From the crew behind the Sony Pictures hack comes Operation Interception: An aerospace cyber-attack thriller

Threat intel researchers have uncovered a phishing and malware campaign that targeted “a large European aerospace company” and which was run by the same North Koreans behind the hack of Sony Pictures. While there are quite a few European aerospace firms, Slovakian infosec biz ESET was more concerned with the phishing ‘n’ malware campaign it Read more about From the crew behind the Sony Pictures hack comes Operation Interception: An aerospace cyber-attack thriller[…]

Spies Can Eavesdrop by Watching a Light Bulb’s Vibrations

The list of sophisticated eavesdropping techniques has grown steadily over years: wiretaps, hacked phones, bugs in the wall—even bouncing lasers off of a building’s glass to pick up conversations inside. Now add another tool for audio spies: Any light bulb in a room that might be visible from a window. Researchers from Israeli’s Ben-Gurion University Read more about Spies Can Eavesdrop by Watching a Light Bulb’s Vibrations[…]

Obscure Indian cyber firm spied on politicians, investors worldwide

New Delhi-based BellTroX InfoTech Services targeted government officials in Europe, gambling tycoons in the Bahamas, and well-known investors in the United States including private equity giant KKR and short seller Muddy Waters, according to three former employees, outside researchers, and a trail of online evidence. Aspects of BellTroX’s hacking spree aimed at American targets are Read more about Obscure Indian cyber firm spied on politicians, investors worldwide[…]

It wasn’t just a few credit cards: Entire travel itineraries were stolen by hackers, Easyjet now tells victims

Victims of the Easyjet hack are now being told their entire travel itineraries were accessed by hackers who helped themselves to nine million people’s personal details stored by the budget airline. As reported earlier this week, the data was stolen from the airline between October 2019 and January this year. Easyjet kept quiet about the Read more about It wasn’t just a few credit cards: Entire travel itineraries were stolen by hackers, Easyjet now tells victims[…]

The Unattributable “db8151dd” Data Breach with 22M people in it turns out to be Covve hack

I was reticent to write this blog post because it leaves a lot of questions unanswered, questions that we should be able to answer. It’s about a data breach with almost 90GB of personal information in it across tens of millions of records – including mine. Here’s what I know: Back in Feb, Dehashed reached Read more about The Unattributable “db8151dd” Data Breach with 22M people in it turns out to be Covve hack[…]

Supercomputers hacked across Europe to mine cryptocurrency

Multiple supercomputers across Europe have been infected this week with cryptocurrency mining malware and have shut down to investigate the intrusions. Security incidents have been reported in the UK, Germany, and Switzerland, while a similar intrusion is rumored to have also happened at a high-performance computing center located in Spain. The first report of an Read more about Supercomputers hacked across Europe to mine cryptocurrency[…]

Papa don’t breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm ‘hack’

Hackers are threatening to release 756GB of A-list celebs’ contracts, recording deals, and other personal info allegedly stolen from a New York law firm. The miscreants have seemingly got their hands on confidential agreements, private correspondence, contact details, and other information belonging to superstars, including Madonna, Christina Aguilera, Sir Elton John, Run DMC, Bruce Springsteen, Read more about Papa don’t breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm ‘hack’[…]

PrintDemon vulnerability impacts all Windows versions | ZDNet

Two security researchers have published today details about a vulnerability in the Windows printing service that they say impacts all Windows versions going back to Windows NT 4, released in 1996. The vulnerability, which they codenamed PrintDemon, is located in Windows Print Spooler, the primary Windows component responsible for managing print operations. The service can Read more about PrintDemon vulnerability impacts all Windows versions | ZDNet[…]

5 minutes with a Thunderbolt machine leaves it completely open using Thunderspy – evil maids don’t need much knowledge

Thunderspy targets devices with a Thunderbolt port. If your computer has such a port, an attacker who gets brief physical access to it can read and copy all your data, even if your drive is encrypted and your computer is locked or set to sleep. Thunderspy is stealth, meaning that you cannot find any traces Read more about 5 minutes with a Thunderbolt machine leaves it completely open using Thunderspy – evil maids don’t need much knowledge[…]

Hackers hide web skimmer behind a website’s favicon

a hacker group created a fake icons hosting website in order to disguise malicious code meant to steal payment card data from hacked websites. The operation is what security researchers refer to these days as a web skimming, e-skimming, or a Magecart attack. Hackers breach websites and then hide malicious code on its pages, code Read more about Hackers hide web skimmer behind a website’s favicon[…]

Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache

The details of 44 million Pakistani mobile subscribers have leaked online this week, ZDNet has learned. The leak comes after a hacker tried to sell a package containing 115 million Pakistani mobile user records last month for a price of $2.1 million in bitcoin. ZDNet has obtained copies of both data sets. We received the Read more about Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache[…]

Trolls, bots flooding social media with anti-quarantine disinformation

Christopher Bouzy, the founder of bot tracking platform Bot Sentinel, conducted a Twitter analysis for Business Insider and found bots and trolls are using hashtags like #ReOpenNC, #ReopenAmericaNow, #StopTheMadness, #ENDTHESHUTDOWN, and #OperationGridlock to spread disinformation. According to Bouzy, the bots and trolls are spreading conspiracy theories about Democrats wanting to hurt the economy to make Read more about Trolls, bots flooding social media with anti-quarantine disinformation[…]

