09 Aug 2019

The Evolution of Russia’s Dark Web

An upcoming report by Charity Wright (former NSA) and Ariel Ainhoren of IntSights looks at the origins and evolution of Russia’s dark web. In 1997 hackzone.ru emerged as one of the earliest underground websites. However, “the first and most lucrative generation of dark websites got taken down by international operations,”

Read More
09 Aug 2019

Hackers Can Break Into an iPhone Just by Sending a Text

iPhone users could have their device compromised by attackers just by receiving a malicious iMessage, research by Google Project Zero shows. The attack is possible because Apple’s iOS iMessage client contains what the researchers refer to as “interaction-less” vulnerabilities that can be exploited without any involvement of the user. According

Read More
08 Aug 2019

Bahrain targeted by Iranian hackers as tensions rise in the Persian Gulf

Iranian state-backed hackers breached various government networks in Bahrain earlier this week, the The Wall Street Journal reported on Wednesday. The campaign targeted the country’s National Security Agency, the Ministry of Interior and the office of the first deputy prime minister. Last month, Iranian threat actors also targeted Bahrain’s Electricity and

Read More
08 Aug 2019

Chinese government hackers suspected of moonlighting for profit

FireEye researchers have discovered that members of the notorious Chinese state-backed cyber espionage group APT41 are making money on the side by carrying out ransomware campaigns targeting game companies as well as other financially-motivated attacks. Sandra Joyce of FireEye says that “APT41 is unique among the China-Nexus actors we track

Read More
08 Aug 2019

State Farm Accounts Compromised in Credential Stuffing Attack

Insurance and financial services group State Farm has suffered a credential stuffing attack in which the login credentials of an unknown number of customers were compromised. In a credential stuffing attack, a threat actor uses leaked or stolen login credentials for user accounts of one service, to try to gain

Read More
07 Aug 2019

Android Alert: Users Urged To Patch Critical Flaw In Qualcomm Snapdragon Chips, Millions At Risk

Security researchers at Chinese Internet giant Tencent have discovered a series of critical security flaws affecting recent Qualcomm chips including the Snapdragon 835 and 845 that are used in highly popular Android phones like the Samsung Galaxy S9, the Google Pixel 3 and the OnePlus 6, which means that millions

Read More
06 Aug 2019

North Korea took $2 billion in cyberattacks to fund weapons program: U.N. report

A new United Nations report to the UN Security Council North Korea sanctions committee states that North Korea has used “widespread and increasingly sophisticated” cyberattacks to steal around $2 billion from financial institutions and cryptocurrency exchanges. North Korean hackers also used digital services to launder the money. In addition, the

Read More
06 Aug 2019

Russian APT Abuses IoT Devices to Infiltrate Corporate Targets

Microsoft researchers have detected a new attack campaign by the Russian-linked hacking group Fancy Bear (aka APT28 or STRONTIUM) that targets corporate networks by compromising vulnerable Internet-of-things (IoT) devices. The targeted devices include VOIP phones, office printers, and video decoders. Hackers are taking advantage of devices that use default passwords

Read More
06 Aug 2019

Connected Cars Could be a Threat to National Security, Group Claims

In a new report, the US nonprofit Consumer Watchdog (CW) warns that Internet-connected vehicles are a threat to national security due to the risk of coordinated hacking attacks that could target many vehicles at the same time. Currently, connected cars make up 20% of all vehicles on American roads and

Read More
06 Aug 2019

StockX was hacked, exposing millions of customers’ data

E-commerce platform StockX appears to have suffered a massive data breach exposing the personal information of millions of customers. While the stolen information is already for sale on the dark web, the company has yet to acknowledge the incident, according to a TechCrunch report. Last week, StockX reset all user

Read More