers Are Selling Data Stolen From Audi and Volkswagen[…]

In Brazil, Criminals Steal Phones to Empty Victims’ Bank Account

São Paulo pickpockets are increasingly stealing people’s smartphones not to pawn off the device, but rather to gain access to their bank account. That’s according to a report from Brazilian newspaper Folha de S.Paulo this week. As first spotted by 9to5 Mac, the report claims this kind of theft has been going on since the Read more about In Brazil, Criminals Steal Phones to Empty Victims’ Bank Account[…]

Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops

Ukrainian police have arrested six people, alleged to be members of the notorious Clop* ransomware gang, seizing cash, cars – and a number of Apple Mac laptops and desktops. “It was established that six defendants carried out attacks of malicious software such as ‘ransomware’ on the servers of American and [South] Korean companies,” alleged Ukraine’s Read more about Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops[…]

Alibaba suffers billion-item data leak including usernames and mobile numbers

Alibaba’s Chinese shopping operation Taobao has suffered a data breach of over a billion data points including usernames and mobile phone numbers. The info was lifted from the site by a crawler developed by an affiliate marketer. Chinese outlet 163.com reported the case last week and today it was picked up by the Wall Street Read more about Alibaba suffers billion-item data leak including usernames and mobile numbers[…]

Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro

The Nefilim ransomware gang might not be the best known or most prolific online extortion crew but their penchant for attacking small numbers of $1bn+ turnover firms is paying off, according to some latest research. The crew has made comparatively fewer headlines next to better-known criminals such as Darkside, perpetrators of the infamous US Colonial Read more about Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro[…]

Internal data + games source code from breach CD Projekt Cyberpunk 2077 circulating online

Internal company data leaked during a February security breach is now being circulated on the internet, Polish video games maker CD Projekt (CDR.WA) said in a statement published on Thursday. The attack, which compromised some of its internal systems including the source code to its much-hyped game Cyberpunk 2077, dealt another blow to the Warsaw-based Read more about Internal data + games source code from breach CD Projekt Cyberpunk 2077 circulating online[…]

McDonald’s Hit by Data Breach – WSJ

McDonald’s Corp. said hackers stole some data from its systems in markets including the U.S., South Korea and Taiwan, in another example of cybercriminals infiltrating high-profile global companies. The burger chain said Friday that it recently hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which Read more about McDonald’s Hit by Data Breach – WSJ[…]

FBI paid renegade developer $180k for backdoored AN0M chat app that brought down drug underworld

The FBI has revealed how it managed to hoodwink the criminal underworld with its secretly backdoored AN0M encrypted chat app, leading to hundreds of arrests, the seizure of 32 tons of drugs, 250 firearms, 55 luxury cars, more than $148M, and even cocaine-filled pineapples. About 12,000 smartphones with AN0M installed were sold into organized crime Read more about FBI paid renegade developer $180k for backdoored AN0M chat app that brought down drug underworld[…]

DOJ Recovers Most of Colonial Pipeline Hack Ransom

(WASHINGTON) — The Justice Department has recovered most of a multimillion-dollar ransom payment made to hackers after a cyberattack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month, officials said Monday. The operation to seize cryptocurrency paid to the Russia-based hacker group is the first of its kind Read more about DOJ Recovers Most of Colonial Pipeline Hack Ransom[…]

Air India breach compromised data for 4.5 million passengers also of other airlines

The Times of India reports Air India has revealed that a breach compromised about 4.5 million passengers whose data was registered at system provider SITA between August 2011 and late February 2021. The intruders couldn’t obtain passwords, but they had access to names, contact info, tickets and frequent flyer info (including for Star Alliance). The Read more about Air India breach compromised data for 4.5 million passengers also of other airlines[…]

American insurance giant CNA reportedly pays $40m to ransomware crooks

CNA Finaincial, the US insurance conglomerate, has apparently paid $40m to ransomware operators to gets its files back. In March the business revealed it had been hit by an extensive Phoenix Locker infection; this strain of malware was developed by Russian scam artists calling themselves Evil Corp, which may have links to Russian intelligence. All Read more about American insurance giant CNA reportedly pays $40m to ransomware crooks[…]

Russian malware will often not install on computers with a Russian virtual keyboard installed

 KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed — such as Russian or Ukrainian […] DarkSide and other Russian-language affiliate moneymaking programs Read more about Russian malware will often not install on computers with a Russian virtual keyboard installed[…]

