‘PlugwalkJoe’ pleads guilty for the massive 2020 Twitter hack - The Verge
PlugwalkJoe, aka Joseph James O’Connor, a UK citizen connected to the 2020 Twitter hack affecting many high-profile accounts, including Elon Musk, Joe Biden, Barack Obama, and Apple, has pled guilty to cyberstalking and other crimes. On Tuesday, the Department of Justice (DOJ) announced that O’Connor has been extradited to the US.
The Team of Sleuths Quietly Hunting Cyberattack-for-Hire Services
For a decade, a group called Big Pipes has worked behind the scenes with the FBI to target the worst cybercriminal “booter” services plaguing the internet. WHEN THE FBI announced the takedown of 13 cyberattack-for-hire services yesterday, it may have seemed like just another day in law enforcement’s cat-and-mouse game with a criminal industry that has long plagued the internet’s infrastructure, bombarding victims with relentless waves of junk internet traffic to knock them offline. In fact, it was the latest win for a discreet group of detectives that has quietly worked behind the scenes for nearly a decade with the goal of ending that plague for good.
On the trail of the Dark Avenger: the most dangerous virus writer in the world
The long read: Bulgaria in the 1980s became known as the ‘virus factory’, where hundreds of malicious computer programs were unleashed to wreak havoc. But who was writing them, and why?
CVE-2023-25394 - VideoStream Local Privilege Escalation
Videostream is a user-friendly wireless application designed to stream videos, music, and images to Google Chromecast devices. Boasting simplicity and reliability, this app enables you to wirelessly play any local video file with a single click. Videostream even transcodes audio and video from incompatible files into Chromecast-supported formats. With over 5 million installations, Videostream has made its mark in the streaming industry. This figure was obtained from their official website (https://getvideostream.com), while the Chrome app store lists 900,000+ users.
WordPress Advanced Custom Fields Pro plugin 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability
Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Advanced Custom Fields PRO Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 6.1.6.
Dump these Cisco phone adapters because it's not fixing them
There is a critical security flaw in a Cisco phone adapter, and the business technology giant says the only step to take is dumping the hardware and migrating to new kit. In an advisory, Cisco this week warned about the vulnerability in the SPA112 2-Port Adapter that, if exploited, could allow a remote attacker to essentially take control of a compromised device by seizing full privileges and executing arbitrary code. The flaw, tracked as CVE-2023-20126, is rated as "critical," with a base score o
One evening in late December last year, I received a cryptic phone call from a PR director at TikTok, the popular social media app. I’d written extensively about the company for the Financial Times, so we’d spoken before. But it was puzzling to hear from her just before the holidays, especially since I wasn’t working on anything related to the company at the time.
Meet Akira — A new ransomware operation targeting the enterprise
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms.
MSI Breach Leaks Intel BootGuard & OEM Image Signing Keys, Compromises Security of Over 200 Devices & Major Vendors
A recent breach in MSI's servers exposed Intel's BootGuard keys and has now put the security of various devices at risk. Major MSI Breach Affects The Security of Various Intel Devices Last month, a hacker group by the name of Money Message revealed that they had breached MSI's servers and stolen 1.5 TBs of data from the company's servers including source code amongst a list of various files that are important to the integrity of the company. The group asked MSI to pay $4.0 million in ransom to avert them from releasing the files to the public but MSI refused the payment.
OpenAI managed to appease Italian data authorities and lift the country’s effective ban on ChatGPT last week, but its fight against European regulators is far from over.
Controversy surrounding TikTok, the popular Chinese company-owned social media platform, has continued to give rise to impasse in recent weeks. Just days after the Biden administration issued a divestiture-or-ban ultimatum to the company and Beijing firmly opposed a forced sale, TikTok CEO Shou Zi Chew testified in Congress to try to save the app’s U.S. operations.
Can Better Training Reduce the Success Rate of Phishing Attacks?
A review of Arun Vishwanath, “The Weakest Link: How to Diagnose, Detect, and Defend Users From Phishing Attacks” (MIT Press, 2022) Many elements of the cyber threat landscape have changed significantly over the past two decades. For one, the number of attackers has grown dramatically, aided by the increasing availability of hacking tools and services as commodities for purchase in online marketplaces. The value of the losses cyber criminals have been able to inflict on their victims has also grown, though the dollar estimates vary widely in absolute terms. In recent years, the popularity of ransomware has increased substantially, prompting the Biden administration to initiate an ongoing diplomatic effort to foster cross-border efforts to curb this dangerous form of cyber-enabled extortion.
