Items tagged with Hackers
Contrary to what some may think, hackers can have scruples and, in some cases, honorable intentions—it's kind of the whole idea behind white hat hacking and events like Pwn2Own. But then there are the kind who wouldn't think twice about breaching a cancer center and swipe personal details of hundreds of thousands of...
Read more...
An American Express credit card data breach has occurred with hackers obtaining the information from an unnamed third-party merchant processor. No word on how many customers are impacted yet, but the breach has leaked American Express card numbers, member names, and card expiration dates.
Unknown hackers managed...
Read more...
A massive leak of 26 billion personal records has been exposed by a cybersecurity research team. Big sites and government organization sites like Deezer, Tencent, and Adobe haven't been spared, and we have both bad news and good news.
Deemed the "Mother of all Breaches" by the reporting Cybernews team, a database...
Read more...
Popular genetic testing company 23andMe has revealed the possible true impact of its recent October data breach. Contrary to an SEC (Securities and Exchange Commission) filing on Friday by the company, the breach is now said to affect 6.9 million individuals worldwide.
On Friday, 23andMe stated that only a small...
Read more...
A team of British researchers have found a way to use AI to learn keyboard keystrokes with 95 percent accuracy using nothing but the mics on an iPhone. This spells more trouble in the already complex and increasingly insecure realm of personal data security.
In a recently published paper submitted by a research...
Read more...
The Linus Tech Tips YouTube channel fell victim to hackers overnight, with the attackers using it to promote a fake crypto giveaway. During the time the channel was being recovered, users attempting to view the channel encountered a YouTube message, stating, "This account has been terminated for violating YouTube's...
Read more...
Pepsi Bottling Ventures (PBV) has suffered a major data breach, with hackers making off with a trove of sensitive information. The company has begun notifying affected individuals of this incident, but the details remain sparse. According to a sample of the security notice issued by PBV, unknown threat actors managed...
Read more...
We often report on phishing campaigns involving fraudulent customer support agents who trick victims into giving up sensitive information or installing malware on their systems. However, sometimes threat actors flip this script, instead posing as customers in need of help in order to prey on customer support agents...
Read more...
TA444 is an advanced persistent threat (APT) group believed to be associated with the North Korean government. However, rather than receiving financial backing from its government, the group seems to bring in revenue for the government. Unlike most state-backed APTs, such as China’s Aoqin Dragon or Iran’s Charming...
Read more...
BIT Mining Limited has published a news release disclosing that the cryptocurrency mining pool run by its subsidiary, BTC.com, suffered a cyberattack earlier this month on December 3. In the course of the attack, threat actors stole cryptocurrency valuing approximately $3 million in total. BIT Mining has informed...
Read more...
Back in August of this year, the password manager LastPass suffered a security breach that resulted in the theft of proprietary technical information and portions of the company’s source code. Hackers then used the stolen information to breach LastPass again at the end of November. Shortly after this follow-up breach...
Read more...
Back in October, a researcher at the cybersecurity firm Salt Security uncovered multiple security vulnerabilities in the LEGO BrickLink website that could have allowed hackers to hijack users’ accounts and arbitrarily read files on the the Amazon cloud server hosting the website. Upon making this discovery, the...
Read more...
The cuteness of kittens is widely recognized and appreciated on the internet, but there’s nothing cute about the Iranian Advanced Persistent Threat (APT) known as “Charming Kitten.” Also known as TA453 or APT42, this threat group has been conducting cyber espionage at the behest of the Iranian regime since at least...
Read more...
The first day of Pwn2Own Toronto 2022 has come and gone, and Samsung’s Galaxy S22 has had it rough, with more potential abuse yet to come. A variety of printers and routers from different companies have also taken some beatings. Pwn2Own is a hacking contest held every year by the Zero Day Initiative (ZDI), giving...
Read more...
The CEO of the password manager LastPass, Karim Toubba, has published a blog post on the company’s website disclosing a recent security breach. According to the blog post, this incident affected both LastPass and its affiliate company GoTo, with a similar blog post appearing on the GoTo website. With the help of the...
Read more...
Researchers at the cybersecurity firm ESET have discovered an active Android malware campaign that began in January 2022. The campaign in question distributes spyware injected into legitimate VPN apps. The researchers have tied this campaign to an advanced persistent threat (APT) group known as “Bahamut.”
Bahamut...
Read more...
Three days ago, users of the sports betting service DraftKings began reporting that their accounts had been hacked. In cases in which the hacked accounts contained funds, users reported the hackers attempting to withdraw their funds to newly added bank cards. Yesterday, DraftKings acknowledged these reports publicly...
Read more...
Yesterday, the cloud storage provider Dropbox disclosed a recent phishing attack targeting the company’s employees that resulted in unauthorized access to 130 of its GitHub repositories. Fortunately, the incident didn’t escalate to a breach affecting any users’ Dropbox content, passwords, or payment information...
Read more...
Over the weekend, a group of Iranian hackers stole a trove of files from a nuclear technology agency. However, rather than comprising a state-backed hacking group, the hackers in question identify as anti-regime hacktivists who operate under the name “Black Reward.” The group claims to have stolen at least 50 GB of...
Read more...
The Cyber Division of the US Federal Bureau of Investigation (FBI) has published a notice warning the healthcare industry of cyberattacks targeting healthcare payment processors. The attacks generally come in the form of phishing attacks that leverage employees’ publicly available Personally Identifiable Information...
Read more...
Cybersecurity researchers at Proofpoint have been keeping tabs on an Advanced Persistent Threat (APT) known as TA453 and recently found the threat actor employing a phishing technique that makes use of sock puppet email accounts. Sock puppets are alternate accounts or personas used in a deceptive manner by a single...
Read more...
The cybersecurity firm Group-IB published research today detailing how various threat actors are stealing Steam login credentials using browser windows. Specialists from the computer emegency response team at Group-IB (CERT-GIB) discovered over 150 phishing resources mimicking Steam in just the month of July. Steam...
Read more...
