Researchers have unpacked a major cybersecurity find—a malicious UEFI-based rootkit used in the wild since 2016 to ensure computers remained infected even if an operating system is reinstalled or a hard drive is completely replaced. The firmware compromises the UEFI, the low-level and highly opaque chain of firmware required to boot up nearly every modern computer. Read more about Discovery of UEFI rootkit exposes an ugly truth: The attacks are invisible to us[…]

The United States’ federal court system “faced an incredibly significant and sophisticated cyber security breach, one which has since had lingering impacts on the department and other agencies.” That quote comes from congressional representative Jerrold Lewis Nadler, who uttered them on Thursday in his introductory remarks to a House Committee on the Judiciary hearing conducting Read more about US court system suffered ‘incredibly significant attack’ – no details known yet[…]

The Car Last summer I bought a 2021 Hyundai Ioniq SEL. It is a nice fuel-efficient hybrid with a decent amount of features like wireless Android Auto/Apple CarPlay, wireless phone charging, heated seats, & a sunroof. One thing I particularly liked about this vehicle was the In-Vehicle Infotainment (IVI) system. As I mentioned before it Read more about how I Hacked My Car – completely pwn a 2021 Hyundai Ioniq head unit – a story in 3 parts[…]

[greenluigi1] bought a Hyundai Ioniq car, and then, to our astonishment, absolutely demolished the Linux-based head unit firmware. By that, we mean that he bypassed all of the firmware update authentication mechanisms, reverse-engineered the firmware updates, and created subversive update files that gave him a root shell on his own unit. Then, he reverse-engineered the Read more about Hacker Liberates Hyundai Head Unit, Writes Custom Apps | Hackaday[…]

[…] researchers have shown that it’s possible to clone these devices, as reported by Hackster.io. The research paper explains the cloning process, which requires physical access to the hardware. To achieve the hack, the Nordic nRF52832 inside the AirTag must be voltage glitched to enable its debug port. The researchers were able to achieve this Read more about Apple AirTags Hacked And Cloned With Voltage Glitching[…]

The US Supreme Court justices who overturned Roe v. Wade last month may have been doxxed – had their personal information including physical and IP addresses, and credit card info revealed – according to threat intel firm Cybersixgill. As expected, the fallout from the controversial ruling, which reversed the court’s 1973 decision that federally protected Read more about Supremes ‘doxxed’ after overturning Roe v Wade[…]

Posing as a scholar, a Chinese woman spent years writing alternative accounts of medieval Russian history on Chinese Wikipedia, conjuring imaginary states, battles, and aristocrats in one of the largest hoaxes on the open-source platform. The scam was exposed last month by Chinese novelist Yifan, who was researching for a book when he came upon Read more about A Bored Chinese Housewife Spent Years Falsifying Russian History on Wikipedia[…]

[…] Joshua Schulte was convicted of sending the CIA’s “Vault 7” cyber-warfare tools to the whistle-blowing platform. He had denied the allegations. The 2017 leak of some 8,761 documents revealed how intelligence officers hacked smartphones overseas and turned them into listening devices. Prosecutors said the leak was one of the most “brazen” in US history. Read more about Joshua Schulte: Former CIA hacker convicted of Vault 7 data leak[…]