From Campus Rape Cases to Child Abuse Reports, ‘Worst-Case’ Data Breach Rocks MN Schools
It took two years of middle school girls accusing their Minneapolis English teacher of eyeballing their bodies in a “weird creepy way,” for district investigators to substantiate their complaints. Their drawn-out response is revealed in confidential and highly sensitive Minneapolis Public Schools investigative records that are now readily available online — just one folder in a trove of tens of thousands of leaked files that outline campus rape cases, child abuse inquiries, student mental health crises and suspension reports.
The malware threat landscape: NodeStealer, DuckTail, and more
We’re sharing our latest research and analysis into malware campaigns that are targeting online businesses — including newer malware posing as AI tools.
Earlier this week, the Republican National Committee released a video that it claims was “built entirely with AI imagery.” The content of the ad isn’t especially novel—a dystopian vision of America under a second term with President Joe Biden—but the deliberate emphasis on the technology used to create it stands out: It’s a “Daisy” moment for the 2020s.
macOS' Rapid Security Response: Designed into a Corner
With macOS 13.3.1 dropping a few weeks ago, some people have been wondering what happened to Apple’s featured “Rapid Security Response” system they showed off back at WWDC 2022? For some reason, Apple keeps shipping their usual slow, bulky security updates as opposed to the new small and “rapid” security updates. Today we’ll look into how the Rapid Security Response was implemented and how Apple’s Engineers designed themselves into a corner with this new system.
For the first time, we’ve begun rolling out passkeys, the easiest and most secure way to sign in to apps and websites and a major step toward a “passwordless future.”
Apple et Google s’accordent sur un cahier des charges industriel pour lutter contre le pistage
Aujourd’hui, Apple et Google ont conjointement présenté une proposition de cahier des charges industriel pour empêcher l’utilisation abusive des appareils de géolocalisation Bluetooth.
Ransomware cyberattack continues at Bluefield University
There are new developments on the cybersecurity attack that has crippled internet services at Bluefield University. We’ve learned through “RamAlert” texts sent to students, faculty and staff that the cyber attackers are now directly communicating with everyone on the alert system. They have identified themselves as “AvosLocker” and are demanding payment in return for not leaking students’ private information. The FBI considers AvosLocker to be ransomware. In March 2022, they released an advisory on it. They said avoslocker has “Targeted victims across multiple critical infrastructure sectors in the U.S. Including…The financial services, critical manufacturing, and government facilities sectors.”
SolarWinds: The Untold Story of the Boldest Supply-Chain Hack
It was late 2019, and Adair, the president of the security firm Volexity, was investigating a digital security breach at an American think tank. The intrusion was nothing special. Adair figured he and his team would rout the attackers quickly and be done with the case—until they noticed something strange. A second group of hackers was active in the think tank’s network. They were going after email, making copies and sending them to an outside server. These intruders were much more skilled, and they were returning to the network several times a week to siphon correspondence from specific executives, policy wonks, and IT staff.
Intended to be lightweight, timely and quick to install, the first RSR has now been provided for Ventura. Did you know you can also uninstall it easily?
BouldSpy: Android Spyware Tied to Iranian Police Targets Minorities
Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).
Apple uses iOS and macOS Rapid Security Response feature for the first time
When it announced iOS 16, iPadOS 16, and macOS Ventura at its Worldwide Developers Conference last summer, one of the features Apple introduced was something called "Rapid Security Response." The feature is meant to enable quicker and more frequent security patches for Apple's newest operating systems, especially for WebKit-related flaws that affect Safari and other apps that use Apple's built-in browser engine.
FIN7 tradecraft seen in attacks against Veeam backup servers
WithSecure Intelligence identified attacks which occurred in late March 2023 against internet-facing servers running Veeam Backup & Replication software. Our research indicates that the intrusion set used in these attacks has overlaps with those attributed to the FIN7 activity group. It is likely that initial access & execution was achieved through a recently patched Veeam Backup & Replication vulnerability, CVE-2023-27532.
Kaspersky research on ChatGPT capabilities to tell a phishing link from a legitimate one by analyzing the URL, as well as extract target organization name.
AI Chatbots Have Been Used to Create Dozens of News Content Farms
The news-rating group NewsGuard has found dozens of news websites generated by AI chatbots proliferating online, according to a report published Monday, raising questions about how the technology may supercharge established fraud techniques.