On the same day Russia celebrated its role in defeating Nazi Germany, many of the country’s online platforms were defaced in protest of the war in Ukraine. The Washington Post reported on Monday that Russians with smart TVs saw channel listings replaced with a message implicating them in the ongoing conflict. “The blood of thousands Read more about Hackers deface Russian platforms and smart TVs to display anti-war messages[…]

Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. The method enabled the threat actor behind the attack to plant fileless malware in the file system in an attack filled with techniques and modules designed Read more about Hackers are now hiding malware in Windows Event Logs[…]

In response to Russia’s invasion of Ukraine, several Hollywood studios announced the immediate suspension of new releases in Russia. Unexpectedly, some Russian theaters are still able to show movies such as The Batman on the big screen but this isn’t down to the studios. The movies are sourced from illegal torrent sites and few seem Read more about Russian Cinemas Are Showing Pirated Movies Downloaded From Torrents[…]

WASHINGTON/THE HAGUE, April 12 (Reuters) – U.S. and European authorities said on Tuesday they had seized RaidForums, a popular website used by hackers to buy and sell stolen data, and the United States also unsealed charges against the website’s founder and chief administrator Diego Santos Coelho. Coelho, 21, of Portugal, was arrested in the United Read more about U.S. and European partners take down hacker website RaidForums[…]

Cybercriminals have used fake emergency data requests (EDRs) to steal sensitive customer data from service providers and social media firms. At least one report suggests Apple, and Facebook’s parent company Meta, were victims of this fraud. Both Apple and Meta handed over users’ addresses, phone numbers, and IP addresses in mid-2021 after being duped by Read more about Fraudsters use ‘fake emergency data requests’ to steal info[…]

A newly discovered data wiper malware that wipes routers and modems has been deployed in the cyberattack that targeted the KA-SAT satellite broadband service to wipe SATCOM modems on February 24, affecting thousands in Ukraine and tens of thousands more across Europe. The malware, dubbed AcidRain by researchers at SentinelOne, is designed to brute-force device Read more about Viasat confirms satellite modems were wiped with AcidRain malware – 7th wiper deployed against Ukraine this year[…]

The US Justice Department today announced indictments against four Russian government employees, who it alleges attempted a hacking campaign of the global energy sector that spanned six years and devices in roughly 135 countries. The two indictments were filed under seal last summer, and are finally being disclosed to the public. The DOJ’s decision to Read more about Justice Department indicts four Russian government workers in energy sector hacks[…]

British cops investigating a cyber-crime group have made a string of arrests. Though City of London Police gave few details on Thursday, officers are said to be probing the notorious extortionware gang Lapsus$, and have detained and released seven people aged 16 to 21. In a statement, the force said: “Seven people between the ages Read more about British cops arrest seven < 21 yr kids in Lapsus$ crime gang probe after they break into and dox the tech giants[…]

Samsung confirmed on Monday that a cybersecurity attack exposed sensitive internal data including source code for Galaxy smartphones. The group claiming responsibility for the attack, Lapsus$, is the same hacking outfit that breached Nvidia last week and leaked employee credentials and proprietary information onto the internet. In the Samsung hack, the group purportedly posted a Read more about Samsung Galaxy Source Code Stolen in Data Breach, might show they slow down specific apps[…]

Ukrainian news website Ukrainska Pravda says the nation’s Centre for Defence Strategies think tank has obtained the personal details of 120,000 Russian servicemen fighting in Ukraine. The publication has now shared this data freely on its website. The Register and others have been unable to fully verify the accuracy of the data from the leak. Read more about Ukraine state media leaks details of 120,000 Russians soldier on website[…]

Hackers that infiltrated NVIDIA systems are now threatening to release more confidential information unless the company commits to open sourcing their drivers. It is unclear what the stolen data contains, but the group confirmed that there are 250GB of hardware related data in their possession. Furthermore, the group confirmed they have evaluated NVIDIA position, which Read more about Hackers hacked by Nvidia Demand NVIDIA Open Source Their Drivers Or They Leak More Data[…]

[…] Candiru — another Israeli firm with a long list of questionable customers, including Uzbekistan, Saudi Arabia, United Arab Emirates, and Singapore. Now there’s another name to add to the list of NSO-alikes. And (perhaps not oddly enough) this company also calls Israel home. Reuters was the first to report on this NSO’s competitor’s ability Read more about Yet Another Israeli Malware Manufacturer Found Selling To Human Rights Abusers, Targeting iPhones[…]

For the past two weeks, observers of North Korea’s strange and tightly restricted corner of the internet began to notice that the country seemed to be dealing with some serious connectivity problems. On several different days, practically all of its websites—the notoriously isolated nation only has a few dozen—intermittently dropped offline en masse, from the Read more about North Korea Hacked Him. So One Guy Took Down Its Internet[…]

