Items tagged with Hacking

High-reward ransomware appears to be all the rage right now after the REvil hacking group executed the Kaseya attack, encrypting over 1,500 businesses. Now, Saudi Aramco has confirmed a data leak today following an extortionist who demanded $50 million after claiming to have sized a large quantity of data from the world’s largest oil producer. Released today, Aramco’s statement explained that it had “recently become aware of the indirect release of a limited amount of company data which was held by third-party contractors.” While no supplier or contractor was named nor was it explained how the data was lost according to the Financial Times, it seems the company is simply... Read more...
Late last week, it was revealed that a global spyware campaign was targeting politicians, activists, and journalists worldwide. Initially, the company behind the software for spying, NSO Group, was blamed for the data leak and supplying its software to authoritarian regimes. However, NSO Group has since rejected these claims to try and deflect rather than publicly investigate what has happened. Published yesterday, a news article called "Enough Is Enough!" was posted on NSO Group's website. Within this article, the company explained that the spyware concern was a "planned and well-orchestrated media campaign lead by Forbidden Stories" and then "pushed by special interest groups." Subsequently,... Read more...
The devastating security breach publisher Electronic Arts disclosed earlier this month may have been worse than initially thought. Not in terms of the scope of how much data was stolen (which is a lot), but in regards to EA possibly having prior knowledge that its systems were at risk, and allegedly choosing not to take appropriate measures that could have prevented the breach. Let's back up for a moment. A couple of weeks ago, hackers began bragging on private hacking forums that they infiltrated EA's servers and swiped a massive amount of data—around 780GB of source code, proprietary frameworks, software development kits, and engine tools. The stolen data was made available for sale.... Read more...
Cybersecurity is a hot topic nowadays, with attacks happening frequently like the Colonial Pipeline or JBS Global ransomware attacks. Now, it appears that EA is facing its own issues after hackers allegedly managed to exfiltrate around 780GB of source code, frameworks, and engine tools from the company. Recently, hackers began boasting about their recent EA attack on private hacking forums. In the posts, the hackers explained that they took FIFA 21 source code, Frostbite engine source code and tools, proprietary EA frameworks and software development kits, and code bundles to streamline game development. This adds up to 780GB of data which has gone up for sale on a variety of forums for "Only... Read more...
In May, the biggest fuel provider to the U.S. eastern seaboard was hit with ransomware from Russian hacking group DarkSide. Colonial Pipeline decided to pay the ransom to decrypt some of its files to get back to operational status, but those efforts were hampered by a slow decryption tool offered by the attackers. Thankfully, the U.S. Justice Department reports that it has now recovered much of the multi-million-dollar ransom payment. On May 9th, Colonial Pipeline reported that it needed to shutter its pipeline network, spanning from Texas to New Jersey, due to a security incident. What we later found out to be ransomware effectively paused the 2.5 million barrels of fuel from reaching communities... Read more...
Well, that was incredibly fast. Apple released its AirTag trackers to retail less than two weeks ago, and someone has already hacked the tiny gadget. Security researcher Thomas Roth did the deed, as he managed to crack into the microcontroller and re-flash it with his own custom firmware, essentially resulting in a jailbroken AirTag. The tiny devices are clever and affordable ways of keeping track of items you really do not want to lose. They sell for $29 a pop (or $99 for a four-pack), and provide a private and secure way of finding lost items by leveraging Apple's immense Find My ecosystem. Users can see a lost item's last known location on a map, then when they are within Bluetooth range,... Read more...
When it comes to password management, users really have just a handful of options, and all of them have their caveats. If we choose to just use memorable passwords and recycle them between accounts, one account becoming compromised can lead to a group of them being in a bad state. On the other hand, relying on a cloud service to store passwords puts our security credentials on someone else's servers, and we're subject to whatever tracking those services may entail. Lastly, if we host our own password management solutions, one bad update can leak our credentials to the world. This third option is the story of Click Studios and PasswordState. PasswordState is a self-hosted, as opposed to cloud-hosted,... Read more...
