NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked.

More Russian Hacking

Schneier on Security

Uncategorized cybersecurity hacking malware Microsoft RussiaTwo reports this week.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

FireEye Hacked

Schneier on Security

FireEye was hacked by — they believe — “a nation with top-tier offensive capabilities”: During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security.

Iranian State-Sponsored Hacking Attempts

Schneier on Security

Uncategorized cybersecurity hacking Iran phishing

When AIs Start Hacking

Schneier on Security

Hacking is as old as humanity. To date, hacking has exclusively been a human activity. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage. Separately, AIs can engage in something called reward hacking.

Hacking Weapons Systems

Schneier on Security

Lukasz Olejnik has a good essay on hacking weapons systems. Uncategorized cyberattack cyberweapons hacking infrastructure military national security policy weapons

Three Top Russian Cybercrime Forums Hacked

Krebs on Security

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. A note posted by a Verified forum administrator concerning the hack of its registrar in January.

Accellion Supply Chain Hack

Schneier on Security

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. Uncategorized hacking patching supply chain vulnerabilities

Hacking a Coffee Maker

Schneier on Security

As expected, IoT devices are filled with vulnerabilities : As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it.

Hacking a Power Supply

Schneier on Security

This hack targets the firmware on modern power supplies. academicpapers firmware hacking phonesYes, power supplies are also computers.).

Hacking Digitally Signed PDF Files

Schneier on Security

Uncategorized academic papers Adobe hacking signaturesInteresting paper: “ Shadow Attacks: Hiding and Replacing Content in Signed PDFs “: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content.

Tesla Remotely Hacked from a Drone

Schneier on Security

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. Uncategorized cars drones hacking vulnerabilities Wi-Fi

Marriott Was Hacked -- Again

Schneier on Security

accountability breaches disclosure hacking hotelsMarriott announced another data breach, this one affecting 5.2

Hacked by Police

Schneier on Security

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents.

2017 Tesla Hack

Schneier on Security

cars classbreaks hacking vulnerabilitiesInteresting story of a class break against the entire Tesla fleet.

Hacking AI-Graded Tests

Schneier on Security

artificialintelligence cheating hacking schoolsThe company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis.

The Story of the 2011 RSA Hack

Schneier on Security

Really good long article about the Chinese hacking of RSA, Inc. Uncategorized China cybersecurity hacking RSA supply chainThey were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come.

Hacking Apple for Profit

Schneier on Security

Five researchers hacked Apple Computer’s networks — not their products — and found fifty-five vulnerabilities. Uncategorized Apple hacking incentives vulnerabilities

North Korea ATM Hack

Schneier on Security

atms banking cybercrime cybersecurity hacking malware northkorea

Hacking McDonald's for Free Food

Schneier on Security

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. authentication hacking vulnerabilities

UAE Hack and Leak Operations

Schneier on Security

Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. academicpapers cybersecurity hacking leaks nationalsecuritypolicy qatar saudiarabia unitedarabemirates

Twitter Hack Tied To Employee Spearphishing

Adam Levin

With the arrest of 17-year-old hacker Graham Ivan Clark in Tampa, Florida and more than 30 charges later, we’re starting to get a better understanding of the July 15 hack that compromised 130 Twitter high-profile accounts. .

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

The post Hacked IoT Devices Livestreaming Swatting Attacks: FBI appeared first on Adam Levin. Data Security Technology featured hacking IoT swatHackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI.

IoT 206

Dark Web Hosting Provider Hacked

Schneier on Security

Daniel's Hosting, which hosts about 7,600 dark web portals for free, has been hacked and is down. darkweb hackingIt's unclear when, or if, it will be back up.

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Krebs on Security

FireEye posits the impact of the hack on SolarWinds is widespread, affecting public and private organizations around the world. Communications at the U.S.

SolarWinds Hack Could Affect 18K Customers

Krebs on Security

FireEye didn’t explicitly say its own intrusion was the result of the SolarWinds hack, but the company confirmed as much to KrebsOnSecurity earlier today. 13, news broke that the SolarWinds hack resulted in attackers reading the email communications at the U.S.

Latest on the SVR’s SolarWinds Hack

Schneier on Security

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). There is also no indication yet that any human intelligence alerted the United States to the hacking.

