Ireland has fined Meta over $264 million for a 2018 data breach where hackers gained access to users' profiles and personal information due to lack of security.
Hack RSS
It has been revealed that a hacker stole details about OpenAI products in early 2023. The company decided not to disclose the hack to the public or law enforcement, creating divisions at the firm.
The U.S. government data breach by Chinese hackers has led to an investigation into Microsoft's role in securing cloud data. Security concerns about third-party clouds like Azure are growing.
Microsoft discovers a phishing attack by a Russian-backed hacker group. They are using compromised Microsoft 365 accounts to pose as tech support in Teams. The group targets govts, NGOs, and more.
Microsoft said Chinese hackers accessed US and EU government email accounts. Senator Wyden asked authorities to investigate Microsoft's role and negligence. They worry about the encryption keys.
The SEC has announced new rules that will force publicly traded companies to report any cybersecurity incidents within four business days. This will help customers learn of breaches sooner.
A Redis server malware, that has been built on Rust, is infecting servers based on both Windows as well as Linux. Dubbed the "P2PInfect", this worm is able to exploit the Lua vulnerability.
Chinese hacking group Storm-0558 accessed US and Western Europe government email accounts, targeting agencies, think tanks, and NGOs. Microsoft identified and notified affected organizations.
According to an alarming research, over 100,000 ChatGPT accounts have been compromised and are being traded on illicit dark web marketplaces. Affected regions include the U.S., India, and more.
Further to Reddit's recent woes since the announcement of the API pricing change, claims have surfaced that it has suffered a data breach at the hands of BlackCat, with 80GB of zipped data taken.
Users of AT&T email accounts are facing a wave of hacks by bad actors who are seeking to steal cryptocurrency, by utilising API issues in the service to take control of email addresses.
Password management company LastPass has confirmed another cybersecurity incident following the August hack. However, unlike the previous instance, customer data has been accessed this time.
Half a billion phone numbers of WhatsApp users is reportedly up for sale on a well-known hacking community. The dataset contains user data from 84 countries, with over 32 million numbers from the US.
The ticketing website, See Tickets, was affected by a major data breach in 2019 that went undetected for two years, and was only shut down in January, potentially impacting millions of customers.
Medibank, the Australian private health insurance provider has been hit by a cyber incident. Currently, It is investigating the nature of the incident and any impact it may have on its customers.
A recent hack at Fast Company resulted in iPhone users receiving racist and obscene push notifications via Apple News in the earlier hours of today. Fast Company has now shut down its website.
Following recent leaks of the new Grand Theft Auto 6 in development, a teenager from Oxfordshire, UK, has been arrested in London as part of an investigation by the UK National Crime Agency.
Uber has suffered a significant data breach. The rideshare company has taken several of its internal systems offline to assess the extent of the damage done. It's the first major attack since 2016.
Password management company LastPass has announced that its development environment was recently hacked. However, there are no signs of illicit access to user data at this point in time.
Plex has started warning users that data breach, though of "limited access" has taken place. As such, customers are being urged to reset passwords. However, the server load may be too much right now.
Google's Threat Analysis Group (TAG) has been running tests on a rather simple but effective tool that can download complete inboxes of popular services including Google, Yahoo, and Microsoft Outlook.
Signal has reported a recent phishing attack on its verification service provider, Twilio, which has exposed approximately 1,900 users registered to a Signal account. Twilio has shut down the attack.
Some of the Lapsus$ group's members may have been arrested, but the hackers managed to sneak inside T-Mobile servers and stole the company's source code to perform SIM swap attacks for ransomware.
In a recent cybertheft event, hackers stole over $600 million worth of cryptocurrencies from Sky Mavis' Ronin Network Bridge on March 23rd. The company noticed the security breach on March 29th.
Join us as we recap an exciting week in the Microsoft-verse full of Windows Easter eggs, news about cybersecurity incidents involving Lapsus$ and others, and gaming news including DirectStorage.
A prominent member of the Lapsus$ hacking group has supposedly been identified as a 16-year-old boy; seven of the group's members have also been arrested by the City of London Police.
Microsoft has officially confirmed that it was indeed compromised by Lapsus group. It has outlined a series of steps that organizations can take to protect themselves and identify malicious activity.
Hacking collective LAPSUS$ has reportedly leaked the source code for multiple Microsoft projects including Cortana, Bing, and Bing Maps. The 37GB dump contains data for over 250 projects.
Ubisoft has acknowledged it suffered a "cybersecurity incident". As a precaution, the game publisher has reset all internal passwords. All its games and services are functioning normally.
The hacking group Lapsus$ is threatening to dump Vodafone source code online in a couple of days. Vodafone has said that it's aware of the threat from the group and that it's investigating.
Samsung has confirmed a massive data breach that led to its source code and internal data belonging to partners being stolen. It has assured the public that their personal data is safe.
An LPE security vulnerability under the ID CVE-2021-4034 was found by Linux security researchers at Qualys. The bug has been present for 12+ years and almost every major Linux distro is vulnerable.
According to the Sebastian, the Z80 code used to interface with the Wi-Fi controller was developed using the open-source development kit GBDK, which is also compatible with the Sega Game Gear.
NSO Group software has allegedly been used against U.S. State Department employees based in or related to Uganda. It's not clear yet who was responsible for deploying the software though.
Tesco, a major UK supermarket, has had its systems hacked. The incident seems to be ongoing and while the shop says no data has been stolen, it'll be hard to know for sure until the issue is resolved.
Twitch has reportedly been the target of a massive data breach. The publicly leaked data contains encrypted credentials, source code for some software, and payout details related to popular streamers.
Facebook data scraped earlier this year is being sold on a hacker forum. The data doesn't contain any passwords but it does contain personal information. Over 1.5 billion users are affected.
Poly Network, the crypto platform that was recently hacked and had millions in cryptocurrencies stolen, has confirmed that it has received all the money back from the hacker and is restoring service.
According to a report, a latest breach has exposed personal details of around 100 million T-Mobile customers. Some of this data is being sold at an underground forum for six Bitcoins.
The week brought us Ignite news, Exchange on-prem vulnerability news, and even some expected Insider build news. Make sure to catch up with everything that happened via our handy overview.