170612057
submission
wiredmikey writes:
Researchers at French offensive hacking shop Synacktiv demonstrated a pair of successful exploit chains against Tesla’s newest electric car, and were able to “fully compromise” a new Tesla Model 3 vehicle. SecurityWeek sources say Tesla security response team was on site at the event and validated the findings. The company is expected to issue fixes via the vehicle’s self-updating system.
170491515
submission
wiredmikey writes:
Electronics giant Acer confirmed getting hacked after a hacker offered to sell more than 2,800 files totaling 160 Gb allegedly stolen from the Acer's systems. The cybercriminal claims the files include confidential slides, staff manuals, confidential product documentation, binary files, information on backend infrastructure, disk images, replacement digital product keys, and BIOS-related information.
The hacker, who has a good reputation on the forum where the data was offered for sale, claimed the data was stolen in mid-February.
170456849
submission
wiredmikey writes:
The U.S. government released its widely anticipated National Cybersecurity Strategy on Tuesday, pushing mandatory regulation on critical infrastructure vendors and green-lighting a more aggressive ‘hack-back’ approach to dealing with foreign adversaries and ransomware actors. The federal government plans to use existing authorities to set “necessary cybersecurity requirements in critical sectors” and where there are legal gaps around authority, the White House plans to work with Congress to close them.
The strategy document (PDF) goes deeper, assigning the work to the FBI’s National Cyber Investigative Joint Task Force working in tandem with all relevant U.S. agencies. It said private companies will be “full partners” to issue early warnings and help repel cyberattacks.
170435865
submission
wiredmikey writes:
Password management software firm LastPass says one of its DevOps engineers had a personal home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud storage resources. LastPass, which is owned by GoTo (formerly LogMeIn), originally disclosed the breach in August 2022 and warned that portions of its source code had been stolen.
170292851
submission
wiredmikey writes:
The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption. Since public key encryption is used to secure almost all data in transit, both between separate IT infrastructures and even within individual infrastructures, that data will become accessible by anyone with a sufficiently powerful quantum computer. This is known as the cryptopocalypse. SecurityWeek examines the why, what, and how we need to prepare for that cryptopocalypse--which is coming, but still probably decades away.
170206257
submission
wiredmikey writes:
The notorious Hive ransomware operation appears to have been shut down as part of a major law enforcement operation involving agencies in 10 countries. The US government reported in November 2022 that the Hive ransomware gang had hit more than 1,300 businesses and made an estimated $100 million in ransom payments.
News of the takedown comes as some reports show that cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands. On the other hand, the volume of attacks does not seem to have dropped, with thousands of companies being targeted last year and tens of thousands of malware strains used in attacks.
163356986
submission
wiredmikey writes:
Microsoft has dismissed reports about June 14 being the last Patch Tuesday, as the rollout of the Windows Autopatch service seems to be causing some confusion. Several major cybersecurity companies and prominent security news publications caused confusion this week when they reported that June 14 was the final Patch Tuesday, describing it as “the last ever Patch Tuesday,” “the end of Patch Tuesday” and “the end of an era.”
That is not accurate. The rollout of Windows Autopatch does not mean there will no longer be Patch Tuesday updates, and Microsoft told SecurityWeek that the company will continue releasing security updates on the second Tuesday of the month.
161484794
submission
wiredmikey writes:
Elon Musk’s sudden deal to buy Twitter has triggered optimism in some quarters that the mission to “authenticate all humans” and defeat spam bots will spur technology innovation at a company that has historically struggled with cybersecurity.
Musk’s stated mission to “authenticate all humans” and defeat the spam bots on Twitter could spur cybersecurity tech innovation around identity, multi-factor authentication and botnet detection. The question is, can Musk solve Twitter’s security woes?
160699034
submission
wiredmikey writes:
The U.S government is sounding a loud alarm after discovering new custom tools capable of full system compromise and disruption of ICS/SCADA devices and servers.
A joint advisory from the Department of Energy, CISA, NSA and the FBI warned that unidentified APT actors have created specialized tools capable of causing major damage to PLCs from Schneider Electric and OMRON Corp. and servers from open-source OPC Foundation.
Privately owned ICS security firm Dragos issued a separate notice documenting what is now the seventh known industrial control system (ICS)-specific malware. “[This] is a modular ICS attack framework that an adversary could leverage to cause disruption, degradation, and possibly even destruction depending on targets and the environment,” the company said.
159224347
submission
wiredmikey writes:
Twitter will put warnings on tweets sharing links to Russian state-affiliated media, the platform said Monday, as Kremlin-tied outlets are accused of spreading misinformation on Moscow's invasion of Ukraine. The news comes as Russian troops have launched a major assault on Ukraine and while their forces battle in the physical world for control over various cities and regions, a battle is also taking place in cyberspace with attacks and misinformation campaigns.
156569797
submission
wiredmikey writes:
Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU built out of boolean pixel operations.
If that makes you scratch your head, that was exactly the reaction from Google’s premier security research team after disassembling the so-called FORCEDENTRY iMessage zero-click exploit used to plant NSO Group’s Pegasus surveillance tool on iPhones.
“We assess this to be one of the most technically sophisticated exploits we've ever seen,” Google’s Ian Beer and Samuel Groß wrote in a technical deep-dive into the remote code execution exploit that was captured during an in-the-wild attack on an activist in Saudi Arabia.
155647813
submission
wiredmikey writes:
Domain registrar and web hosting giant GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months.
The Tempe, Arizona-based GoDaddy disclosed the breach in an SEC filing and confirmed that millions of users of its managed WordPress hosting service had sensitive data stolen, including database usernames and passwords, email addresses and private SSL keys.
154865219
submission
wiredmikey writes:
Mobile stock trading platform Robinhood on Monday fessed up to a security breach that exposed names and email addresses for millions of users and “extensive account details” for what appeared to be very specific targets.
The Menlo Park., Calif-based company, which claims that about 13 million users trade stocks ETFs, and cryptocurrencies using its mobile app, said the breach happened on November 3 when a hacker stole names, email addresses, dates of birth, zip codes and additional personal information from its customer user data.
154660979
submission
wiredmikey writes:
The U.S. government wants to find the people responsible for the Colonial Pipeline ransomware attack (and many others) and it’s putting up multi-million rewards for data on the operators behind the DarkSide extortion campaign.
The Department of State on Thursday offered up to $10 million for information leading to the identification or location of senior members of the DarkSide gang that caused major gas disruptions earlier this year. (more)
152797373
submission
wiredmikey writes:
Russia on Wednesday detained the CEO of Group-IB, one of the country's leading cybersecurity firms on charges of treason, in a move that targets a company collaborating with the West on stemming cyberattacks.
Founded in 2003, the Group-IB group specializes in the detection and prevention of cyberattacks and works with Interpol and several other global institutions.
A Moscow court ordered the group's 35-year-old co-founder and CEO, Ilya Sachkov, to be held in pre-trial custody for two months on treason charges, the court's press service said, but did not provide details of the charges.
Group-IB said Wednesday that its Moscow headquarters had been searched the previous morning.