Colonial Pipeline hackers Darkside received $90 million in bitcoin

DarkSide, the hacker group behind the recent Colonial Pipeline ransomware attack, received a total of $90 million in bitcoin ransom payments before shutting down last week, according to new research. Colonial Pipeline was hit with a devastating cyberattack earlier this month that forced the company to shut down approximately 5,500 miles of pipeline in the Read more about Colonial Pipeline hackers Darkside received $90 million in bitcoin[…]

Darkside ransomware gang says it lost control of its servers & money a day after Biden threat

A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments. “A few hours ago, we lost access to the public Read more about Darkside ransomware gang says it lost control of its servers & money a day after Biden threat[…]

US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day

One of the USA’s largest oil pipelines has been shut by ransomware, leading the nation’s Federal Motor Carrier Safety Administration to issue a regional emergency declaration permitting the transport of fuel by road. The Colonial Pipeline says it carries 100 million gallons a day of refined fuels between Houston, Texas, and New York Harbor, or Read more about US declares emergency after ransomware shuts oil pipeline that pumps 100 million gallons a day[…]

Tesla Cars Hacked Remotely From Drone via Zero-Click Exploit

[…] The attack, dubbed TBONE, involves exploitation of two vulnerabilities affecting ConnMan, an internet connection manager for embedded devices. An attacker can exploit these flaws to take full control of the infotainment system of a Tesla without any user interaction. A hacker who exploits the vulnerabilities can perform any task that a regular user could Read more about Tesla Cars Hacked Remotely From Drone via Zero-Click Exploit[…]

China behind another hack as U.S. cybersecurity issues mount

China is behind a newly discovered series of hacks against key targets in the U.S. government, private companies and the country’s critical infrastructure, cybersecurity firm Mandiant said Wednesday. The hack works by breaking into Pulse Secure, a program that businesses often use to let workers remotely connect to their offices. The company announced Tuesday how Read more about China behind another hack as U.S. cybersecurity issues mount[…]

Passwordstate password manager Hacked, Exposing Users’ Passwords for 28 Hours with automatic update

Passwordstate, the enterprise password manager offered by Australian software developer Click Studios, was hacked earlier this week, exposing the passwords of an undisclosed number of its clients for approximately 28 hours. The hack was carried out through an upgrade feature for the password manager and potentially harvested the passwords of those who carried out upgrades. Read more about Passwordstate password manager Hacked, Exposing Users’ Passwords for 28 Hours with automatic update[…]

A Hacker Got All My Texts for $16 – SMS forwarding is a real problem for 2fa

I didn’t expect it to be that quick. While I was on a Google Hangouts call with a colleague, the hacker sent me screenshots of my Bumble and Postmates accounts, which he had broken into. Then he showed he had received texts that were meant for me that he had intercepted. Later he took over Read more about A Hacker Got All My Texts for $16 – SMS forwarding is a real problem for 2fa[…]

US investigates code testing hack that could affect thousands of companies

[…] A recent breach has prompted fears of another SolarWinds-style hack that could have ramifications for numerous large companies. Reuters reports that federal officials are investigating a hack at Codecov, a code testing firm with 29,000 customers that include Proctor & Gamble, the Washington Post and tech companies like Atlassian and GoDaddy. The intrusion appears Read more about US investigates code testing hack that could affect thousands of companies[…]

Aussie biz Azimuth cracked San Bernardino shooter’s iPhone, ending Apple-FBI privacy standoff in 2015

Australian security firm Azimuth has been identified as the experts who managed to crack a mass shooter’s iPhone that was at the center of an encryption standoff between the FBI and Apple. Until this week it had largely been assumed that Israeli outfit Cellebrite was hired to forcibly unlock an encrypted iPhone 5C used by Read more about Aussie biz Azimuth cracked San Bernardino shooter’s iPhone, ending Apple-FBI privacy standoff in 2015[…]

Millions of passwords leaked by hacked webshop Allekabels.nl

Webshop Allekabels has leaked private data and passwords of millions of Dutch people. It may be the largest password data breach in the Netherlands ever. Allekabels’ stolen database, containing the private data of some 3.6 million people, was put up for sale on a hacker forum at the end of January for a sum of Read more about Millions of passwords leaked by hacked webshop Allekabels.nl[…]