MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says

Within approximately 12 seconds, two highly educated brothers allegedly stole $25 million by tampering with the ethereum blockchain in a never-before-seen cryptocurrency scheme, according to an indictment that the US Department of Justice unsealed Wednesday. In a DOJ press release, US Attorney Damian Williams said the scheme was so sophisticated that it “calls the very Read more about MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says[…]

Dell hack but who Dell didn’t think it was a big deal now includes customer phone numbers

The person who claimed to have stolen the physical addresses of 49 million Dell customers appears to have taken more data from a different Dell portal, TechCrunch has learned. The newly compromised data includes names, phone numbers and email addresses of Dell customers. This personal data is contained in customer “service reports,” which also include Read more about Dell hack but who Dell didn’t think it was a big deal now includes customer phone numbers[…]

Dell customer order database stolen, 49m records for sale on dark web

Dell has confirmed information about its customers and their orders has been stolen from one of its portals. Though the thief claimed to have swiped 49 million records, which are now up for sale on the dark web, the IT giant declined to say how many people may be affected. According to the US computer Read more about Dell customer order database stolen, 49m records for sale on dark web[…]

‘ArcaneDoor’ Cyberspies Hacked Cisco Firewalls to Access Government Networks

[…] Cisco is now revealing that its firewalls served as beachheads for sophisticated hackers penetrating multiple government networks around the world. On Wednesday, Cisco warned that its so-called Adaptive Security Appliances—devices that integrate a firewall and VPN with other security features—had been targeted by state-sponsored spies who exploited two zero-day vulnerabilities in the networking giant’s Read more about ‘ArcaneDoor’ Cyberspies Hacked Cisco Firewalls to Access Government Networks[…]

The Crescendo Multi-Turn LLM Jailbreak Attack

In this paper, we introduce a novel jailbreak attack called Crescendo. Unlike existing jailbreak methods, Crescendo is a multi-turn jailbreak that interacts with the model in a seemingly benign manner. It begins with a general prompt or question about the task at hand and then gradually escalates the dialogue by referencing the model’s replies, progressively Read more about The Crescendo Multi-Turn LLM Jailbreak Attack[…]

World Check Database (quite probably filled with miscreants) was given to a 3rd party, taken from there and is now for sale online

The World-Check database used by businesses to verify the trustworthiness of users has fallen into the hands of cybercriminals. The Register was contacted by a member of the GhostR group on Thursday, claiming responsibility for the theft. The authenticity of the claims was later verified by a spokesperson for the London Stock Exchange Group (LSEG), Read more about World Check Database (quite probably filled with miscreants) was given to a 3rd party, taken from there and is now for sale online[…]

Breaking out of kiosk environments using keyboard media buttons via a BadUSB type attack

In early 2023 an awesome colleague (Andreas) spoke about an incident response case featuring thugs plugging a media keyboard into an ATM, and breaking out of its ATM kiosk software to install malware causing it to dispense $$$. This prompted me to spend some time during spring and summer of 2023 looking into Consumer Control, Read more about Breaking out of kiosk environments using keyboard media buttons via a BadUSB type attack[…]

DDOS attack takes down NL provinces and government organizations’ websites

Various websites of provinces and government organizations were down on Monday due to a DDOS attack. At the moment, the website of the Province of North Holland is still unavailable or unavailable again. The websites of the provinces of Groningen, Overijssel and North Brabant were also down for some time. The sites of the Senate Read more about DDOS attack takes down NL provinces and government organizations’ websites[…]

Burglars using Wifi jammers and deauth attacks to disable wireless smart home security

Edina police believe that the suspects aren’t choosing houses at random –they’re researching carefully prior to burglarizing them. The suspects are stealing jewelry, safes, and high-end merchandise. “It’s believed the burglars are not violent and tend to choose unoccupied houses,” the police’s report reads. At the city safety meeting on January 31st, residents warned about Read more about Burglars using Wifi jammers and deauth attacks to disable wireless smart home security[…]

Researchers jailbreak AI chatbots with ASCII art

Researchers based in Washington and Chicago have developed ArtPrompt, a new way to circumvent the safety measures built into large language models (LLMs). According to the research paper ArtPrompt: ASCII Art-based Jailbreak Attacks against Aligned LLMs, chatbots such as GPT-3.5, GPT-4, Gemini, Claude, and Llama2 can be induced to respond to queries they are designed Read more about Researchers jailbreak AI chatbots with ASCII art[…]

HackAPrompt – a taxonomy of GPT prompt hacking techniques

[…] We present a comprehensive Taxonomical Ontology of Prompt Hacking techniques, which categorizes various methods used to manipulate Large Language Models (LLMs) through prompt hacking. This taxonomical ontology ranges from simple instructions and cognitive hacking to more complex techniques like context overflow, obfuscation, and code injection, offering a detailed insight into the diverse strategies used Read more about HackAPrompt – a taxonomy of GPT prompt hacking techniques[…]

Apex Legends streamers surprised to find aimbot and other hacks added to their PCs in the middle of major competition

The Apex Legends Global Series is currently in regional finals mode, but the North America finals have been delayed after two players were hacked mid-match. First, Noyan “Genburten” Ozkose of DarkZero suddenly found himself able to see other players through walls, then Phillip “ImperialHal” Dosen of TSM was given an aimbot. Genburten’s hack happened part Read more about Apex Legends streamers surprised to find aimbot and other hacks added to their PCs in the middle of major competition[…]

Breach in French labor history database impacts up to 43 million people for past 20 years showing what a great idea huge centralised databases are

