Summary

Total Articles Found: 12

Top sources:

Top Keywords:

Top Authors

Top Articles:

  • Multiple “CIA failures” led to theft of agency’s top-secret hacking tools
  • G7 Comes Out in Favor of Encryption Backdoors
  • Ransomware Recovery Firms Who Secretly Pay Hackers
  • Cellebrite Claims It Can Unlock Any iPhone
  • Wi-Fi Chip Vulnerability
  • Iranian Cyberespionage Tools Leaked Online
  • Marriott Was Hacked -- Again
  • A Harlequin Romance Novel about Hackers
  • Tesla Remotely Hacked from a Drone
  • Another SolarWinds Orion Hack

Microsoft Executives Hacked

Published: 2024-01-29 12:03:42

Popularity: 12

Author: Bruce Schneier

Keywords:

  • Uncategorized
  • disclosure
  • hacking
  • Microsoft
  • Russia
  • Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives. Beginning in late November 2023, the threat actor used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold, and then used the account’s permissions to access a very small percentage of Microsoft corporate email accounts, including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, and exfiltrated some emails and attached documents. The investigation indicates they were initially targeting email accounts for information related to Midnight Blizzard itself. ...

    ...more

    Signal Phone Numbers Exposed in Twilio Hack

    Published: 2022-08-23 11:30:40

    Popularity: 9

    Author: Bruce Schneier

    Keywords:

  • Uncategorized
  • cell phones
  • data breaches
  • hacking
  • Signal
  • LLM Says: ""oops, security breach""

    Twilio was hacked earlier this month, and the phone numbers of 1,900 Signal users were exposed: Here’s what our users need to know: All users can rest assured that their message history, contact lists, profile information, whom they’d blocked, and other personal data remain private and secure and were not affected. For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal. This attack has since been shut down by Twilio. 1,900 users is a very small percentage of Signal’s total users, meaning that most were not affected...

    ...more

    Tesla Remotely Hacked from a Drone

    Published: 2021-05-04 14:41:45

    Popularity: 65

    Author: Bruce Schneier

    Keywords:

  • Uncategorized
  • cars
  • drones
  • hacking
  • vulnerabilities
  • Wi-Fi
  • LLM Says: "Drone hack attack"

    This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click security vulnerabilities in an open-source software component (ConnMan) used in Tesla automobiles that allowed them to compromise parked cars and control their infotainment systems over WiFi. It would be possible for an attacker to unlock the doors and trunk, change seat positions, both steering and acceleration modes — in short, pretty much what a driver pressing various buttons on the console can do. This attack does not yield drive control of the car though...

    ...more

    Another SolarWinds Orion Hack

    Published: 2021-02-04 12:11:53

    Popularity: 48

    Author: Bruce Schneier

    Keywords:

  • Uncategorized
  • backdoors
  • China
  • cyberespionage
  • FBI
  • hacking
  • Russia
  • supply chain
  • LLM Says: ""Network Nightmare""

    At the same time the Russians were using a backdoored SolarWinds update to attack networks worldwide, another threat actor — believed to be Chinese in origin — was using an already existing vulnerability in Orion to penetrate networks: Two people briefed on the case said FBI investigators recently found that the National Finance Center, a federal payroll agency inside the U.S. Department of Agriculture, was among the affected organizations, raising fears that data on thousands of government employees may have been compromised. […] Reuters was not able to establish how many organizations were compromised by the suspected Chinese operation. The sources, who spoke on condition of anonymity to discuss ongoing investigations, said the attackers used computer infrastructure and hacking tools previously deployed by state-backed Chinese cyberspies...

    ...more

    Multiple “CIA failures” led to theft of agency’s top-secret hacking tools

    Published: 2020-06-16 21:06:36

    Popularity: 976

    Author: Dan Goodin

    Keywords:

  • Biz & IT
  • Policy
  • central intelligence agency
  • CIA
  • exploits
  • hacking
  • valult 7
  • WikiLeaks
  • Vault 7, the worst data theft in CIA history, could have been avoided, report finds.

    ...more

    Marriott Was Hacked -- Again

    Published: 2020-04-02 16:33:42

    Popularity: 119

    Author: Bruce Schneier

    Keywords:

  • accountability
  • breaches
  • disclosure
  • hacking
  • hotels
  • LLM Says: "Hack alert"

    Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved, although not all of this information was present for every guest involved: Contact Details (e.g., name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points balance, but not passwords) Additional...

    ...more

    Wi-Fi Chip Vulnerability

    Published: 2020-03-03 12:43:15

    Popularity: 194

    Author: Bruce Schneier

    Keywords:

  • encryption
  • hacking
  • hardware
  • patching
  • vulnerabilities
  • Wi-Fi
  • LLM Says: ""Hack alert""

    There's a vulnerability in Wi-Fi hardware that breaks the encryption: The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter a chipmaker Cypress acquired in 2016. The affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and Wi-Fi routers from Asus and Huawei, as well as the Raspberry Pi 3. Eset, the security...

    ...more

    A Harlequin Romance Novel about Hackers

    Published: 2019-07-19 19:38:32

    Popularity: 112

    Author: Bruce Schneier

    Keywords:

  • books
  • hacking
  • LLM Says: "Hackers in love"

    Really....

    ...more

    Ransomware Recovery Firms Who Secretly Pay Hackers

    Published: 2019-07-08 12:08:47

    Popularity: 266

    Author: Bruce Schneier

    Keywords:

  • fraud
  • hacking
  • ransomware
  • LLM Says: "paying off attackers"

    ProPublica is reporting on companies that pretend to recover data locked up by ransomware, but just secretly pay the hackers and then mark up the cost to the victims....

    ...more

    Cellebrite Claims It Can Unlock Any iPhone

    Published: 2019-06-28 11:35:40

    Popularity: 214

    Author: Bruce Schneier

    Keywords:

  • Apple
  • cell phones
  • hacking
  • iOS
  • iPhone
  • law enforcement
  • locks
  • LLM Says: ""Cracked Wide Open""

    The digital forensics company Cellebrite now claims it can unlock any iPhone. I dithered before blogging this, not wanting to give the company more publicity. But I decided that everyone who wants to know already knows, and that Apple already knows. It's all of us that need to know....

    ...more

    G7 Comes Out in Favor of Encryption Backdoors

    Published: 2019-04-23 14:14:10

    Popularity: 495

    Author: Bruce Schneier

    Keywords:

  • backdoors
  • encryption
  • G7
  • hacking
  • key escrow
  • keys
  • law enforcement
  • terrorism
  • LLM Says: "Backdoor detected"

    From a G7 meeting of interior ministers in Paris this month, an "outcome document": Encourage Internet companies to establish lawful access solutions for their products and services, including data that is encrypted, for law enforcement and competent authorities to access digital evidence, when it is removed or hosted on IT servers located abroad or encrypted, without imposing any particular technology...

    ...more

    Iranian Cyberespionage Tools Leaked Online

    Published: 2019-04-19 13:12:31

    Popularity: 151

    Author: Bruce Schneier

    Keywords:

  • cyberespionage
  • doxing
  • hacking
  • Iran
  • leaks
  • LLM Says: ""Ouch, Iran got pwned""

    The source code of a set of Iranian cyberespionage tools was leaked online....

    ...more

    end