FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion

n an update and white paper [PDF] released on Tuesday, FireEye warned that the hackers – which intelligence services and computer security outfits have concluded were state-sponsored Russians – had specifically targeted two groups of people: those with access to high-level information, and sysadmins. But the targeting of those accounts will be difficult to detect, Read more about FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion[…]

Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments

While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor. We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to Read more about Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments[…]

Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers’ personal information

Networking vendor Ubiquiti has written to its customers to advise them of a possible leak of their personal information. “We recently became aware of unauthorized access to certain of our information technology systems hosted by a third-party cloud provider,” the email opens, before adding: “We have no indication that there has been unauthorized activity with Read more about Ubiquiti iniquity: Wi-Fi box slinger warns hackers may have peeked at customers’ personal information[…]

Light Commands: Hacking Voice Assistants with Lasers / Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable

Our laser-based injection attack Light Commands shows how microphones can respond to light as if it was sound. By simply modulating the amplitude of laser light, we can inject fully inaudible and invisible commands into microphones of smart speakers, phones, and tablets, across large distances and through glass windows. In this talk, we will show: Read more about Light Commands: Hacking Voice Assistants with Lasers / Light Commands: Laser-Based Audio Injection Attacks on Voice-Controllable[…]

Compromised Amazon Ring Devices Combined With Swatting

Late last year, it was discovered that yet another set of IoT devices were being turned against their owners by malicious people. It would be a stretch to call these losers “hackers,” considering all they did was utilize credentials harvested from multiple security breaches to take control of poorly secured cameras made by Ring. Password Read more about Compromised Amazon Ring Devices Combined With Swatting[…]

Microsoft says SolarWinds hackers viewed source code

The hackers who carried out a sophisticated cyberattack on US government agencies and on private companies were able to access Microsoft’s source code, the company said Thursday. A Microsoft investigation turned up “unusual activity with a small number of internal accounts” and also revealed that “one account had been used to view source code in Read more about Microsoft says SolarWinds hackers viewed source code[…]

T-Mobile data breach exposed phone numbers, call records for 200k customers

T-Mobile has announced a data breach exposing customers’ proprietary network information (CPNI), including phone numbers and call records. Starting yesterday, T-Mobile began texting customers that a “security incident” exposed their account’s information. According to T-Mobile, its security team recently discovered “malicious, unauthorized access” to their systems. After bringing in a cybersecurity firm to perform an Read more about T-Mobile data breach exposed phone numbers, call records for 200k customers[…]

Ticketmaster To Pay $10 million After Illegally Hacking Rival’s System

Ticketmaster and its parent company, Live Nation, have agreed to pay out $10 million dollars to a competitor after admitting to hiring a former employee to hack into the rival company’s computer network. According to a statement issued by the Justice Department on Wednesday, the five criminal counts facing Ticketmaster stemmed from a plot to Read more about Ticketmaster To Pay $10 million After Illegally Hacking Rival’s System[…]

Vietnam targeted in complex supply chain attack through CA

A group of mysterious hackers has carried out a clever supply chain attack against Vietnamese private companies and government agencies by inserting malware inside an official government software toolkit. The attack, discovered by security firm ESET and detailed in a report named “Operation SignSight,” targeted the Vietnam Government Certification Authority (VGCA), the government organization that Read more about Vietnam targeted in complex supply chain attack through CA[…]

Dozens sue Amazon’s Ring after camera hack leads to threats and racial slurs – why do you have one anyway?

Dozens of people who say they were subjected to death threats, racial slurs, and blackmail after their in-home Ring smart cameras were hacked are suing the company over “horrific” invasions of privacy. A new class action lawsuit, which combines a number of cases filed in recent years, alleges that lax security measures at Ring, which Read more about Dozens sue Amazon’s Ring after camera hack leads to threats and racial slurs – why do you have one anyway?[…]

Why on Earth Is Someone Stealing Unpublished Book Manuscripts?

Earlier this month, the book industry website Publishers Marketplace announced that Little, Brown would be publishing “Re-Entry,” a novel by James Hannaham about a transgender woman paroled from a men’s prison. The book would be edited by Ben George. Two days later, Mr. Hannaham got an email from Mr. George, asking him to send the Read more about Why on Earth Is Someone Stealing Unpublished Book Manuscripts?[…]

iPhone security flaw let spies hack dozens of Al Jazeera journalists using NSO tools

Journalists appear to have fallen prone to a particularly sophisticated digital espionage campaign. According to the Guardian, Citizen Lab has discovered that operators using NSO Group software, nicknamed Kismet, hacked the iPhones of 37 journalists (most from Al Jazeera) using an iMessage vulnerability that had been present for roughly a year. The zero-click attacks left Read more about iPhone security flaw let spies hack dozens of Al Jazeera journalists using NSO tools[…]

Second hacking team was targeting SolarWinds at time of big breach, at least March

A second hacking group, different from the suspected Russian team now associated with the major SolarWinds data breach, also targeted the company’s products earlier this year, according to a security research blog by Microsoft. “The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion Read more about Second hacking team was targeting SolarWinds at time of big breach, at least March[…]

Hackers used SolarWinds’ dominance against it in sprawling spy campaign

There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told analysts on the Oct. 27 call. “We don’t think anyone else in the market is really even close in terms of the breadth of coverage we Read more about Hackers used SolarWinds’ dominance against it in sprawling spy campaign[…]

SolarWinds’ shares drop 22 per cent. But what’s this? $286m in stock sales just before hack announced?

