Hackers stole $2 billion in crypto in 2023, data shows
Data shows hackers stole around $2 billion in crypto this year, according to data analyzed by blockchain security firms.
Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware
Apple's warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful Behind closed doors, senior officials from Modi's administration demanded that Apple soften the political impact of the state-sponsored warnings, according to Washington Post.
Authorities claim seizure of notorious ALPHV ransomware gang's dark web leak site | TechCrunch
The FBI says it has released a decryption tool allowing hundreds of ALPHV/BlackCat victims to restore their scrambled files.
Vans, Supreme owner VF Corp. says personal data stolen and orders impacted in suspected ransomware attack | TechCrunch
The U.S.-based owner of apparel brands including Vans, Supreme and The North Face says it cannot fulfill customer orders after a cyberattack.
Supply chain attack targeting Ledger crypto wallet leaves users hacked
Hackers pushed out a malicious version of a software library made by crypto company Ledger, which powers several web3 applications.
Apple will no longer give police users' push notification data without a warrant
Apple says it will now require a judge-approved order before handing over its users' push notification records to government agencies.
US healthcare giant Norton says hackers stole millions of patients' data during ransomware attack | TechCrunch
Hackers accessed the personal and health data of 2.5 million patients — and employees — during a May ransomware attack.
23andMe confirms hackers stole ancestry data on 6.9 million users
Genetic testing company 23andMe revealed that its data breach was much worse than previously reported, hitting about half of its total customers.
SEC accuses SolarWinds CISO of misleading investors before Russian cyberattack | TechCrunch
The U.S. Securities and Exchange Commission has charged SolarWinds and its top cybersecurity executive Timothy Brown with fraud and internal control
Decade of newborn child registry data stolen in MOVEit mass-hack
The breach affecting more than 3.4 million people — including newborns and children — is one of the biggest MOVEit-related hacks of the year.
LogicMonitor customers hit by hackers, because of default passwords | TechCrunch
An unknown number of LogicMonitor's customers have been hacked due to the fact that the company set weak default passwords.
MOVEit, the biggest hack of the year, by the numbers
The mass-exploitation of MOVEit file transfer servers — the largest hack of the year so far — now affects at least 60 million people.
This $70 device can spoof an Apple device and trick you into sharing your password
Attendees at Def Con, one of the world’s largest hacking conferences, are used to weird shenanigans, such as a seemingly innocuous wall of computer screens that display people’s passwords sniffed over the conference Wi-Fi network. But at this year’s event, even conference veterans were confused and concerned when their iPhones started showing pop-up messages prompting them to connect their Apple ID or share a password with a nearby Apple TV.
Researchers watched 100 hours of hackers hacking honeypot computers
Imagine being able to sit behind a hacker and observe them take control of a computer and play around with it. That’s pretty much what two security researchers did thanks to a large network of computers set up as a honeypot for hackers. The researchers deployed several Windows servers deliberately exposed on the internet, set up with Remote Desktop Protocol, or RDP, meaning that hackers could remotely control the compromised servers as if they were regular users, being able to type and click around.
Spyware maker LetMeSpy shuts down after hacker deletes server data
A June data breach wiped out the spyware maker's servers
Russia-backed hackers used Microsoft Teams to breach government agencies | TechCrunch
Russian state-sponsored hackers posed as technical support staff on Microsoft Teams to compromise dozens of global organizations, including government agencies.
TSMC confirms data breach after LockBit cyberattack on third-party supplier
One of the world's biggest chipmakers confirmed a data breach after the LockBit ransomware gang targeted one of its third-party providers.
LetMeSpy, a phone tracking app spying on thousands, says it was hacked
A data breach reveals the spyware is built by a Polish developer
A simple bug exposed access to thousands of smart security alarm systems
The vulnerability — now fixed — was discovered in a cloud-based system that allows customers to remotely manage their security alarm systems.
Ransomware gang lists first victims of MOVEit mass-hacks, including US banks and universities | TechCrunch
The hackers responsible for exploiting a flaw to target users of a popular file transfer tool has begun listing victims of the mass-attacks
Shell Recharge security lapse exposed EV drivers’ data
Oil giant Shell said it is investigating after a security researcher found an exposed internal database spilling the personal information of drivers who use the company’s electric vehicle charging stations.
Another huge US medical data breach confirmed after Fortra mass-hack
Hackers stole another half a million people’s personal and health information during a ransomware attack on a technology vendor earlier this year. Intellihartx, a Tennessee-based company that handles patient payment balances and collections, said in a notice filed with the Maine attorney general’s office that 489,830 patients had information stolen in the cyberattack targeting its vendor, Fortra.
Popular Android TV boxes sold on Amazon are laced with malware
The malware-infected AllWinner and RockChip-powered Android TV models are still available to purchase on Amazon.
Apple’s high security mode blocked NSO spyware, researchers say | TechCrunch
Apple has fixed the three exploits used to deploy the Pegasus spyware, which did not require any interaction from the target.
Hackers claim vast access to Western Digital systems
One of the hackers who breached Western Digital provided some details about the hack, the data stolen, and what the hackers are demanding.
Mercenary spyware hacked iPhone victims with rogue calendar invites, researchers say | TechCrunch
Researchers found malware developed by QuaDream, a little-known government spyware maker, which was used against journalists and politicians.
New victims come forward after mass-ransomware attack
The number of victims affected by a mass-ransomware attack, caused by a bug in a popular data transfer tool used by businesses around the world, continues to grow as another organization tells TechCrunch that it was also hacked. The City of Toronto told TechCrunch in a revised statement on March 23: “Today, the City of Toronto has confirmed that unauthorized access to City data did occur through a third party vendor. The access is limited to files that were unable to be processed through the third party secure file transfer system.”
Telehealth startup Cerebral shared millions of patients' data with advertisers
The startup shared millions of patients' personal information and health data with Google, Facebook, and TikTok.
Sensitive US military emails spill online
A security researcher told TechCrunch that a government server was exposing military emails to the internet because no password was set.
Mailchimp says it was hacked — again
This is the second breach to hit Mailchimp in six months. It also appears to be almost identical to a previous incident.