Schneier on Security

JULY 2, 2021

News article. This, along with various techniques also detailed in the advisory, allowed the actors to evade defenses and collect and exfiltrate various information in the networks, including mailboxes.

Hacking 363

Hacking Passwords Malware Accountability 363

Schneier on Security

DECEMBER 9, 2022

This article talks about public land in the US that is completely surrounded by private land, which in some cases makes it inaccessible to the public. But there’s a hack: Some hunters have long believed, however, that the publicly owned parcels on Elk Mountain can be legally reached using a practice called corner-crossing.

Hacking 285

Hacking 285

Schneier on Security

MARCH 23, 2021

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. There’s much in the article about when Accellion knew about the vulnerability, when it alerted its customers, and when it patched its software.

Hacking 287

Hacking Banking Technology Software 287

Schneier on Security

OCTOBER 13, 2023

Interesting New York Times article about high-school students hacking the grading system. ” It’s a basic math hack. I know this is a minor thing in the universe of problems with secondary education and grading, but I found the hack interesting. What’s not helping? A teacher from Chapel Hill, N.C.,

Hacking 308

Hacking Education 308

Schneier on Security

APRIL 28, 2023

My latest book, A Hacker’s Mind , is filled with stories about the rich and powerful hacking systems, but it was hard to find stories of the hacking by the less powerful. Here’s one I just found.

Hacking 275

Hacking Software 275

Schneier on Security

JULY 3, 2020

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Lots of details about the hack in the article.

Hacking 278

Hacking Telecommunications Encryption Firewall 278

Schneier on Security

OCTOBER 3, 2023

No details in the article, but it seems that it’s easy to take control of the pump and have it dispense gas without requiring payment. Turns out pumps at gas stations are controlled via Bluetooth, and that the connections are insecure. It’s a complicated crime to monetize, though.

Hacking 343

Hacking 343

Schneier on Security

JANUARY 5, 2021

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). There is also no indication yet that any human intelligence alerted the United States to the hacking.

Hacking 355

Hacking System Administration Software Surveillance 355

Schneier on Security

APRIL 11, 2023

News articles. Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby.

Hacking 340

Hacking Software Malware 340

Schneier on Security

JULY 13, 2021

News article. In subsequent phishing emails, TA453 shifted their tactics and began delivering the registration link earlier in their engagement with the target without requiring extensive conversation. This operation, dubbed SpoofedScholars, represents one of the more sophisticated TA453 campaigns identified by Proofpoint.

Hacking 363

Hacking Phishing Accountability Cybersecurity 363

Schneier on Security

MARCH 3, 2022

Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group). News article. The attack lasted for over 10 years.

Hacking 249

Hacking Cybersecurity 249

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. ” reads the article published by the Wall Street Journal. . ” reads the article published by the Wall Street Journal. “Do and its allies for hacking activities in July.

Hacking 132

Hacking Internet Internet Government 132

Schneier on Security

OCTOBER 8, 2024

The first line of the article is: “A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. Those backdoors have been mandated by law—CALEA—since 1994. It’s a weird story. broadband providers.”

Hacking 303

Hacking Government 303

Schneier on Security

AUGUST 25, 2023

This article talks about new Mexican laws about food labeling, and the lengths to which food manufacturers are going to ensure that they are not effective. There are the typical high-pressure lobbying tactics and lawsuits.

Hacking 234

Hacking Manufacturing Marketing 234

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. Here are a few news articles. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. It’s worth reading in its entirety. This is their third report.

Hacking 324

Hacking Government Accountability Technology 324

Security Affairs

FEBRUARY 28, 2025

” reads the article published by DW. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,smart solar systems)

Hacking 103

Hacking Passwords Risk Cyber threats 103

Schneier on Security

NOVEMBER 18, 2022

” Much more detail in the article—and the research paper. “We also show that, in a simulated spaceflight mission, PCspooF causes uncontrolled maneuvers that threaten safety and mission success.”

Hacking 288

Hacking 288

Graham Cluley

MAY 20, 2025

pleaded guilty to charges related to the January 2024 hack of the US Securities and Exchange Commission's (SEC) Twitter account, which saw a fake announcement about the Bitcoin cryptocurrency posted to its followers. Read more in my article on the Hot for Security blog. Eric Council Jr.