A French government department – responsible for registering and assisting unemployed people – is the latest victim of a mega data breach that compromised the information of up to 43 million citizens. France Travail announced on Wednesday that it informed the country’s data protection watchdog (CNIL) of an incident that exposed a swathe of personal Read more about Breach in French labor history database impacts up to 43 million people for past 20 years showing what a great idea huge centralised databases are[…]

Vehicle Cloning — Another Reason Not To Use Automated License Plate Readers

Over the last decade, increasing numbers of automated license plate readers (ALPR) have been installed on roads, bringing with them a variety of privacy problems, as Techdirt has reported. It’s easy to see why ALPR is popular with the authorities: license plate readers seem a simple way to monitor driving behavior and to catch people Read more about Vehicle Cloning — Another Reason Not To Use Automated License Plate Readers[…]

Want to Steal a Tesla? set up a guest wifi with a fake site, steal the password and make your own key

Security researchers report they uncovered a design flaw that let them hijack a Tesla using a Flipper Zero, a controversial $169 hacking tool. Partners Tommy Mysk and Talal Haj Bakry of Mysk Inc. said the attack is as simple as swiping a Tesla owner’s login information, opening the Tesla app, and driving away. The victim Read more about Want to Steal a Tesla? set up a guest wifi with a fake site, steal the password and make your own key[…]

Chinese and US researchers show new side channel can reproduce fingerprints by listening to swiping sounds on screen

An interesting new attack on biometric security has been outlined by a group of researchers from China and the US. PrintListener: Uncovering the Vulnerability of Fingerprint Authentication via the Finger Friction Sound [PDF] proposes a side-channel attack on the sophisticated Automatic Fingerprint Identification System (AFIS). The attack leverages the sound characteristics of a user’s finger Read more about Chinese and US researchers show new side channel can reproduce fingerprints by listening to swiping sounds on screen[…]

iOS and Android users face scans used to break into bank accounts

[…] GoldPickaxe and GoldPickaxe.iOS target Android and iOS respectively, tricking users into performing biometric verification checks that are ultimately used to bypass the same checks employed by legitimate banking apps in Vietnam and Thailand – the geographic focus of these ongoing attacks. The iOS version is believed only to be targeting users in Thailand, masquerading Read more about iOS and Android users face scans used to break into bank accounts[…]

1/2 of all French citizens data stolen in healthcare billing breach

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week. Payments outfits Viamedis and Almerys both experienced breaches of their systems in late January, the National Commission on Informatics and Liberty (CNIL) revealed, leading to Read more about 1/2 of all French citizens data stolen in healthcare billing breach[…]

Decrypting / Mounting Bitlocker protected drives

Attacks come in two main forms: one is scanning the drive for memory dumps and the other is by sniffing the bitlocker key through RAM dumping on cold boots. Cold Boot Attacks Over time there have been many different physical attacks against full disk encryption, such as Cold Boot attacks [0][1] that we have previously Read more about Decrypting / Mounting Bitlocker protected drives[…]

Shahed-136 drones in launcher

Hackers find out worth of Iranian drones sold to Russia

Hackers from the Prana Network group have compromised the mail servers of the Iranian company IRGC Sahara Thunder, which contained an array of data on the production of Shahed-136 attack drones for Russia. Source: a statement by Prana Network, reported by Militarnyi Details: As noted, the IRGC Sahara Thunder company is a fictitious company run Read more about Hackers find out worth of Iranian drones sold to Russia[…]

Inside the Underground Site Where ‘Neural Networks’ Churn Out Fake IDs

An underground website called OnlyFake is claiming to use “neural networks” to generate realistic looking photos of fake IDs for just $15, radically disrupting the marketplace for fake identities and cybersecurity more generally. This technology, which 404 Media has verified produces fake IDs nearly instantly, could streamline everything from bank fraud to laundering stolen funds. Read more about Inside the Underground Site Where ‘Neural Networks’ Churn Out Fake IDs[…]

Netherlands reveals Chinese attack on defence servers using CoatHanger malware on Fortinet Devices – a real pain to remove

Dutch authorities are lifting the curtain on an attempted cyberattack last year at its Ministry of Defense (MoD), blaming Chinese state-sponsored attackers for the espionage-focused intrusion. Specialists from the Netherlands’ Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) were called in to investigate an intrusion at an MOD network Read more about Netherlands reveals Chinese attack on defence servers using CoatHanger malware on Fortinet Devices – a real pain to remove[…]

cloudflare bad gateway error page

Cloudflare Hacked

Web security company Cloudflare on Thursday revealed that a threat actor used stolen credentials to gain access to some of its internal systems. The incident was discovered on November 23, nine days after the threat actor, believed to be state-sponsored, used credentials compromised in the October 2023 Okta hack to access Cloudflare’s internal wiki and Read more about Cloudflare Hacked[…]

Marauder DIY WiFi and Hacking tool

[…] The ESP32 Marauder is a suite of WiFi/Bluetooth offensive and defensive tools created for the ESP32 and was originally inspired by Spacehuhn’s esp8266_deauther project. The tool itself serves as a portable device used to test and analyze WiFi and Bluetooth devices. […] Do It Yourself If you would like to create your own ESP32 Read more about Marauder DIY WiFi and Hacking tool[…]

Akira ransomware gang says it stole personnel passport scans and other PII from Lush

The Akira ransomware gang is claiming responsiblity for the “cybersecurity incident” at British bath bomb merchant. Akira says it has stolen 110 GB of data from the UK-headquartered global cosmetics giant, which has more than 900 stores worldwide, allegedly including “a lot of personal documents” such as passport scans. Passport scans are routinely collected to Read more about Akira ransomware gang says it stole personnel passport scans and other PII from Lush[…]