Hackers had been lurking undetected, and the FBI confirms they've breached systems critical to national security.
Hacking RSS
North Korean hackers may have found a new trick to bypass macOS security and hide malicious code using Google's Flutter.
The West Midlands Police, in cooperation with the NCA and FBI, have arrested a 17-year-old boy in Walsall, UK, on suspicion of participating in ransomware attacks against US-based companies.
The US DOJ has unsealed indictments against seven Chinese hackers involved with the APT31 hacking group. The group has targeted US and UK politicians as well as businesses and critics of China.
Common electronic locks used in hotels still suffer from vulnerabilities reported to the manufacturer in 2022. It allows the hackers to forge universal keycards that can open any door.
OpenAI is claiming that The New York Times hacked ChatGPT to get the evidence for its lawsuit, where Microsoft and OpenAI were accused of infringing rights and copying articles from the Times.
Microsoft's BitLocker encryption offers a way for users to secure their data from prying eyes. However, it has a major flaw that can allow a hacker to decrypt data within minutes with basic tools.
Data-harvesting malware Phemedrone exploits vulnerability in Windows Defender SmartScreen to avoid warnings and checks. It collects various sensitive data and sends them to the hackers.
Online scammers try to trick people into thinking that during crypto hype they registered on an online Bitcoin mining platform, then frighten them with the loss of their fictional funds.
18-year-old Arion Kurtaj, who has autism, has been sentenced to stay in a UK hospital indefinitely after he was found guilty of hacking into Rockstar Games' server and leaking early GTA 6 footage.
The SEC has announced new rules that will force publicly traded companies to report any cybersecurity incidents within four business days. This will help customers learn of breaches sooner.
A Redis server malware, that has been built on Rust, is infecting servers based on both Windows as well as Linux. Dubbed the "P2PInfect", this worm is able to exploit the Lua vulnerability.
Hacker Gary Bowser from the infamous Team-Xecuter Nintendo piracy group has been released early from prison. However, he will likely be paying off fines to Nintendo for the rest of his life.
U.S. federal cybersecurity agency CISA has developed a Python-based utility to detect signs of hacking in Microsoft cloud environments including Microsoft 365, Azure, and Azure Active Directory (AAD).
With today's Pay What You Want deal, why not start fighting back against malicious hackers with this 55-hour bundle? Beat the average price for the entire bundle, or Pay What You Want for part of it.
_medium.jpg)
The cyber attack was reportedly directed at the FBI's New York offices and may involve computers that are used to investigate child sex crimes. There's no word on who is responsible for the attack.
Two people have been indicted for hacking Ring security cameras and swatting. The defendants from Wisconsin and North Carolina face charges over conspiracy to access computers without authorization.
Instagram has launched a dedicated support page where users can report and resolve issues related to their account access. Users can now also get help from their friends for account verification.
The cybercriminals, who were, responsible for the Medibank cyber-attack have released the customer data they took from the health insurer onto the dark web. The police investigation is still on.
Half a billion phone numbers of WhatsApp users is reportedly up for sale on a well-known hacking community. The dataset contains user data from 84 countries, with over 32 million numbers from the US.
Medibank, the Australian private health insurance provider has been hit by a cyber incident. Currently, It is investigating the nature of the incident and any impact it may have on its customers.
Footage of Rockstar Games' upcoming Grand Theft Auto entry may have leaked online. A hacker is reportedly in possession of the game's source code and a test build, and is leaking early gameplay.
Uber has suffered a significant data breach. The rideshare company has taken several of its internal systems offline to assess the extent of the damage done. It's the first major attack since 2016.
HP has warned that it has discovered a new high severity privilege escalation vulnerability inside its own Support Assistant software utility. The company has also issued a fix for the security flaw.
Dutch authorities have arrested a suspected developer of Tornado Cash, an Ethereum mixing service. It comes after the U.S. sanctioned the service for allegedly mixing criminally gained crypto.
One of the leading anti-virus assessment companies, AV-TEST couldn't stop the breach of its own Twitter account. The attack happened over a week ago and the account still remains hacked.
A new air-gap cyberattack technique has entered the frame. The researchers are referring to it as “SATAn” and it basically involves using ordinary SATA cables to transmit data wirelessly.
_medium.jpg)
With the increasing cyber threats, the cloud environment has become unsafe. Users look for better threat detection services as Permiso launches P0 Labs offering an identity-based approach.
During the first day of Pwn2Own Vancouver 2022, participants demonstrated various zero-day exploits and security loopholes in popular Microsoft products, such as Windows 11 and Teams.
Scraping data from websites that are publicly accessible does not constitute 'hacking', ruled the Ninth Circuit Court of Appeals in a case involving LinkedIn. This ruling could set a precedent.
Microsoft has revealed its latest efforts to tackle cyber attacks by a hacking entity linked to Russia called Strontium. It took over several of the entity's domains to help keep users safe.
A prominent member of the Lapsus$ hacking group has supposedly been identified as a 16-year-old boy; seven of the group's members have also been arrested by the City of London Police.
Microsoft has released a new Windows Server preview build 25075 today to Insiders. The new build brings an SMB NTLM authentication limiting feature that makes brute-force exploits very challenging.
_(1)_medium.jpg)
Anonymous has posted a tweet claiming that it has shut down Russian Space Agency but Director General Roscosmos asserts the claim is untrue as "space activity control centers are operating normally".
_medium.jpg)
A new crypto wallet information stealing Kraken botnet has been discovered by ZeroFox. The malware is able to easily bypass Windows Defender scans by simply adding itself as an exclusion.
An LPE security vulnerability under the ID CVE-2021-4034 was found by Linux security researchers at Qualys. The bug has been present for 12+ years and almost every major Linux distro is vulnerable.
Overturning an earlier ruling, London's High Court of Justice has ruled that founder of WikiLeaks Julian Assange can be extradited to the US where he will face espionage and hacking charges.
Meta has said that it hopes to make Facebook Protect available to highly targeted users in 50 countries by the end of the year. Facebook Protect adds extra security layers such as 2FA.
HP has issued a list of its printers that are vulnerable to a new "Critical" buffer overflow bug that can lead to exploitation. Fortunately, patched firmware for these models has also been released.
_medium.jpg)
Intel has published an updated security advisory for a couple of new LPE bugs that were discovered. A lot of the newer CPUs, except Alder Lake, are vulnerable too. Firmware patches are rolling out.