Two Silicon Valley VC firms, Silver Lake and Thoma Bravo, sold hundreds of millions of dollars in SolarWinds shares just days before the software biz emerged at the center of a massive hacking campaign. Silver Lake and Thoma Bravo deny anything untoward. The two firms owned 70 per cent of SolarWinds, which produces networking monitoring Read more about SolarWinds’ shares drop 22 per cent. But what’s this? $286m in stock sales just before hack announced?[…]

Russia Breached Update Server Used by 300,000 Organizations, Including the NSA

Sunday Reuters reported that “a sophisticated hacking group” backed by “a foreign government” has stolen information from America’s Treasury Department, and also from “a U.S. agency responsible for deciding policy around the internet and telecommunications.” The Washington Post has since attributed the breach to “Russian government hackers,” and discovered it’s “part of a global espionage Read more about Russia Breached Update Server Used by 300,000 Organizations, Including the NSA[…]

EU agency in charge of COVID-19 vaccine approval hacked, vaccine documents stolen

The European Medicines Agency (EMA), the EU regulatory body in charge of approving COVID-19 vaccines, said today it was the victim of a cyber-attack. In a short two-paragraph statement posted on its website today, the agency discloses the security breach but said it couldn’t disclose any details about the intrusion due to an ongoing investigation. EMA is Read more about EU agency in charge of COVID-19 vaccine approval hacked, vaccine documents stolen[…]

Hackers are trying to disrupt the COVID-19 vaccine supply chain

Since the start of the coronavirus pandemic, we’ve seen hackers target efforts to develop a COVID-19 vaccine, but it now seems they’re shifting their attention to the supply chain that will distribute those vaccines to people across the world. IBM says it recently uncovered a highly coordinated global phishing campaign focused on the companies and Read more about Hackers are trying to disrupt the COVID-19 vaccine supply chain[…]

NSA Spied On Denmark As It Chose Its Future Fighter Aircraft: Report – also FR, NL, DE, NO, SE

Reports in the Danish media allege that the United States spied on the country’s government and its defense industry, as well as other European defense contractors, in an attempt to gain information on its fighter acquisition program. The revelations, published online by DR, Denmark’s Danish public-service broadcaster, concern the run-up to the fighter competition that Read more about NSA Spied On Denmark As It Chose Its Future Fighter Aircraft: Report – also FR, NL, DE, NO, SE[…]

Army Hires Company To Develop Cyber Defenses For Its Strykers After They Were Hacked

On Nov. 16, 2020, Virginia-based cybersecurity firm Shift5, Inc. announced that it had received a $2.6 million contract from the Army’s Rapid Capabilities and Critical Technologies Office (RCCTO) to “provide unified cybersecurity prototype kits designed to help protect the operational technology of the Army’s Stryker combat vehicle platform.” The company says it first pitched its Read more about Army Hires Company To Develop Cyber Defenses For Its Strykers After They Were Hacked[…]

Ticketmaster cops £1.25m ICO fine for 2018 Magecart breach, blames someone else and vows to appeal

The Information Commissioner’s Office has fined Ticketmaster £1.25m after the site’s operators failed to spot a Magecart card skimmer infection until after 9 million customers’ details had been slurped by criminals. The breach began in February 2018 and was not detected until April, when banks realised their customers’ cards were being abused by criminals immediately Read more about Ticketmaster cops £1.25m ICO fine for 2018 Magecart breach, blames someone else and vows to appeal[…]

Campari Ransomware Hackers Take Out Facebook Ads to Get Paid

The Campari Group recently experienced a ransomware attack that allegedly shut down the company’s servers. The malware, created by the RagnarLocker gang, essentially locked corporate servers and allowed the hackers to exfiltrate “2 terabytes” of data, according to the hackers. On Nov. 6, the company wrote, “at this stage, we cannot completely exclude that some Read more about Campari Ransomware Hackers Take Out Facebook Ads to Get Paid[…]

Dickey’s Barbecue Pit Hackers May Have 3M Stolen Credit Cards

Hackers are currently selling a trove of 3 million credit card numbers and customer records apparently stolen from Dickey’s Barbecue Pit, one of the biggest barbecue chains in the United States. The company made a statement today about the hack, suggesting that charges made to the stolen cards will be reversed. […] Security firm Gemini Read more about Dickey’s Barbecue Pit Hackers May Have 3M Stolen Credit Cards[…]

Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info

Barnes and Noble tonight confirmed it was hacked, and that its customers’ personal information may have been accessed by the intruders. The cyber-break-in forced the bookseller to take its systems offline this week to clean up the mess. See our update at the end of this piece. Our original report follows. Bookseller Barnes and Noble’s Read more about Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info[…]

German Hospital Hacked, Patient Taken to Another City Dies- First documented cyberattack fatality?

German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment. The Duesseldorf University Clinic’s systems have been disrupted since last Read more about German Hospital Hacked, Patient Taken to Another City Dies- First documented cyberattack fatality?[…]