A second hacking group, different from the suspected Russian team now associated with the major SolarWinds data breach, also targeted the company’s products earlier this year, according to a security research blog by Microsoft. “The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion Read more about Second hacking team was targeting SolarWinds at time of big breach, at least March[…]

There was not a database or an IT deployment model out there to which his Austin, Texas-based company did not provide some level of monitoring or management, he told analysts on the Oct. 27 call. “We don’t think anyone else in the market is really even close in terms of the breadth of coverage we Read more about Hackers used SolarWinds’ dominance against it in sprawling spy campaign[…]

Sunday Reuters reported that “a sophisticated hacking group” backed by “a foreign government” has stolen information from America’s Treasury Department, and also from “a U.S. agency responsible for deciding policy around the internet and telecommunications.” The Washington Post has since attributed the breach to “Russian government hackers,” and discovered it’s “part of a global espionage Read more about Russia Breached Update Server Used by 300,000 Organizations, Including the NSA[…]

The European Medicines Agency (EMA), the EU regulatory body in charge of approving COVID-19 vaccines, said today it was the victim of a cyber-attack. In a short two-paragraph statement posted on its website today, the agency discloses the security breach but said it couldn’t disclose any details about the intrusion due to an ongoing investigation. EMA is Read more about EU agency in charge of COVID-19 vaccine approval hacked, vaccine documents stolen[…]

Since the start of the coronavirus pandemic, we’ve seen hackers target efforts to develop a COVID-19 vaccine, but it now seems they’re shifting their attention to the supply chain that will distribute those vaccines to people across the world. IBM says it recently uncovered a highly coordinated global phishing campaign focused on the companies and Read more about Hackers are trying to disrupt the COVID-19 vaccine supply chain[…]

On Nov. 16, 2020, Virginia-based cybersecurity firm Shift5, Inc. announced that it had received a $2.6 million contract from the Army’s Rapid Capabilities and Critical Technologies Office (RCCTO) to “provide unified cybersecurity prototype kits designed to help protect the operational technology of the Army’s Stryker combat vehicle platform.” The company says it first pitched its Read more about Army Hires Company To Develop Cyber Defenses For Its Strykers After They Were Hacked[…]

The Information Commissioner’s Office has fined Ticketmaster £1.25m after the site’s operators failed to spot a Magecart card skimmer infection until after 9 million customers’ details had been slurped by criminals. The breach began in February 2018 and was not detected until April, when banks realised their customers’ cards were being abused by criminals immediately Read more about Ticketmaster cops £1.25m ICO fine for 2018 Magecart breach, blames someone else and vows to appeal[…]

The Campari Group recently experienced a ransomware attack that allegedly shut down the company’s servers. The malware, created by the RagnarLocker gang, essentially locked corporate servers and allowed the hackers to exfiltrate “2 terabytes” of data, according to the hackers. On Nov. 6, the company wrote, “at this stage, we cannot completely exclude that some Read more about Campari Ransomware Hackers Take Out Facebook Ads to Get Paid[…]

Hackers are currently selling a trove of 3 million credit card numbers and customer records apparently stolen from Dickey’s Barbecue Pit, one of the biggest barbecue chains in the United States. The company made a statement today about the hack, suggesting that charges made to the stolen cards will be reversed. […] Security firm Gemini Read more about Dickey’s Barbecue Pit Hackers May Have 3M Stolen Credit Cards[…]

Barnes and Noble tonight confirmed it was hacked, and that its customers’ personal information may have been accessed by the intruders. The cyber-break-in forced the bookseller to take its systems offline this week to clean up the mess. See our update at the end of this piece. Our original report follows. Bookseller Barnes and Noble’s Read more about Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info[…]

German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment. The Duesseldorf University Clinic’s systems have been disrupted since last Read more about German Hospital Hacked, Patient Taken to Another City Dies- First documented cyberattack fatality?[…]

EMV is the international protocol standard for smartcard payment and is used in over 9 billion cards worldwide. Despite the standard’s advertised security, various issues have been previously uncovered, deriving from logical flaws that are hard to spot in EMV’s lengthy and complex specification, running over 2,000 pages. We formalize a comprehensive symbolic model of Read more about Attack on The EMV Smartcard Standard: man in the middle exploit with 2 smartphones[…]