On course for a good hacking

We Live Security

The post On course for a good hacking appeared first on WeLiveSecurity. HackingA story of how easily hackers could hit a hole-in-one with the computer network of a premier golf club in the UK.

Hacking School Surveillance Systems

Schneier on Security

Lance Vick suggesting that students hack their schools' surveillance systems. generations hacking privacy schools surveillanceThis is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine," he said.

Collating Hacked Data Sets

Schneier on Security

Two Harvard undergraduates completed a project where they went out on the Dark Web and found a bunch of stolen datasets. Then they correlated all the information , and then combined it with additional, publicly available information. No surprise: the result was much more detailed and personal.

FIFA Hacked Again

Adam Levin

The international soccer league FIFA announced it had been hacked earlier this year and is bracing itself for a potential data breach. This latest cyber incident marks the second major successful hack on the organization, the first reported in 2017. That attack was attributed to a Russian hacking group alternately called Fancy Bear and APT28. The 2017 Fancy Bear hack leaked a wide variety of embarrassing and illegal behavior.

Twitter Hack 2020 culprit arrested in Spain

CyberSecurity Insiders

Joseph who hails from Liverpool is suspected to be the culprit of the July 2020 Hack of Twitter where over 130 twitter accounts including that of the Kanye West, Bill Gates, Joe Biden, Barack Obama and Tesla Chief Elon Musk were hacked to propagate a fake cryptocurrency earning scheme.

Iranian Government Hacking Android

Schneier on Security

Hacking Grindr Accounts with Copy and Paste

Troy Hunt

Sexuality, relationships and online dating are all rather personal things. They're aspects of our lives that many people choose to keep private or at the very least, share only with people of our choosing.

Analysing the (Alleged) Minneapolis Police Department "Hack"

Troy Hunt

The situation in Minneapolis at the moment (and many other places in the US) following George Floyd's death is, I think it's fair to say, extremely volatile.

Hospitals Still Use Pneumatic Tubes—and They Can Be Hacked

WIRED Threat Level

Security Security / Cyberattacks and HacksThe tech may seem antiquated, but it poses very modern cybersecurity problems.

ROUNDTABLE: Kaseya hack exacerbates worrisome supply-chain, ransomware exposures

The Last Watchdog

Last Friday, July 2, in a matter of a few minutes, a Russian hacking collective, known as REvil, distributed leading-edge ransomware to thousands of small- and mid-sized businesses (SMBs) across the planet — and succeeded in locking out critical systems in at least 1,500 of them. There’s no guarantee that REvil would provide said decryption key and paying a ransom request will certainly cause other hacking groups to sit up and take notice of REvil’s strategy.

Leaked NSA Hacking Tools

Schneier on Security

In 2016, a hacker group calling itself the Shadow Brokers released a trove of 2013 NSA hacking tools and related documents. china disclosure hacking nsa russia vulnerabilities zerodayMost people believe it is a front for the Russian government. Since, then the vulnerabilities and tools have been used by both government and criminals, and put the NSA's ability to secure its own cyberweapons seriously into question.

NSA Advisory on Chinese Government Hacking

Schneier on Security

This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Uncategorized China hacking NSA vulnerabilities

Brazilian Cell Phone Hack

Schneier on Security

The cell phones of a thousand Brazilians, including senior government officials, was hacked -- seemingly by actors much less sophisticated than rival governments. Brazil's federal police arrested four people for allegedly hacking 1,000 cellphones belonging to various government officials, including that of President Jair Bolsonaro. brazil cellphones cybersecurity hacking

Where Next With Hacking Back Against Cyber Crime?

Lohrman on Security

to hack back against cybercrimminals and hold nation-states responsible. After the recent ransomware attacks against Colonial Pipeline, JBS and others, there are new calls for the U.S. So what now?

Breached Data Indexer ‘Data Viper’ Hacked

Krebs on Security

Data Viper , a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online.

New Hacking-for-Hire Company in India

Schneier on Security

Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India. Key Findings: Dark Basin is a hack-for-hire group that has targeted thousands of individuals and hundreds of institutions on six continents. hacking india phishing reports