[…] Hackers stole more than $324 million in cryptocurrency from Wormhole, the developers behind the popular blockchain bridge confirmed Wednesday. The platform provides a connection that allows for the transfer of cryptocurrency between different decentralized-finance blockchain networks. Wormhole said in a series of tweets Wednesday afternoon that thieves made off with 120,000 wETH, or wrapped Read more about Blockchain platform Wormhole says it’s retrieved the $324M stolen by hackers[…]

Finland’s government says the mobile devices of its diplomats have been hacked using Pegasus spyware. The Finnish foreign ministry stated on Friday that some of its officials abroad had been targeted by the sophisticated software. “The highly sophisticated malware has infected users’ Apple or Android telephones without their noticing and without any action from the Read more about Finnish diplomats were targeted by NSO Pegasus spyware[…]

[…] “In August 2021 we received message on Telegram from a hacker, who showed us proof that he could gain access to the user table of opensubtitles.org, and downloaded a SQL dump from it. He asked for a BTC ransom to not disclose this to public and promise to delete the data,” the post reads. Read more about OpenSubtitles Hacked, 7 Million Subscribers’ Details Leaked Online[…]

Trading platform Crypto.com lost about $34 million worth of cryptocurrency in a hack on Monday, according to a new blog post by the company published overnight. The company had previously declined to say much about the hack, which forced users to stop withdrawals for most of the day, and only reassured customers they wouldn’t lose Read more about Crypto.com Finally Acknowledges $34 Million Stolen by Hackers[…]

Microsoft warned Saturday evening that it had detected a highly destructive form of malware in dozens of government and private computer networks in Ukraine that appeared to be waiting to be triggered by an unknown actor. In a blog post, the company said that Thursday — around the same time that government agencies in Ukraine Read more about Microsoft warns of destructive cyberattack on Ukrainian computer networks[…]

The European Space Agency (ESA) is inviting applications from attackers who fancy having a crack at its OPS-SAT spacecraft. It’s all in the name of ethical hacking, of course. The plan is to improve the resilience and security of space assets by understanding the threats dreamed up by security professionals and members of the public Read more about Did you always want to hack an ESA satellite? Now’s your chance[…]

[…] The Federal Security Service (FSB), Russia’s domestic intelligence agency, said in a press release Friday that it had recently conducted raids at 25 residences across Moscow, Leningrad, Lipetsk, and St. Petersburg, where 14 members of the cybercriminal gang were arrested. During the raids, authorities seized more than 426 million rubles, $600,000, and €500,000, along Read more about Russia Arrests Members of Notorious Ransomware Gang REvil[…]

A young hacker and IT security researcher found a way to remotely interact with more than 25 Tesla electric vehicles in 13 countries, according to a Twitter thread he posted yesterday. David Colombo explained in the thread that the flaw was “not a vulnerability in Tesla’s infrastructure. It’s the owner’s faults.” He claimed to be Read more about Teen hacker finds bug that lets him control 25+ Teslas remotely. Also 1000s of auth tokens expired silmutaneously[…]

[…] Commissioners told the court that all of Bernalillo County, which covers the US state of New Mexico’s largest city Albuquerque, had been affected by a January 5, 2022, ransomware attack, including the Metropolitan Detention Center (MDC) that houses some of the state’s incarcerated. […] Over the phone, a spokesperson for the facility told The Read more about Ransomware puts New Mexico prison in lockdown, closes doors, security cameras to personnel[…]

The news comes via internal documents shared with The T-Mo Report, embedded below. They state that there was “unauthorized activity” on some customer accounts. That activity was either the viewing of customer proprietary network information (CPNI), an active SIM swap by a malicious actor, or both. This comes just on the heels of a previous Read more about T-Mobile Has Suffered Yet Another Data Breach[…]

The United Kingdom’s National Crime Agency and National Cyber Crime Unit have uncovered a colossal trove of stolen passwords. We know this because Troy Hunt, of Have I Been Pwned (HIBP) fame, yesterday announced the agency has handed them over to his service, which lets anyone conduct a secure search of stolen passwords to check Read more about UK National Crime Agency finds 225 million previously unexposed passwords[…]

[…] researchers managed to technically deconstruct just how one of the company’s notorious “zero-click” attacks work. Indeed, researchers with Google’s Project Zero published a detailed break-down that shows how an NSO exploit, dubbed “FORCEDENTRY,” can swiftly and silently take over a phone. […] Initial details about it were captured by Citizen Lab, a research unit Read more about How NSO Group’s zero-click iPhone-Hacking Exploit Works[…]