The hacker who gained unauthorized access to CD Projekt Red's servers and seemingly stole the source code for several games has already reportedly leaked one of them, after the developer publicly declared it had no intention of paying a ransom or negotiating. In addition, the hacker appears to be trying to start a bidding war for the remaining data. To be clear, CD Projekt Red never outright acknowledged that the hacker stole actual source code, but said the person responsible "collected certain data" belonging to the developer, as well as encrypted some devices on its network. However, reading between the lines of the developer's broader statement on the intrusion, it sure sounds like the hacker... Read more...
FireEye, a prominent cybersecurity firm, says it is working with the US Federal Bureau of Investigation and several key partners, including Microsoft (which recently warned of a rise in cyberattacks), into a highly sophisticated and targeted hack that it believes was perpetrated by a state-sponsored actor "with top-tier offensive capabilities." It is unlike anything FireEye CEO Kevin Mandia has seen in his two and a half decades in cybersecurity. That is saying something, given that FireEye deals with security incidents of the highest order. However, Mandia says this particular attack is different from the tens of thousands of incidents his company has dealt with over the years. "The attackers... Read more...
In the days of old, a car thief might stick a hanger in car window to unlock the door (or simply smash the glass), hop in, and hot wire the vehicle. Hollywood loves to show this kind of thing, sometimes with wires dangling beneath the steering column, and other times with a screwdriver jammed into the ignition. Trying to steel a Tesla Model X takes more effort, though perhaps not as much as you think, as a security researcher recently demonstrated. Today's vehicles are more reliant than ever on computer systems, and Tesla is at the front of the pack, with its advanced self-driving and other technologies. And like many modern vehicles, keyless entry is a common feature. That is also where the... Read more...
Some people may say, “Don't talk to me until I have had my coffee,” but what if they could not have coffee because of a ransomware attack? According to a researcher at Avast, IoT devices, such as smart coffee makers, can be vulnerable to attacks. Security researcher Martin Hron remarks “firmware is a new software,” and that software can be exploited. Typically, smart IoT devices have firmware onboard that is used with an API, while users expect that not too much harm can come from the API and firmware. This is not the case, as Hron states “We used to trust that hardware, such as a common kitchen appliance, could be trusted and could not be easily altered without... Read more...
Towards the end of April, Nintendo issued a notice saying login details for as many as 160,000 Nintendo accounts had been compromised as a result of a data breach. In actuality, the number of affected accounts is nearly twice as high—Nintendo this week provided an update on the matter, saying it has identified an additional 140,000 users accounts that "may have been accessed maliciously." The new figure is not part of a separate hack, but the result of Nintendo's ongoing investigation into the matter. As discovered in April, hackers were able to exploit Nintendo Network IDs (NNIDs). These were mainly relevant back in the days of the Wii U and Nintendo 3DS, but could be linked to a Nintendo... Read more...
A hacker group called ShinyHunters claims to have breached the databases of ten companies operating around the world, and stolen user data on millions of people. Currently, the databases for the ten companies are being offered for sale on the dark web with a total of 73.2 million user records. The same group of hackers breached an Indonesian online store called Tokopedia last week selling the entire database of 91 million user records for $5,000 on the dark web. In the latest hacks, the largest company that has allegedly had its database stolen is online dating service Zoosk, with the hackers allegedly obtaining 30 million user records. The complete list of businesses that have allegedly... Read more...
Microsoft has patched a vulnerability in its Teams software that could have allowed an attacker to infiltrate compromised systems, steal data, and even take control of an entire organization's accounts. What makes the security flaw somewhat unique is that all of the dastardly deeds could have been accomplished with a just an animated GIF. Users within the organization wouldn't even need to share the infected GIF—just viewing it would be enough for it to work its malicious mojo. The attack itself was leveraged in a subdomain takeover vulnerability in Teams, and prior to being patched, would have affected every user who users the Teams desktop or web browser version. "Without getting into... Read more...
For what feels like the umpteenth time this has happened, a string of specific text is causing iOS devices to crash when received, including iPhones, iPads, and Apple Watches. The malicious text is going viral, and as of this writing, has not been addressed with an iOS update (we imagine one will arrive soon). Even worse, it doesn't have to be sent as a direct text message like past incidents. The string of text that is causing problems on iOS devices consists of certain characters in the Sindhi language. It was originally thought that emojis of the Italian flag needed to accompany the text as well, but was later discovered that the Sindhi text string is all that is needed to freeze and/or crash... Read more...
