FireEye Hacked

Schneier on Security

FireEye was hacked by — they believe — “a nation with top-tier offensive capabilities”: During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security.

More Russian Hacking

Schneier on Security

Uncategorized cybersecurity hacking malware Microsoft RussiaTwo reports this week.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

When AIs Start Hacking

Schneier on Security

Hacking is as old as humanity. To date, hacking has exclusively been a human activity. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage. Separately, AIs can engage in something called reward hacking.

Hacking Weapons Systems

Schneier on Security

Lukasz Olejnik has a good essay on hacking weapons systems. Uncategorized cyberattack cyberweapons hacking infrastructure military national security policy weapons

Hacking Apple for Profit

Schneier on Security

Five researchers hacked Apple Computer’s networks — not their products — and found fifty-five vulnerabilities. Uncategorized Apple hacking incentives vulnerabilities

Hacking Alexa through Alexa’s Speech

Schneier on Security

Uncategorized academic papers Amazon hacking voice recognitionAn Alexa can respond to voice commands it issues. This can be exploited : The attack works by using the device’s speaker to issue voice commands.

NSO Group Hacked

Schneier on Security

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists, human rights workers, and others — was hacked.

Hacking the Sony Playstation 5

Schneier on Security

I just don’t think it’s possible to create a hack-proof computer system, especially when the system is physically in the hands of the hackers. Uncategorized exploits gaming consoles hacking reverse engineering

Hacking a Coffee Maker

Schneier on Security

As expected, IoT devices are filled with vulnerabilities : As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it.

Iranian State-Sponsored Hacking Attempts

Schneier on Security

Uncategorized cybersecurity hacking Iran phishing

2017 Tesla Hack

Schneier on Security

cars classbreaks hacking vulnerabilitiesInteresting story of a class break against the entire Tesla fleet.

Accellion Supply Chain Hack

Schneier on Security

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. Uncategorized hacking patching supply chain vulnerabilities

Hacked by Police

Schneier on Security

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents.

Details of an NSA Hacking Operation

Schneier on Security

Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA). It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group).

Hacking AI-Graded Tests

Schneier on Security

artificialintelligence cheating hacking schoolsThe company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis.

Three Top Russian Cybercrime Forums Hacked

Krebs on Security

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. A note posted by a Verified forum administrator concerning the hack of its registrar in January.

North Korea ATM Hack

Schneier on Security

atms banking cybercrime cybersecurity hacking malware northkorea

On the Irish Health Services Executive Hack

Schneier on Security

Uncategorized hacking Ireland ransomware reports security policies

Hacking Digitally Signed PDF Files

Schneier on Security

Uncategorized academic papers Adobe hacking signaturesInteresting paper: “ Shadow Attacks: Hiding and Replacing Content in Signed PDFs “: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content.

Hacking a Power Supply

Schneier on Security

This hack targets the firmware on modern power supplies. academicpapers firmware hacking phonesYes, power supplies are also computers.).

UAE Hack and Leak Operations

Schneier on Security

Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. academicpapers cybersecurity hacking leaks nationalsecuritypolicy qatar saudiarabia unitedarabemirates

Marriott Was Hacked -- Again

Schneier on Security

accountability breaches disclosure hacking hotelsMarriott announced another data breach, this one affecting 5.2

Tesla Remotely Hacked from a Drone

Schneier on Security

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. Uncategorized cars drones hacking vulnerabilities Wi-Fi

Hacking School Surveillance Systems

Schneier on Security

Lance Vick suggesting that students hack their schools' surveillance systems. generations hacking privacy schools surveillanceThis is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine," he said.

Dark Web Hosting Provider Hacked

Schneier on Security

Daniel's Hosting, which hosts about 7,600 dark web portals for free, has been hacked and is down. darkweb hackingIt's unclear when, or if, it will be back up.

The Story of the 2011 RSA Hack

Schneier on Security

Really good long article about the Chinese hacking of RSA, Inc. Uncategorized China cybersecurity hacking RSA supply chainThey were able to get copies of the seed values to the SecurID authentication token, a harbinger of supply-chain attacks to come.

Hacking McDonald's for Free Food

Schneier on Security

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. authentication hacking vulnerabilities

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

The post Hacked IoT Devices Livestreaming Swatting Attacks: FBI appeared first on Adam Levin. Data Security Technology featured hacking IoT swatHackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI.

IoT 245

Alaska’s Department of Health and Social Services Hack

Schneier on Security

Apparently, a nation-state hacked Alaska’s Department of Health and Social Services. Uncategorized cyberespionage hacking healthcare leaks

US Critical Infrastructure Companies Will Have to Report When They Are Hacked

Schneier on Security

national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress. […]. Uncategorized cyberattack cyberespionage cybersecurity defense espionage hacking infrastructure laws ransomware

Red Cross Hack Linked to Iranian Influence Operation?

Krebs on Security

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. In their online statement about the hack (updated on Feb.

Iranian Government Hacking Android

Schneier on Security

Latest on the SVR’s SolarWinds Hack

Schneier on Security

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). There is also no indication yet that any human intelligence alerted the United States to the hacking.

FBI Email Servers hacked

CyberSecurity Insiders

In what is known to our Cybersecurity Insiders, the hack occurred because of a mis-configuration in the email server of the federal organizations that made many individuals receive spammed emails coming from departments such as Homeland Security, but were actually sent from the @ic.fbi.gov domain.

Collating Hacked Data Sets

Schneier on Security

Two Harvard undergraduates completed a project where they went out on the Dark Web and found a bunch of stolen datasets. Then they correlated all the information , and then combined it with additional, publicly available information. No surprise: the result was much more detailed and personal.

Details on VirusTotal Hacking

CyberSecurity Insiders

The post Details on VirusTotal Hacking appeared first on Cybersecurity Insiders. VirusTotal, an anti-malware solution provider, is now offering a service that can collect credentials stolen by malicious software aka malware.

SolarWinds Hack Could Affect 18K Customers

Krebs on Security

FireEye didn’t explicitly say its own intrusion was the result of the SolarWinds hack, but the company confirmed as much to KrebsOnSecurity earlier today. 13, news broke that the SolarWinds hack resulted in attackers reading the email communications at the U.S.

NSA Advisory on Chinese Government Hacking

Schneier on Security

This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks. Uncategorized China hacking NSA vulnerabilities

Where Next With Hacking Back Against Cyber Crime?

Lohrman on Security

to hack back against cybercrimminals and hold nation-states responsible. After the recent ransomware attacks against Colonial Pipeline, JBS and others, there are new calls for the U.S. So what now?

Russia Is Being Hacked at an Unprecedented Scale

WIRED Threat Level

Security Security / Cyberattacks and HacksFrom “IT Army” DDoS attacks to custom malware, the country has become a target like never before.

DDOS 114

Norwegian Government Blames Russia for Hacking Campaign

Adam Levin

The Norwegian government has blamed Russia for a hacking campaign that targeted the email accounts of parliament members. The post Norwegian Government Blames Russia for Hacking Campaign appeared first on Adam Levin.

Brazilian Cell Phone Hack

Schneier on Security

The cell phones of a thousand Brazilians, including senior government officials, was hacked -- seemingly by actors much less sophisticated than rival governments. Brazil's federal police arrested four people for allegedly hacking 1,000 cellphones belonging to various government officials, including that of President Jair Bolsonaro. brazil cellphones cybersecurity hacking

The Worst Hacks of 2021

WIRED Threat Level

Security Security / Cyberattacks and HacksIt was a year of ransomware, surveillance, data breaches, and yes, more ransomware.