Summary

Total Articles Found: 4

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Marriott Was Hacked -- Again
  • HackerOne insider fired for trying to claim other people’s bounties
  • Microsoft Executives Hacked
  • China Taking Control of Zero-Day Exploits

Microsoft Executives Hacked

Published: 2024-01-29 12:03:42

Popularity: 12

Author: Bruce Schneier

Keywords:

  • Uncategorized
  • disclosure
  • hacking
  • Microsoft
  • Russia
  • Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. ...

    ...more

    HackerOne insider fired for trying to claim other people’s bounties

    Published: 2022-07-04 21:08:37

    Popularity: 29

    Author: Pieter Arntz

    Keywords:

  • Reports
  • bug bounty
  • disclosure
  • HackerOne
  • insider threat
  • rzlr
  • 🤖: ""Double agent fail""

    Bug bounty platform HackerOne has disclosed that it was the victim of a rogue insider. The post HackerOne insider fired for trying to claim other people’s bounties appeared first on Malwarebytes Labs.

    ...more

    China Taking Control of Zero-Day Exploits

    Published: 2021-07-14 11:04:46

    Popularity: 5

    Author: Bruce Schneier

    Keywords:

  • Uncategorized
  • China
  • cybersecurity
  • cyberweapons
  • disclosure
  • vulnerabilities
  • zero-day
  • 🤖: "Red flag waving"

    China is making sure that all newly discovered zero-day exploits are disclosed to the government. Under the new rules, anyone in China who finds a vulnerability must tell the government, which will decide what repairs to make. No information can be given to “overseas organizations or individuals” other than the product’s manufacturer. No one may “collect, sell or publish information on network product security vulnerabilities,” say the rules issued by the Cyberspace Administration of China and the police and industry ministries. This just blocks the cyber-arms trade. It doesn’t prevent researchers from telling the products’ companies, even if they are outside of China...

    ...more

    Marriott Was Hacked -- Again

    Published: 2020-04-02 16:33:42

    Popularity: 119

    Author: Bruce Schneier

    Keywords:

  • accountability
  • breaches
  • disclosure
  • hacking
  • hotels
  • 🤖: "Hack alert"

    Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved, although not all of this information was present for every guest involved: Contact Details (e.g., name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points balance, but not passwords) Additional...

    ...more

    end