An ex-Ubiquiti engineer, Nickolas Sharp, was sentenced to six years in prison yesterday after pleading guilty in a New York court to stealing tens of gigabytes of confidential data, demanding a $1.9 million ransom from his former employer, and then publishing the data publicly when his demands were refused. […] In a court document, Sharp Read more about Ex-Ubiquiti engineer behind “breathtaking” data theft, attempts to frame co-workers, calls it a security drill, assaults stock price: 6-year prison term[…]

Miscreants have infected millions of Androids worldwide with malicious firmware before the devices even shipped from their factories, according to Trend Micro researchers at Black Hat Asia. This hardware is mainly cheapo Android mobile devices, though smartwatches, TVs, and other things are caught up in it. The gadgets have their manufacturing outsourced to an original Read more about Millions of mobile phones come pre-infected with malware[…]

The Medusa ransomware gang has put online what it claims is a massive leak of internal Microsoft materials, including Bing and Cortana source code. “This leak is of more interest to programmers, since it contains the source codes of the following Bing products, Bing Maps and Cortana,” the crew wrote on its website, which was Read more about Medusa ransomware crew boasts of Microsoft Bing and Cortana code leak[…]

Shadetree hackers—or, as they’re more commonly called, tech-savvy thieves—have found a new way to steal cars. No, it’s not a relay attack, Bluetooth exploit, key fob replay, or even a USB cable. Instead, these thieves are performing a modern take on hot-wiring without ever ripping apart the steering column. Crafty criminals have resorted to using Read more about Hackers Are Stealing Cars by Injecting Code Into Headlight Wiring[…]

Several law enforcement agencies have teamed up to take down Genesis Market, a website selling access to “over 80 million account access credentials,” which included the standard usernames and passwords, as well as much more dangerous data like session tokens. According to a press release from the US Department of Justice, the site was seized Read more about Find out if your account was part of the FBI’s Operation Cookie Monster bust – 80 million people were[…]

A unit of the Russian military intelligence service GROe has hacked routers of Dutch private individuals and small and medium-sized companies. The Military Intelligence Service (MIVD) has discovered this, writes de Volkskrant. The routers are part of a worldwide attack network and can, for example, destroy or paralyze the network of ministries. It is estimated Read more about Russian military intelligence hacks Dutch routers[…]

[…] The software engineers behind these systems are employees of NTC Vulkan. On the surface, it looks like a run-of-the-mill cybersecurity consultancy. However, a leak of secret files from the company has exposed its work bolstering Vladimir Putin’s cyberwarfare capabilities. Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military Read more about ‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics[…]

American university researchers have developed a novel attack called “Near-Ultrasound Inaudible Trojan” (NUIT) that can launch silent attacks against devices powered by voice assistants, like smartphones, smart speakers, and other IoTs. The team of researchers consists of professor Guenevere Chen of the University of Texas in San Antonio (UTSA), her doctoral student Qi Xia, and Read more about Inaudible ultrasound attack can stealthily control your phone, smart speaker[…]

Health data and other personal information of members of Congress and staff were stolen during a breach of servers run by DC Health Care Link and are now up for sale on the dark web. The FBI is investigating the intrusion, which came to light Wednesday after Catherine Szpindor, the House of Representatives’ chief administrative Read more about US House reps, staff health data stolen in cyberattack[…]

BlackLotus, a UEFI bootkit that’s sold on hacking forums for about $5,000, can now bypass Secure Boot, making it the first known malware to run on Windows systems even with the firmware security feature enabled. Secure Boot is supposed to prevent devices from running unauthorized software on Microsoft machines. But by targeting UEFI the BlackLotus Read more about It’s official: BlackLotus malware can bypass UEFI secure boot[…]

On Wednesday, I phoned my bank’s automated service line. To start, the bank asked me to say in my own words why I was calling. Rather than speak out loud, I clicked a file on my nearby laptop to play a sound clip: “check my balance,” my voice said. But this wasn’t actually my voice. Read more about How I Broke Into a Bank Account With an AI-Generated Voice[…]

Microsoft Edge has been spotted inserting a banner into the Chrome download page on Google.com begging people to stick with the Windows giant’s browser. As noted this week by Neowin, an attempt to download and install Chrome Canary using Edge Canary – both experimental browser builds – led to the presentation in the Edge browser Read more about Microsoft feels free to edit websites you browse: begs people to stick to Edge on Chrome download page[…]

