hacking
Latest
Twitter confirms 'Bitcoin' hackers copied the data of several accounts
Twitter confirmed that during the security breach revealed on Wednesday when accounts for Joe Biden, Bill Gates and others were hijacked, attackers exported copies of the data from at least eight of their targeted accounts.
Everything we know about the Twitter Bitcoin hack
Early in the afternoon (Eastern time) on July 15th, a hacker -- or hackers -- gained control of a series of Twitter accounts owned by Bitcoin enthusiasts, executives and exchanges. Upon gaining control of those accounts, the hackers tweeted messages to those accounts' audiences claiming that they would be "giving 5000 BTC back to the community" and directing users to cryptoforhealth.com. People who visited the now-defunct website were told that if they sent Bitcoin to a specified address, they would receive double the amount in return, plus a bonus if contributions exceeded a certain threshold.
NSA says Russian hackers are trying to steal COVID-19 vaccine research
The US, UK and Canada claim Cozy Bear has targeted health care organizations.
Twitter claims 'social engineering attack' led to crypto scam tweets
Twitter provided some details from its investigation into a massive breach on Wednesday.
DOJ indicts 'fxmsp' hacker who reportedly breached hundreds of companies
In an announcement posted by the Western District of Washington’s US Attorney’s Office, authorities have identified fxmsp as a 37-year-old Kazakhstan citizen named Andrey Turchin.
Russian behind elite cybercrime forum sentenced to 9 years in prison
The US has sentenced a Russian hacker behind a giant cybercrime forum to 9 years in prison.
DOJ accuses WikiLeaks founder Julian Assange of recruiting hackers
The Justice Department has filed updated charges against WikiLeaks founder Julian Assange that accuse him of recruiting hackers from Anonymous and beyond.
A Chinese hacking group is reportedly targeting governments across Asia
A Chinese hacking group has been conducting “ongoing” espionage operations on foreign governments across Asia, according to security firm Check Point. Called Naikon, it has reportedly attacked governments in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar and Brunei, targeting foreign affairs, science and technology ministries.
Apple says Mail app vulnerabilities don't pose an 'immediate risk' to users
Apple has downplayed the danger of a Mail bug disclosed recently by a security firm, according to a tweet from analyst Rene Ritchie.
WSJ: Travelex paid ransomware ring $2.3 million
Travelex reportedly coughed up $2.3 million to the ransomware ring that attacked its systems on New Year's Eve.
Russia busts card fraud ring that included an infamous hacker
Russia tends to turn a blind eye to some fraudsters and hackers, but it just clamped down on a particularly large group. Investigators have charged at least 25 people involved in a credit card fraud ring that included a notorious hacker. While Russian authorities didn't provide a formal list of those caught in the bust, records and security blogger Andrey Sporov have revealed that one of those arrsted was Alexey Stroganov, also known as "Flint." As a Krebs on Security source said, Stroganov apparently had a stake in "almost every major [card] hack" from the past 10 years, and sent "hundreds of millions of dollars" through the seized cryptocurrency exchange BTC-e.
Chinese digital spying is becoming more aggressive, researchers say
FireEye, a US cybersecurity firm, says that it has seen a concerning spike in activity from what appears to be a Chinese hacking group called APT41. The attacks are being deployed against companies in the US, Canada, the UK and several other counties, which is atypical of Chinese hackers' typical strategy of focusing on a few particular targets. According to FireEye's report, the group is exploiting software flaws in applications and hardware developed by Cisco, Citrix and others to gain access to target companies' networks and download files via FTP, among other strategies. According to the firm, the attacks began on January 20th, dipped during the Chinese New Year celebrations and COVID-19 quarantine measures and are now back at full scale, affecting 75 of FireEye's customers.
Google’s Advanced Protection Program will block third-party Android apps
Google's latest changes to its Advanced Protection Program could create a headache for Android users who were downloading apps outside of the Play Store. Aside from a few exceptions, program participants will no longer be able to install third-party apps, TechCrunch reports.
Brazilian judge dismisses hacking charges against journalist Glenn Greenwald
Last month The Intercept's Glenn Greenwald faced criminal charges for breaking cybersecurity laws in Brazil. Now a judge has dismissed the hacking charges, linked to six people who allegedly stole information from the phones of public officials and judges. His outlet published excerpts of a group chat allegedly showing coordination between the judge and prosecutors working on a corruption investigation. The Intercept reports that the judge's dismissal is "for now," with an indication that if a previous injunction by a Supreme Court minister blocking investigation of the journalist were overturned, charges could be refiled. As it stands, the other six people will still face charges of alleged hacking to obtain the messages. In a statement, Greenwald said, "this ruling, while good, is insufficient as a protection of core press freedom. We will continue reporting and will also go to the Supreme Court for an even stronger ruling."
UN confirms it suffered a 'serious' hack, but didn't inform employees
The United Nations was the victim of a massive, likely state-sponsored hacker attack this past summer, according to reports from The New Humanitarian and Associated Press. To make the matters worse, the organization didn't disclose the details and severity of the hack until those publications obtained an internal document on the situation.
Google makes it easier to sign up for advanced hacking protection
It's now clearer why Google made it possible to use an iPhone as a security key -- the company is simplifying sign-ups for its Advanced Protection Program. As of today, anyone with a reasonably modern Android phone (running 7.0 Nougat or later) or iPhone (iOS 10 or later) can enroll in Advanced Protection using just their handset as the security key. You can get airtight security for your Google account without having to carry around a dedicated key fob just to sign in. iOS users will need to download Google's Smart Lock app, but that's the only major hassle.
NYT: Experts find evidence Russians hacked Ukrainian gas company
Any relationship between former Vice President Joe Biden, his son and the Ukrainian gas company Burisma has become a central figure in the 2020 election campaign and the impeachment of Donald Trump. Now, in a situation with echoes of the 2016 election, the New York Times reports that a security firm claims it has detected successful phishing attacks on Burisma by hackers connected to Russia.
UK investigates if cyberattack led to stock exchange outage
UK officials are worried that a London Stock Exchange outage in August wasn't just the glitch that many suspected. Wall Street Journal sources say the GCHQ intelligence agency is investigating the possibility that the failure may have been due to a cyberattack. It's reportedly taking a close look at the associated code, including time stamps, to determine if there was any suspicious activity. The exchange was in the middle of updating its systems when the outage happened, and there's a fear this left systems open to attack.
Techno-thriller 'Mr. Robot' ends on a mind-melting high
(This article contains spoilers for 'Mr. Robot' season four) When Mr. Robot debuted in June 2015, it was the show's commitment to authentic hacking that attracted eyeballs. For so long, cybersecurity had been shortchanged on-screen -- an ever-changing field that needed to be simplified, producers thought, for mainstream audiences and dramatic pacing. Mr. Robot was unique in part because it veered in the other direction, embracing the skill and complexity of modern-day hacking and taking time -- exponentially more than the average TV drama, anyway -- to explain the vulnerabilities that were being exploited and the knowledge or leverage it would give each character. Hacking, though, was never the central theme of the show. Not really.
FBI program helps companies fool hackers with 'decoy data'
The FBI thinks it has a way for companies to limit the damage from data breaches: lure thieves into taking the wrong data. Ars Technica has learned of an FBI program, IDLE (Illicit Data Loss Exploitation), that has companies plant "decoy data" to confuse intruders looking to steal valuable info. Think of it as a honeypot for would-be fraudsters and corporate spies.