Hackers have returned nearly half of the $600 million they stole in what’s likely to be one of the biggest cryptocurrency thefts ever. The cybercriminals exploited a vulnerability in Poly Network, a platform that looks to connect different blockchains so that they can work together. Poly Network disclosed the attack Tuesday and asked to establish Read more about Hackers return around half of stolen $600 million in Poly Network hack[…]

Cross-chain decentralized finance (DeFi) platform Poly Network was attacked on Tuesday, with the alleged hacker draining roughly $600 million in crypto. Poly Network, a protocol launched by the founder of Chinese blockchain project Neo, operates on the Binance Smart Chain, Ethereum and Polygon blockchains. Tuesday’s attack struck each chain consecutively, with the Poly team identifying Read more about Cross-Chain DeFi Site Poly Network Hacked; Hundreds of Millions Potentially Lost[…]

The hackers who breached Electronic Arts last month have released the entire cache of stolen data after failing to extort the company and later sell the stolen files to a third-party buyer. The data, dumped on an underground cybercrime forum on Monday, July 26, is now being widely distributed on torrent sites. According to a Read more about Hackers leak full EA data after failed extortion attempt[…]

The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors’ offices around the country last year, the Justice Department said Friday. The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. Read more about Justice Department says Russians hacked federal prosecutors during SolarWinds[…]

Law firm Campbell Conroy & O’Neil has warned of a breach from late February which may have exposed data from the company’s lengthy client list of big-name corporations including Apple and IBM. The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company’s internal systems, Read more about US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach, will only offer support if social security number was in data[…]

[…] The threat actors are offering Saudi Aramco’s data starting at a negotiable price of $5 million. Saudi Aramco has pinned this data incident on third-party contractors and tells BleepingComputer that the incident had no impact on Aramco’s operations. “Zero-day exploitation” used to breach network This month, a threat actor group known as ZeroX is offering 1 TB of Read more about Saudi Aramco data breach sees 1 TB stolen data for sale[…]

Palo Alto Networks’ global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year – along with an estimation of the multimillion-dollar payouts it’s receiving. […] The group, which provides what security wonks have come to term “Ransomware as a Service” or RAAS, has Read more about Report shines light on REvil’s depressingly simple tactics: Phishing, credential-stuffing RDP servers… the usual[…]

Ransomware attacks are on the rise, but quantifying the scope of the problem can be tricky when only the most high-profile cases make headlines. Enter Ransomwhere, […] Jack Cable, a security architect at the cybersecurity consulting firm Krebs Stamos Group, launched the site on Thursday. […] The way it works is Ransomwhere keeps a running Read more about This Crowdsourced Ransomware Payment Tracker Shows How Much Cybercriminals Have Heisted[…]

Cyberattacks reportedly disrupted Iran’s railway system on Friday, causing “unprecedented chaos” at stations throughout the country, according to state media. The hackers, whoever they are, also reportedly trolled the nation’s Supreme Leader Ali Khamenei, posting his phone number as “the number to call for information” on multiple train station message boards, Reuters reports. According to Read more about Iran’s Train System Hacked, Khamenei’s phone nr posted on station msg boards as help line[…]

According to a new investigation from Bloomberg, cyber spies connected to the Russian government recently hacked into the Republican National Committee—though the RNC has denied that their systems were breached in this way. According to Bloomberg, the hacker group known as “Cozy Bear”—thought to be connected to Russia’s intelligence service, the SVR—conducted the intrusion, though Read more about Report: Russian Cyber Spies Recently Hacked the RNC[…]

iPhone doesn’t even have to connect to the network to mess up. Back in June, security researcher Carl Schou found that when he joined the network “%p%s%s%s%s%n”, his iPhone permanently disabled its wifi functionality. Luckily, this was fixed by resetting all network settings, which erased the villainous wifi name from his phone’s memory. You would Read more about Getting Your iPhone Near This Cursed Network Breaks Its Wifi[…]

Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. An affiliate of the notorious REvil gang, best known for extorting $11 million from the meat-processor JBS after a Read more about Largest ransomware attack ever through hacked Kaseya software by REvil. Thousands of victims in at least 17 countries. $70m asked to decrypt the lot.[…]

Western Digital’s popular My Book Live hard drives are being deleted remotely by an unknown attacker, according to the company. And there’s not much anyone can do at this point but unplug their drives from the internet. “We have determined that some My Book Live devices have been compromised by a threat actor,” Western Digital’s Read more about Western Digital Confirms ‘My Book Live’ Drives Are Being Deleted Remotely[…]

Microsoft (MSFT.O) said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers. The company said it had found the compromise during its response to hacks by a team it identifies as responsible for earlier major breaches at SolarWinds (SWI.N) Read more about Microsoft says new breach via customer service discovered in probe of suspected SolarWinds hackers[…]

[…] According to Wired, however, at least one researcher has found a way to avoid most of this trouble, drawing cash from ATMs like magic with a simple flick of his wrist. The outlet reported Thursday that Josep Rodriguez, a researcher and consultant at security firm IOActive, has built up a collection of bugs affecting Read more about NFC Flaw Lets Hacker Break ATMs With a Phone[…]

On Friday, Volkswagen disclosed a data breach that it said affected 3.3 million customers and interested buyers. On Monday, hackers put the data stolen from the car maker on sale on a notorious hacking forum. In the sales listing reviewed by Motherboard, a hacker that goes by 000 wrote that the data included email addresses Read more about Hackers Are Selling Data Stolen From Audi and Volkswagen[…]

São Paulo pickpockets are increasingly stealing people’s smartphones not to pawn off the device, but rather to gain access to their bank account. That’s according to a report from Brazilian newspaper Folha de S.Paulo this week. As first spotted by 9to5 Mac, the report claims this kind of theft has been going on since the Read more about In Brazil, Criminals Steal Phones to Empty Victims’ Bank Account[…]

Ukrainian police have arrested six people, alleged to be members of the notorious Clop* ransomware gang, seizing cash, cars – and a number of Apple Mac laptops and desktops. “It was established that six defendants carried out attacks of malicious software such as ‘ransomware’ on the servers of American and [South] Korean companies,” alleged Ukraine’s Read more about Ukraine police collar six Clop ransomware gang suspects in joint raids with South Korean cops[…]

Alibaba’s Chinese shopping operation Taobao has suffered a data breach of over a billion data points including usernames and mobile phone numbers. The info was lifted from the site by a crawler developed by an affiliate marketer. Chinese outlet 163.com reported the case last week and today it was picked up by the Wall Street Read more about Alibaba suffers billion-item data leak including usernames and mobile numbers[…]

Internal company data leaked during a February security breach is now being circulated on the internet, Polish video games maker CD Projekt (CDR.WA) said in a statement published on Thursday. The attack, which compromised some of its internal systems including the source code to its much-hyped game Cyberpunk 2077, dealt another blow to the Warsaw-based Read more about Internal data + games source code from breach CD Projekt Cyberpunk 2077 circulating online[…]

McDonald’s Corp. said hackers stole some data from its systems in markets including the U.S., South Korea and Taiwan, in another example of cybercriminals infiltrating high-profile global companies. The burger chain said Friday that it recently hired external consultants to investigate unauthorized activity on an internal security system, prompted by a specific incident in which Read more about McDonald’s Hit by Data Breach – WSJ[…]

The group of hackers who stole a wealth of data from game publishing giant Electronic Arts broke into the company in part by tricking an employee over Slack to provide a login token, Motherboard has learned. The group stole the source code for FIFA 21 and related matchmaking tools, as well as the source code Read more about How Hackers Used Slack to Break into EA Games[…]