[…] Flight Radar spokesman Ian Petchenik told The Register: “At this time we understand this to be a very strong DDoS attack [orchestrated] from a single source. While it is not known why we’re being targeted, multiple flight tracking services have suffered attacks over the past two days.” It was not immediately obvious which other Read more about Plane-tracking site Flight Radar 24 DDoSed… just as drones spotted buzzing over Azerbaijan and Armenia[…]

Would you believe more than 1% of computers worldwide are still using Windows XP? Incredibly, there are still millions of people using 19-year-old operating system. And a recent development — if it bears out — is another reason  people need to make the switch to something newer. On Thursday, users on 4chan posted what they Read more about Looks Like the Windows XP Source Code Just Leaked on 4chan[…]

Iranian hackers, most likely employees or affiliates of the government, have been running a vast cyberespionage operation equipped with surveillance tools that can outsmart encrypted messaging systems — a capability Iran was not previously known to possess, according to two digital security reports released Friday. The operation not only targets domestic dissidents, religious and ethnic Read more about Iranian Hackers Beat Encrypted Apps like Telegram, WhatsApp – since 2014[…]

The malware that French law enforcement deployed en masse onto Encrochat devices, a large encrypted phone network using Android phones, had the capability to harvest “all data stored within the device,” and was expected to include chat messages, geolocation data, usernames, passwords, and more, according to a document obtained by Motherboard. The document adds more Read more about European Police Malware Could Harvest GPS, Messages, Passwords, More from Encrochat devices[…]

More than a dozen internet service providers (ISPs) across Europe have reported DDoS attacks that targeted their DNS infrastructure. The list of ISPs that suffered attacks over the past week includes Belgium’s EDP, France’s Bouygues Télécom, FDN, K-net, SFR, and the Netherlands’ Caiway, Delta, FreedomNet, Online.nl, Signet, and Tweak.nl. Attacks lasted no longer than a day and were all eventually mitigated, but ISP services were Read more about European ISPs report mysterious wave of DDoS attacks[…]

In July 2017, Tesla CEO Elon Musk got on stage at the National Governors Association in Rhode Island and confirmed that a “fleet-wide hack” is one of Tesla’s biggest concerns as the automaker moves to autonomous vehicles. He even presented a strange scenario that could happen in an autonomous future: “In principle, if someone was able Read more about The Big Tesla Hack: A hacker gained control over the entire fleet, but fortunately he’s a good guy[…]

Uber’s chief security officer, Joe Sullivan broke the law by hushing up the theft of millions of people’s details from the app maker’s databases by hackers, prosecutors say. Sullivan, 52, formerly of eBay, Facebook, and PayPal, was today charged with obstruction of justice and misprision – concealing knowledge of a crime from law enforcement – Read more about Ex-Uber chief security officer charged, accused of covering up theft of personal info from databases by hackers[…]

Researchers have demonstrated that they can make a working 3D-printed copy of a key just by listening to how the key sounds when inserted into a lock. And you don’t need a fancy mic — a smartphone or smart doorbell will do nicely if you can get it close enough to the lock. The next Read more about Researchers Can Duplicate Keys from the Sounds They Make in Locks[…]

Zoombombers today disrupted a court hearing involving the Florida teen accused of masterminding a takeover of high-profile Twitter accounts, forcing the judge to stop the hearing. “During the hearing, the judge and attorneys were interrupted several times with people shouting racial slurs, playing music, and showing pornographic images,” ABC Action News in Tampa Bay wrote. A Read more about Zoombomber crashes court hearing on Twitter hack with Pornhub video, Judge obviously not qualified for this case[…]

In December 2019 I wrote about The Growing Problem of Malicious Relays on the Tor Network with the motivation to rise awareness and to improve the situation over time. Unfortunately instead of improving, things have become even worse, specifically when it comes to malicious Tor exit relay activity. Tor exit relays are the last hop Read more about How > 23% of Tor Relays are Maliciously Exploiting Users and stealing BTC in 2020 seemingly run by 1 actor[…]