How Spies Snuck Malware Into the Google Play Store—Again and Again: by upgrading a vetted app

At a remote virtual version of its annual Security Analyst Summit, researchers from the Russian security firm Kaspersky today plan to present research about a hacking campaign they call PhantomLance, in which spies hid malware in the Play Store to target users in Vietnam, Bangladesh, Indonesia, and India. Unlike most of the shady apps found Read more about How Spies Snuck Malware Into the Google Play Store—Again and Again: by upgrading a vetted app[…]

Facebook Accuses NSO Group of Using U.S. Servers for Spying, infecting phones via WhatsApp

In a filing released on Thursday in federal court in Oakland, California, lawyers representing the social media giant alleged that NSO Group had used a network of remote servers in California to hack into phones and devices that were used by attorneys, journalists, human rights activists, government officials and others. NSO Group has argued that Read more about Facebook Accuses NSO Group of Using U.S. Servers for Spying, infecting phones via WhatsApp[…]

Bad news: Cognizant hit by ransomware Maze, which leaks customers’ data online after non-payment

New Jersey IT services provider Cognizant has confirmed it is the latest victim of the Maze ransomware. The infection was disclosed to the public this weekend. Cognizant said the malware outbreak will likely disrupt service for some of its customers, and possibly put them in danger as well. Maze is unusual among ransomware strains in Read more about Bad news: Cognizant hit by ransomware Maze, which leaks customers’ data online after non-payment[…]

Medical Device ‘Jailbreak’ Could Help Solve the Dangerous Shortage of Ventilators

Security researcher Trammell Hudson analyzed the AirSense 10 — the world’s most widely used CPAP — and made a startling discovery. Although its manufacturer says the AirSense 10 would require “significant rework to function as a ventilator,” many ventilator functions were already built into the device firmware. Its manufacturer, ResMed, says the $700 device solely Read more about Medical Device ‘Jailbreak’ Could Help Solve the Dangerous Shortage of Ventilators[…]

Chinas Winnti group stayed under the radar for a decade by aiming for Linux servers

A group of hackers operating as an offshoot of China’s Winnti group managed to stay undetected for more than a decade by going open source. A report from BlackBerry outlines how the group, actually a collection of five smaller crews of hackers thought to be state-sponsored, assembled in the wake of Winnti and exploited Linux Read more about Chinas Winnti group stayed under the radar for a decade by aiming for Linux servers[…]

A hacker has wiped, defaced more than 15,000 Elasticsearch servers

For the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame. According to security researcher John Wethington, one of the people who Read more about A hacker has wiped, defaced more than 15,000 Elasticsearch servers[…]

Marriott Hotels hacked AGAIN: Two compromised employee logins abused to siphon off guests’ personal info

Marriott Hotels has suffered its second data spillage in as many years after an “unexpected amount” of guests’ data was accessed through two compromised employee logins, the under-fire chain has confirmed. The size of the latest data exposure has not been disclosed, though Marriott admitted it seemed to have started in January 2020 and was Read more about Marriott Hotels hacked AGAIN: Two compromised employee logins abused to siphon off guests’ personal info[…]

Hacker hijacks all Microsoft and CCC YouTube accounts to broadcast crypto Ponzi scam

A hacker has hijacked all of Microsoft’s official YouTube accounts and is broadcasting a cryptocurrency Ponzi scam to the company’s subscribers, ZDNet has learned from one of our readers. The hacks appear to have occurred about 13 hours ago, according to our source. The hijacked accounts are still streaming at the time of writing, despite Read more about Hacker hijacks all Microsoft and CCC YouTube accounts to broadcast crypto Ponzi scam[…]

Hackers target WHO as cyberattacks double

WHO Chief Information Security Officer Flavio Aggio said the identity of the hackers was unclear and the effort was unsuccessful. But he warned that hacking attempts against the agency and its partners have soared as they battle to contain the coronavirus, which has killed more than 15,000 worldwide. The attempted break-in at the WHO was Read more about Hackers target WHO as cyberattacks double[…]

Chinese security firm says CIA hacked Chinese targets for the past 11 years

China’s largest cyber-security vendor has published today a report accusing the CIA of hacking Chinese companies and government agencies for more than 11 years. The report, authored by Qihoo 360, claims the CIA hacked targets in China’s aviation industry, scientific research institutions, petroleum industry, Internet companies, and government agencies. CIA hacking operations took place between Read more about Chinese security firm says CIA hacked Chinese targets for the past 11 years[…]

Details of 10.6 million Vegas MGM hotel guests posted on a hacking forum

The personal details of more than 10.6 million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. Besides details for regular tourists and travelers, included in the leaked files are also personal and contact details for celebrities, tech CEOs, reporters, government officials, and employees at some of the Read more about Details of 10.6 million Vegas MGM hotel guests posted on a hacking forum[…]