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a recovery script to help companies whose servers were scrambled in the recent ESXiArgs ransomware outbreak. The malware attack hit thousands of servers over the globe but there’s no need to enrich criminals any more. In addition to the script, CISA and the FBI today Read more about Among ESXiArgs’ ransomware victims? FBI, CISA here to help[…]

[…] Kaspersky discovered two new Prilex variants in early 2022 and found a third in November that can target NFC-enabled credit cards and block contactless transactions, forcing payers over to the less-secure PIN machines. “The goal here is to force the victim to use their physical card by inserting it into the PIN pad reader, Read more about Prilex POS malware can block contactless payments, force PIN use[…]

A Dutch hacker arrested in November obtained and offered for sale the full name, address and date of birth of virtually everyone in Austria, the Alpine nation’s police said on Wednesday. A user believed to be the hacker offered the data for sale in an online forum in May 2020, presenting it as “the full Read more about Dutch hacker obtained, sold virtually all Austrians’ (and Dutch and Colombian?) personal data[…]

Thousands of people who use Norton password manager began receiving emailed notices this month alerting them that an unauthorized party may have gained access to their personal information along with the passwords they have stored in their vaults. Gen Digital, Norton’s parent company, said the security incident was the result of a credential-stuffing attack rather Read more about Up to 925000 Norton LifeLock Accounts Targeted in credential stuffing attack[…]

how to completely own an airline in 3 easy steps and grab the TSA nofly list along the way note: this is a slightly more technical* and comedic write up of the story covered by my friends over at dailydot, which you can read here *i say slightly since there isnt a whole lot of Read more about Airline owned through open Jenkins and hardcoded AWS – TSA NoFly List found and exposed[…]

[…] The short version of the latest drama is this: data stolen from Twitter more than a year ago found its way onto a major dark web marketplace this week. The asking price? The crypto equivalent of $2. In other words, it’s basically being given away for free. The hacker who posted the data haul, Read more about 200 Million Twitter Users’ Data for Sale on the Dark Web for $2[…]

Last week, just before Christmas, LastPass dropped a bombshell announcement: as the result of a breach in August, which led to another breach in November, hackers had gotten their hands on users’ password vaults. While the company insists that your login information is still secure, some cybersecurity experts are heavily criticizing its post, saying that Read more about The LastPass disclosure of leaked password vaults is being torn apart by security experts[…]

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States. The attack method, named EarSpy, is described in a paper published just Read more about EarSpy: Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer[…]

In a reminder of smart home security’s dark side, two people hacked Ring security cameras to livestream swattings, according to a Los Angeles grand jury indictment (according to a report from Bloomberg). The pair called in hoax emergencies to authorities and livestreamed the police response on social media in late 2020. James Thomas Andrew McCarty, Read more about Two people charged with hacking Ring security cameras to livestream swattings[…]

Password locker LastPass has warned customers that the August 2022 attack on its systems saw unknown parties copy encrypted files that contains the passwords to their accounts. In a December 22nd update to its advice about the incident, LastPass brings customers up to date by explaining that the August 2022 attack saw “some source code Read more about LastPass admits attackers copied password vaults[…]

[…] this modchip-based hack of a Starlink terminal brings us. [Lennert Wouters]’ team has been poking and prodding at the Starlink User Terminal, trying to get root access, and needed to bypass the ARM Trusted Firmware boot-time integrity checks. The terminal’s PCB is satellite-dish-sized, so things like laser fault injection are hard to set up Read more about A Modchip To Root Starlink User Terminals Through Voltage Glitching[…]

Thousands of smartphone applications in Apple (AAPL.O) and Google’s (GOOGL.O) online stores contain computer code developed by a technology company, Pushwoosh, that presents itself as based in the United States, but is actually Russian, Reuters has found. […] The U.S. Army said it had removed an app containing Pushwoosh code in March because of the Read more about Russian software disguised as American finds its way into U.S. Army, CDC apps[…]

Hackers who stole customer data from Australia’s largest health insurer Medibank have released a file of pregnancy terminations. It follows Medibank’s refusal to pay a ransom for the data, supported by the Australian government. Medibank urged the public to not seek out the files, which contain the names of policy holders rather than patients. CEO Read more about Medibank: Hackers release abortion data after stealing Australian medical records[…]