Hacking 98

Hacking Cryptocurrency Accountability 98

Schneier on Security

JANUARY 24, 2020

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

Hacking 266

Hacking Backups Spyware Encryption 266

Schneier on Security

DECEMBER 17, 2020

Lots of details in the article. The cyberweapons arms business is immoral in many ways.

Spyware 356

Spyware Surveillance Government Hacking 356

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Malware 124

Malware DDOS Cryptocurrency Education 124

Security Affairs

OCTOBER 20, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 126

Malware Ransomware Encryption Phishing 126

Krebs on Security

FEBRUARY 9, 2023

” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. Secret Service determined that he ran a massive “money mule” scheme, which used phony job offers to trick people into laundering money stolen from hacked small to mid-sized businesses in the United States.

Hacking 250

Hacking Cybercrime Ransomware Government 250

Schneier on Security

MAY 24, 2022

News article.

Hacking 276

Hacking Cybercrime Accountability Cybersecurity 276

Schneier on Security

SEPTEMBER 17, 2024

From a news article These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware.

Malware 296

Malware Social Engineering Engineering Hacking 296

Schneier on Security

NOVEMBER 12, 2021

From an article : Google’s researchers were able to trigger the exploits and study them by visiting the websites compromised by the hackers. In addition, the zero-day exploit used in this hacking campaign is “identical” to an exploit previously found by cybersecurity research group Pangu Lab, Huntley said.

Hacking 336

Hacking Malware Cybersecurity 336

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

Graham Cluley

OCTOBER 25, 2024

A US $10 million reward is being offered to anyone who has information about four members of an Iranian hacking group. Read more in my article on the Hot for Security blog.

Hacking 131

Hacking Government 131

Adam Shostack

JANUARY 2, 2025

Thoughts on the recent Fireeye Hack and the culture surrounding breaches [Update: 3 comments] Fireeye's announcement of their discovery of a breach is all over the news. The Reuters article quotes a 'Western security official' as saying "Plenty of similar companies have also been popped like this." I have two comments.

Hacking 130

Hacking 130

Schneier on Security

FEBRUARY 15, 2021

From a MIT Technology Review article : Soon after they were spotted, the researchers saw one exploit being used in the wild. In September 2019, another similar vulnerability was found being exploited by the same hacking group. Another article on the talk. Microsoft issued a patch and fixed the flaw, sort of.

Technology 354

Technology Hacking Software 354

Schneier on Security

DECEMBER 2, 2021

Specifically, the hack used the same token as both the tokenIn and tokenOut, which are methods for exchanging the value of one token for another. The article goes on to talk about how common these sorts of attacks are. MonoX updates prices after each swap by calculating new prices for both tokens.

Internet 362

Internet Internet Hacking Software 362

Graham Cluley

JULY 15, 2024

The hacking group, which calls itself NullBulge, posted on an underground hacking forum that it had hoped to postpone announcing the breach until it had accessed more information, "but our insider man got cold feet and kicked us out." Read more in my article on the Hot for Security blog.

Hacking 135

Hacking Data breaches 135

Security Affairs

NOVEMBER 3, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Graham Cluley

NOVEMBER 30, 2023

A 28-year-old maj has pleaded guilty to charges that he illegally hacked the network of his former company, telecoms firm Motorola, after he successfully tricked current staff into handing over their login credentials. Read more in my article on the Tripwire State of Security blog.

Hacking 142

Hacking Phishing Data breaches 142

Graham Cluley

SEPTEMBER 26, 2024

Meanwhile, a pro-Israel hacking group claims to have changed chlorine levels at water facilities in Lebanon. Read more in my article on the Tripwire State of Security blog.

Hacking 140

Hacking Technology Cybersecurity 140

Security Affairs

MAY 11, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAPTCHA New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging (..)

Malware 97

Malware eCommerce Hacking Ransomware 97

Schneier on Security

NOVEMBER 24, 2021

NSO Group’s Pegasus spyware is favored by totalitarian governments around the world, who use it to hack Apple phones and computers. Though misused to deliver FORCEDENTRY, Apple servers were not hacked or compromised in the attacks. I have a law journal article about to be published with Jon Penney on the Facebook case.

Spyware 346

Spyware Hacking Government Malware 346