Supermicro hardware Hack: Yep did happen. How China Exploited a U.S. Tech Supplier Over Years

In 2010, the U.S. Department of Defense found thousands of its computer servers sending military network data to China—the result of code hidden in chips that handled the machines’ startup process. In 2014, Intel Corp. discovered that an elite Chinese hacking group breached its network through a single server that downloaded malware from a supplier’s Read more about Supermicro hardware Hack: Yep did happen. How China Exploited a U.S. Tech Supplier Over Years[…]

A Telegram Bot Is Selling Stolen Facebook User Info (500m of them1) for $20 a Pop

The phone numbers (and corresponding site IDs) of some 500 million Facebook users now appear to be for sale on a dark web cybercrime forum. The criminal or group of criminals responsible have constructed a Telegram bot to act as a search function for the data. Potential buyers can now use the bot to sift Read more about A Telegram Bot Is Selling Stolen Facebook User Info (500m of them1) for $20 a Pop[…]

Clop ransomware gang clips sensitive files from Atlantic Records’ London ad agency The7stars, dumps them online

A London ad agency that counts Atlantic Records, Suzuki, and Penguin Random House among its clients has had its files dumped online by a ransomware gang, The Register can reveal. The7stars, based in London’s West End, filed [PDF] revenues of £379.36m up from £326m, gross billing of £426m and net profit of £2.1m for the Read more about Clop ransomware gang clips sensitive files from Atlantic Records’ London ad agency The7stars, dumps them online[…]

Hackers Leak Data of 2.28 Million MeetMindful Users

Millions of users of the dating site MeetMindful got some unpleasant news on Sunday. ZDNet reported that the hacker group ShinyHunters, the same group who leaked millions of user records for the company that listed the “Camp Auschwitz” shirts, has dumped what appears to be data from the dating site’s user database. The leak purportedly Read more about Hackers Leak Data of 2.28 Million MeetMindful Users[…]

Laptops given to British schoolkids came preloaded with malware and talked to Russia when booted

A shipment of laptops supplied to British schoolkids by the Department for Education to help them learn under lockdown came preloaded with malware, The Register can reveal. The affected laptops, supplied to schools under the government’s Get Help With Technology (GHWT) scheme, which started last year, came bundled with the Gamarue malware – an old Read more about Laptops given to British schoolkids came preloaded with malware and talked to Russia when booted[…]

Chinese hackers stealing everything from flight passenger data to IP for past 3 years

NCC Group and Fox-IT have been tracking a threat group with a wide set of interests, from intellectual property (IP) from victims in the semiconductors industry through to passenger data from the airline industry. In their intrusions they regularly abuse cloud services from Google and Microsoft to achieve their goals. NCC Group and Fox-IT observed Read more about Chinese hackers stealing everything from flight passenger data to IP for past 3 years[…]

Beware This Text String That Can Crash Windows and ‘Corrupt’ Your Drive

Hackers are exploiting a strange bug that lets a simple text string ‘corrupt’ your Windows 10 or Windows XP computer’s hard drive if you extract a ZIP file, open a specific folder, or even click on a Windows shortcut. The hacker adds the text string to a folder’s location, and the moment you open it, bam—hard Read more about Beware This Text String That Can Crash Windows and ‘Corrupt’ Your Drive[…]

FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion

n an update and white paper [PDF] released on Tuesday, FireEye warned that the hackers – which intelligence services and computer security outfits have concluded were state-sponsored Russians – had specifically targeted two groups of people: those with access to high-level information, and sysadmins. But the targeting of those accounts will be difficult to detect, Read more about FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion[…]

Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments

While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor. We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to Read more about Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments[…]

Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers’ personal information

Networking vendor Ubiquiti has written to its customers to advise them of a possible leak of their personal information. “We recently became aware of unauthorized access to certain of our information technology systems hosted by a third-party cloud provider,” the email opens, before adding: “We have no indication that there has been unauthorized activity with Read more about Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers’ personal information[…]

Light Commands: Hacking Voice Assistants with Lasers / Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable

Our laser-based injection attack Light Commands shows how microphones can respond to light as if it was sound. By simply modulating the amplitude of laser light, we can inject fully inaudible and invisible commands into microphones of smart speakers, phones, and tablets, across large distances and through glass windows. In this talk, we will show: Read more about Light Commands: Hacking Voice Assistants with Lasers / Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable[…]

Compromised Amazon Ring Devices Combined With Swatting

Late last year, it was discovered that yet another set of IoT devices were being turned against their owners by malicious people. It would be a stretch to call these losers “hackers,” considering all they did was utilize credentials harvested from multiple security breaches to take control of poorly secured cameras made by Ring. Password Read more about Compromised Amazon Ring Devices Combined With Swatting[…]

Microsoft says SolarWinds hackers viewed source code

The hackers who carried out a sophisticated cyberattack on US government agencies and on private companies were able to access Microsoft’s source code, the company said Thursday. A Microsoft investigation turned up “unusual activity with a small number of internal accounts” and also revealed that “one account had been used to view source code in Read more about Microsoft says SolarWinds hackers viewed source code[…]

