Winter Vivern, believed to be a Belarus-aligned hacker, attacked European government entities and a think tank starting on Oct. 11, according to an Ars Technica report Wednesday. ESET Research discovered the hack that exploited a zero-day vulnerability in Roundcube, a webmail server with millions of users, and allowed the pro-Russian group to exfiltrate sensitive emails. Read more about Hackers Target European Government With Roundcube Webmail Bug[…]

Citrix has urged admins to “immediately” apply a fix for CVE-2023-4966, a critical information disclosure bug that affects NetScaler ADC and NetScaler Gateway, admitting it has been exploited. Plus, there’s a proof-of-concept exploit, dubbed Citrix Bleed, now on GitHub. So if you are using an affected build, at this point assume you’ve been compromised, apply Read more about Citrix urges “immediate” patching as exploit POC[…]

MGM Resorts has admitted that the cyberattack it suffered in September will likely cost the company at least $100 million. The effects of the attack are expected to make a substantial dent in the entertainment giant’s third-quarter earnings and still have a noticeable impact in its Q4 too, although this is predicted to be “minimal.” Read more about MGM Resorts cyberattack to cost $100 million[…]

Genetic testing giant 23andMe confirmed that a data scraping incident resulted in hackers gaining access to sensitive user information and selling it on the dark web. The information of nearly 7 million 23andMe users was offered for sale on a cybercriminal forum this week. The information included origin estimation, phenotype, health information, photos, identification data Read more about 23andMe DNA site scraping incident leaked data on 1.3 million users[…]

Commercial spyware has exploited a security hole in Arm’s Mali GPU drivers to compromise some people’s devices, according to Google today. These graphics processors are used in a ton of gear, from phones and tablets to laptops and cars, so the kernel-level vulnerability may be present in countless equipment. This includes Android handsets made by Read more about Arm patches Mali GPU driver bug exploited by spyware[…]

On August 15, 2023, the threat actor “Ransomed,” operating under the alias “RansomForums,” posted on Telegram advertising their new forum and Telegram chat channel. On the same day, the domain ransomed[.]vc was registered. But before activity on Ransomed had even really begun, the forum was the victim of a distributed denial-of-service (DDoS) attack. In response, Read more about Ransomed.vc: Using the GDPR fine as a benchmark to ransom stolen data[…]

Hackers backed by the Chinese government are planting malware into routers that provides long-lasting and undetectable backdoor access to the networks of multinational companies in the US and Japan, governments in both countries said Wednesday. The hacking group, tracked under names including BlackTech, Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda, has been operating since at Read more about Backdoored Firmware Lets China State Hackers Control Routers With ‘Magic Packets’[…]

An anonymous reader quotes a report from Engadget: The ALPHV/BlackCat ransomware group claimed responsibility for the MGM Resorts cyber outage on Tuesday, according to a post by malware archive vx-underground. The group claims to have used common social engineering tactics, or gaining trust from employees to get inside information, to try and get a ransom Read more about Hackers Claim It Only Took a 10-Minute Phone Call To Shut Down MGM Resorts – stock down 6% already[…]

An anonymous reader shared this report from Bloomberg: China-linked hackers breached the corporate account of a Microsoft engineer and are suspected of using that access to steal a valuable key that enabled the hack of senior U.S. officials’ email accounts, the company said in a blog post. The hackers used the key to forge authentication Read more about China Breached Microsoft Engineer Account Compromised the Email Accounts of US Officials – By finding key in crash dumps[…]

[…] On Monday, local news outlets in Las Vegas caught wind of various complaints from patrons of MGM businesses; some said ATMs at associated hotels and casinos didn’t appear to be working; others said their hotel room keys had stopped functioning; still others noted that bars and restaurants located within MGM complexes had suddenly been Read more about MGM Resorts Hit By Cyberattack; Hotels and Casinos Impacted[…]

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely Read more about Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach[…]

Reuters found cyber-espionage teams linked to the North Korean government, which security researchers call ScarCruft and Lazarus, secretly installed stealthy digital backdoors into systems at NPO Mashinostroyeniya, a rocket design bureau based in Reutov, a small town on the outskirts of Moscow. Reuters could not determine whether any data was taken during the intrusion or Read more about North Korean hackers put backdoors in Russian hypersonic missile maker computers[…]