Hackers recently targeted Nintendo Switch owners, leading to the recommendation that users enable two-factor authentication (2FA), which is generally solid advice anyway. In the aftermath of the hacking campaign, Nintendo is no longer allowing Switch owners to log into their Nintendo accounts through a Nintendo Network ID (NNID). Nintendo also confirmed how many accounts were compromised. According to Nintendo, around 160,000 accounts were hacked. On those accounts, hackers were able to see nicknames, genders, dates of birth, country/region information, and email addresses. Nintendo also acknowledged that hackers may have illegally made purchases on affected accounts using existing balances,... Read more...
There is some more bad news for Zoom and some of its users. Security researchers recently discovered that the dark web and hacker forums are host to over 500,000 compromised Zoom accounts being offered up for sale at dirt cheap prices. Some of them are being sold for a fraction of a penny, while others are being given away for free. It almost feels like we are picking on Zoom at this point with so many headlines highlighting the company's security and privacy lapses in recent weeks. However, that is not the case. Zoom CEO Eric Yuan recently admitted that his video conferencing startup "moved too fast" in light of the COVID-19 outbreak and "had some missteps" along the way. Part of the problem,... Read more...
These are tough times for sure, and to make matters worse, a hacking group managed to infiltrate an email service in Italy and swipe the personal data of more than 600,000 users. The data, which is said to include plaintext passwords and contents of email messages, is for sale on the dark web for between 0.5 and 3 Bitcoin (around $3,500 to $22,000). The culprits go by the name of NN (No Name) Hacking Group. They swiped the data from Email.it, then promoted it on Twitter. The group claims it breached the email service's data center two years ago, in January 2018, and asked for a bug bounty. "They refused to talk with us and continued to trick their users/customers. They didn't contacted (sic)... Read more...
Last week, a semi-anonymous hacker made headlines when they brazenly posted supposed source code to GitHub outlining chunks of AMD's next-generation Radeon DNA 2 (RDNA 2) GPU architecture, as found in the upcoming Xbox Series X game console. The hacker valued the stolen data at $100 million, but can it really be classified as source code? And is it truly that valuable? Maybe not. The hacker claimed to have gotten their mitts on various source files pertaining to different versions of AMD's graphics technology, the most interesting of which is Arden, the codename of the GPU inside the Xbox Series X. AMD managed to get the code removed from GitHub by filing a DMCA take down request. The hacker... Read more...
Major data breaches have unfortunately become rather common occurrences (they seem to happen in waves), and even if you are practice common sense computing habits, you can still fall victim to these types of things. Serving as a sobering reminder of this reality, security researchers say they have discovered an unprotected database hosting a massive 800 gigabytes of personal data. The database holds records for over 200 million Americans. In terms of scale, that's more people than were affected by the Equifax breach, which ultimately resulted in the Federal Trade Commission issuing a weaksauce fine. In this case, it is not clear if the exposed records have been viewed by malicious actors or spilled... Read more...
Malicious actors who make it their business to spread malware obviously have no scruples about preying on on people in any manner possible, but sometimes they fall to new lows. We saw when it when hackers attempted to assault epilepsy patients by posting flashing animations to the Epilepsy Foundation's support forum in hopes of causing seizures, and now they are leveraging the coronavirus pandemic to spread malware, via a live map. Security researcher Brian Krebs of KrebsOnSecurity found that in one such scheme, hackers are using an interactive dashboard of coronavirus infections and deaths produced by Johns Hopkins University on malicious websites, and possibly spam emails as well, to spread... Read more...
The United States National Security Agency (NSA from here on out) is warning of a vulnerability in Microsoft Exchange Server that could allow an attacker with email credentials to launch a remote attack on a target system, enabling them to execute commands. It affects multiple versions of Microsoft Exchange Server. "A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time. Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which runs as SYSTEM. The security update addresses the vulnerability by correcting how Microsoft... Read more...
1 2 3 4 5 Next ... Last