T-Mobile data breach exposed phone numbers, call records for 200k customers

T-Mobile has announced a data breach exposing customers’ proprietary network information (CPNI), including phone numbers and call records. Starting yesterday, T-Mobile began texting customers that a “security incident” exposed their account’s information. According to T-Mobile, its security team recently discovered “malicious, unauthorized access” to their systems. After bringing in a cybersecurity firm to perform an Read more about T-Mobile data breach exposed phone numbers, call records for 200k customers[…]

Ticketmaster To Pay $10 million After Illegally Hacking Rival’s System

Ticketmaster and its parent company, Live Nation, have agreed to pay out $10 million dollars to a competitor after admitting to hiring a former employee to hack into the rival company’s computer network. According to a statement issued by the Justice Department on Wednesday, the five criminal counts facing Ticketmaster stemmed from a plot to Read more about Ticketmaster To Pay $10 million After Illegally Hacking Rival’s System[…]

Vietnam targeted in complex supply chain attack through CA

A group of mysterious hackers has carried out a clever supply chain attack against Vietnamese private companies and government agencies by inserting malware inside an official government software toolkit. The attack, discovered by security firm ESET and detailed in a report named “Operation SignSight,” targeted the Vietnam Government Certification Authority (VGCA), the government organization that Read more about Vietnam targeted in complex supply chain attack through CA[…]

Dozens sue Amazon’s Ring after camera hack leads to threats and racial slurs – why do you have one anyway?

Dozens of people who say they were subjected to death threats, racial slurs, and blackmail after their in-home Ring smart cameras were hacked are suing the company over “horrific” invasions of privacy. A new class action lawsuit, which combines a number of cases filed in recent years, alleges that lax security measures at Ring, which Read more about Dozens sue Amazon’s Ring after camera hack leads to threats and racial slurs – why do you have one anyway?[…]

Why on Earth Is Someone Stealing Unpublished Book Manuscripts?

Earlier this month, the book industry website Publishers Marketplace announced that Little, Brown would be publishing “Re-Entry,” a novel by James Hannaham about a transgender woman paroled from a men’s prison. The book would be edited by Ben George. Two days later, Mr. Hannaham got an email from Mr. George, asking him to send the Read more about Why on Earth Is Someone Stealing Unpublished Book Manuscripts?[…]

iPhone security flaw let spies hack dozens of Al Jazeera journalists using NSO tools

Journalists appear to have fallen prone to a particularly sophisticated digital espionage campaign. According to the Guardian, Citizen Lab has discovered that operators using NSO Group software, nicknamed Kismet, hacked the iPhones of 37 journalists (most from Al Jazeera) using an iMessage vulnerability that had been present for roughly a year. The zero-click attacks left Read more about iPhone security flaw let spies hack dozens of Al Jazeera journalists using NSO tools[…]

Second hacking team was targeting SolarWinds at time of big breach, at least March

A second hacking group, different from the suspected Russian team now associated with the major SolarWinds data breach, also targeted the company’s products earlier this year, according to a security research blog by Microsoft. “The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion Read more about Second hacking team was targeting SolarWinds at time of big breach, at least March[…]

Hackers used SolarWinds’ dominance against it in sprawling spy campaign

There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told analysts on the Oct. 27 call. “We don’t think anyone else in the market is really even close in terms of the breadth of coverage we Read more about Hackers used SolarWinds’ dominance against it in sprawling spy campaign[…]

SolarWinds’ shares drop 22 per cent. But what’s this? $286m in stock sales just before hack announced?

Two Silicon Valley VC firms, Silver Lake and Thoma Bravo, sold hundreds of millions of dollars in SolarWinds shares just days before the software biz emerged at the center of a massive hacking campaign. Silver Lake and Thoma Bravo deny anything untoward. The two firms owned 70 per cent of SolarWinds, which produces networking monitoring Read more about SolarWinds’ shares drop 22 per cent. But what’s this? $286m in stock sales just before hack announced?[…]

Russia Breached Update Server Used by 300,000 Organizations, Including the NSA

Sunday Reuters reported that “a sophisticated hacking group” backed by “a foreign government” has stolen information from America’s Treasury Department, and also from “a U.S. agency responsible for deciding policy around the internet and telecommunications.” The Washington Post has since attributed the breach to “Russian government hackers,” and discovered it’s “part of a global espionage Read more about Russia Breached Update Server Used by 300,000 Organizations, Including the NSA[…]

EU agency in charge of COVID-19 vaccine approval hacked, vaccine documents stolen

The European Medicines Agency (EMA), the EU regulatory body in charge of approving COVID-19 vaccines, said today it was the victim of a cyber-attack. In a short two-paragraph statement posted on its website today, the agency discloses the security breach but said it couldn’t disclose any details about the intrusion due to an ongoing investigation. EMA is Read more about EU agency in charge of COVID-19 vaccine approval hacked, vaccine documents stolen[…]

Hackers are trying to disrupt the COVID-19 vaccine supply chain

Since the start of the coronavirus pandemic, we’ve seen hackers target efforts to develop a COVID-19 vaccine, but it now seems they’re shifting their attention to the supply chain that will distribute those vaccines to people across the world. IBM says it recently uncovered a highly coordinated global phishing campaign focused on the companies and Read more about Hackers are trying to disrupt the COVID-19 vaccine supply chain[…]