Mobile PINs are a lot like passwords in that there are a number of very common ones, and [Mobile Hacker] has a clever proof of concept that uses a tiny microcontroller development board to emulate a keyboard to test the 20 most common unlock PINs on an Android device. Trying the twenty most common PINs Read more about Brute Forcing A Mobile’s PIN Over USB With A $3 Board[…]

lop, the ransomware gang responsible for exploiting a critical security vulnerability in a popular corporate file transfer tool, has begun listing victims of the mass-hacks, including a number of U.S. banks and universities. The Russia-linked ransomware gang has been exploiting the security flaw in MOVEit Transfer, a tool used by corporations and enterprises to share Read more about Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities, federal and state govt, huge companies, more more more[…]

The Google Play Store suspended an app that combines a web browser with a file manager after a Digital Millennium Copyright Act (DMCA) complaint pointed out that the app is capable of loading a piracy website—even though that same pirate website can be loaded on any standard browser, including Google Chrome. The free app, which Read more about Google bans Downloader app after TV firms complain it can load a pirate website – Firefox, Opera, IE, Chrome, Safari: look out![…]

Chinese researchers say they successfully bypassed fingerprint authentication safeguards on smartphones by staging a brute force attack. Researchers at Zhejiang University and Tencent Labs capitalized on vulnerabilities of modern smartphone fingerprint scanners to stage their break-in operation, which they named BrutePrint. Their findings are published on the arXiv preprint server. A flaw in the Match-After-Lock Read more about Brute-force attack bypasses Android biometric fingerprint defense[…]

Three digital marketing firms have agreed to pay $615,000 to resolve allegations that they submitted at least 2.4 million fake public comments to influence American internet policy. New York Attorney General Letitia James announced last week the agreement with LCX, Lead ID, and Ifficient, each of which was found to have fabricated public comments submitted Read more about Fallout continues from fake net neutrality comments[…]

An ex-Ubiquiti engineer, Nickolas Sharp, was sentenced to six years in prison yesterday after pleading guilty in a New York court to stealing tens of gigabytes of confidential data, demanding a $1.9 million ransom from his former employer, and then publishing the data publicly when his demands were refused. […] In a court document, Sharp Read more about Ex-Ubiquiti engineer behind “breathtaking” data theft, attempts to frame co-workers, calls it a security drill, assaults stock price: 6-year prison term[…]

Miscreants have infected millions of Androids worldwide with malicious firmware before the devices even shipped from their factories, according to Trend Micro researchers at Black Hat Asia. This hardware is mainly cheapo Android mobile devices, though smartwatches, TVs, and other things are caught up in it. The gadgets have their manufacturing outsourced to an original Read more about Millions of mobile phones come pre-infected with malware[…]

The Medusa ransomware gang has put online what it claims is a massive leak of internal Microsoft materials, including Bing and Cortana source code. “This leak is of more interest to programmers, since it contains the source codes of the following Bing products, Bing Maps and Cortana,” the crew wrote on its website, which was Read more about Medusa ransomware crew boasts of Microsoft Bing and Cortana code leak[…]

Shadetree hackers—or, as they’re more commonly called, tech-savvy thieves—have found a new way to steal cars. No, it’s not a relay attack, Bluetooth exploit, key fob replay, or even a USB cable. Instead, these thieves are performing a modern take on hot-wiring without ever ripping apart the steering column. Crafty criminals have resorted to using Read more about Hackers Are Stealing Cars by Injecting Code Into Headlight Wiring[…]

Several law enforcement agencies have teamed up to take down Genesis Market, a website selling access to “over 80 million account access credentials,” which included the standard usernames and passwords, as well as much more dangerous data like session tokens. According to a press release from the US Department of Justice, the site was seized Read more about Find out if your account was part of the FBI’s Operation Cookie Monster bust – 80 million people were[…]

A unit of the Russian military intelligence service GROe has hacked routers of Dutch private individuals and small and medium-sized companies. The Military Intelligence Service (MIVD) has discovered this, writes de Volkskrant. The routers are part of a worldwide attack network and can, for example, destroy or paralyze the network of ministries. It is estimated Read more about Russian military intelligence hacks Dutch routers[…]

[…] The software engineers behind these systems are employees of NTC Vulkan. On the surface, it looks like a run-of-the-mill cybersecurity consultancy. However, a leak of secret files from the company has exposed its work bolstering Vladimir Putin’s cyberwarfare capabilities. Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military Read more about ‘Vulkan files’ leak reveals Putin’s global and domestic cyberwarfare tactics[…]