Schneier on Security

NOVEMBER 26, 2024

This is from 404 Media : The Graykey, a phone unlocking and forensics tool that is used by law enforcement around the world, is only able to retrieve partial data from all modern iPhones that run iOS 18 or iOS 18.0.1, The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1,

Media 279

Media Manufacturing Mobile Hacking 279

Krebs on Security

AUGUST 15, 2024

We’ll also take a closer look at the data broker that got hacked — a background check company founded by an actor and retired sheriff’s deputy from Florida. Many media outlets mistakenly reported that the National Public data breach affects 2.9 Their asking price? criminal records. .”

Hacking 350

Hacking Data breaches Identity Theft Accountability 350

Krebs on Security

DECEMBER 19, 2022

men have been charged with hacking into the Ring home security cameras of a dozen random people and then “swatting” them — falsely reporting a violent incident at the target’s address to trick local police into responding with force. conspired to hack into Yahoo email accounts belonging to victims in the United States.

Hacking 329

Hacking Media Passwords Accountability 329

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware 108

Spyware Hacking Surveillance Malware 108

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 331

Hacking Accountability Scams Media 331

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. The Spanish police told local media that Buchanan, who allegedly went by the alias “ Tylerb ,” at one time possessed Bitcoins worth $27 million.

Identity Theft 254

Identity Theft Phishing Cryptocurrency Accountability 254

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. “Singh also uses the threat of revealing personal information to extort victims into giving him access to their social media accounts, which Singh then resells.” Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases.

Hacking 302

Hacking Government Media Accountability 302

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. On May 9, MetrixCoin reported that its Discord server was hacked, with fake airdrop details pushed to all users.

Hacking 342

Hacking Accountability Scams Cryptocurrency 342

Security Affairs

JANUARY 12, 2025

Sadeghipour reported the bug to Meta through the company bug bounty program and the social media giant immediately acknowledged the issue, and addressed it. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Facebook) ” reported TechCrunch.

Hacking 112

Hacking Media Information Security 112

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 336

Hacking Cybercrime Phishing Passwords 336

Schneier on Security

MARCH 11, 2025

[…] According to prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that have criticized the Chinese government, and most recently the US Treasury, which was breached between September and December of last year.

Government 217

Government Media Hacking 217

Krebs on Security

FEBRUARY 16, 2022

KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran. In their online statement about the hack (updated on Feb. Image: Ke-la.com.

Hacking 298

Hacking Ransomware Media Accountability 298

Krebs on Security

AUGUST 28, 2020

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems. . ”

Accountability 362

Accountability Hacking Authentication Marketing 362

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,cybercrime)

Scams 83

Scams Media Cryptocurrency Cybercrime 83

Krebs on Security

FEBRUARY 10, 2021

Gualtieri told the media that someone (they don’t know who yet) remotely accessed a computer for the city’s water treatment system (using Teamviewer) and briefly increased the amount of sodium hydroxide (a.k.a. “There’s no business case for hacking these types of systems. Information sharing is broken.”

Hacking 360

Hacking Media Cybersecurity Ransomware 360

The Last Watchdog

AUGUST 15, 2023

Social media giants have long held too much power over our digital identities. By making people feel like mere products- this exploitative digital environment further encourages a bubble of distrust amongst social media users. The fine was the largest ever imposed on a social media company for privacy violations.

Media 188

Media Accountability Social Engineering Hacking 188

Krebs on Security

DECEMBER 13, 2022

“InfraGard is a social media intelligence hub for high profile persons,” USDoD said. USDoD said after their InfraGard membership was approved, they asked a friend to code a script in Python to query that API and retrieve all available InfraGard user data. “They even got [a] forum to discuss things.”

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Krebs on Security

NOVEMBER 5, 2024

Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday. On May 2, 2024, Judische claimed on the fraud-focused Telegram channel Star Chat that they had hacked Santander Bank , one of the first known Snowflake victims. Image: [link] On October 30, Canadian authorities arrested Alexander Moucka, a.k.a.

Cybercrime 277

Cybercrime Mobile Media Hacking 277

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group.

Hacking 327

Hacking Social Engineering Phishing Scams 327

Security Boulevard

MARCH 21, 2025

Matthew Weiss, former football coach for the University of Michigan and the Baltimore Ravens, for almost 10 years accessed the social media and other online accounts of thousands of student athletes and downloaded personal information and intimate images, said prosecutors who indicted for illegal computer access and identity theft.

Accountability 61

Accountability Identity Theft Hacking Media 61

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware 244

Malware Antivirus Software DDOS 244

Security Affairs

NOVEMBER 12, 2024

404 Media recently reported that law enforcement warned that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock. 404 Media obtained the document from a mobile forensics source and verified it with another source. reported 404 Media. ” reported 404 Media.

Media 127

Media Wireless Mobile Encryption 127

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. “It is true our accounts were hacked into but not to the extent of what is being reported. Local media reported that the threat actors that call themselves “Waste” is responsible for the attack.

Banking 141

Banking Government Accountability Hacking 141

Krebs on Security

NOVEMBER 1, 2024

A scan of social media networks showed this is not an uncommon scam. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account. This seller claims to help people monetize hacked booking.com partners, apparently by using the stolen credentials to set up fraudulent listings.

Phishing 263

Phishing Accountability Artificial Intelligence Cybercrime 263

Security Affairs

OCTOBER 22, 2024

Google researchers reported that the vulnerability explained that the issue resides in a driver that provides hardware acceleration for media functions like JPEG decoding and image scaling. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Samsung)

Firmware 144

Firmware Mobile Spyware Media 144

Security Affairs

JANUARY 27, 2025

The vulnerability is a privilege escalation vulnerability that impacts the Core Media framework. The Apple Core Media framework supports multimedia tasks like playback, recording, and manipulation of audio and video on iOS and macOS devices. “A malicious application may be able to elevate privileges.

Spyware 119

Spyware Surveillance Media Hacking 119

Krebs on Security

JULY 26, 2021

One day after last summer’s mass-hack of Twitter , KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. Social media personality Addison Rae had 55 million followers when her TikTok account got hacked last August.

Media 351

Media Hacking Accountability Scams 351

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data 120

Unstructured Data Media Cybercrime Hacking 120

Security Affairs

NOVEMBER 8, 2024

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media.

Media 119

Media Mobile Passwords Hacking 119

Krebs on Security

FEBRUARY 9, 2023

” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. Secret Service determined that he ran a massive “money mule” scheme, which used phony job offers to trick people into laundering money stolen from hacked small to mid-sized businesses in the United States.

Hacking 237

Hacking Cybercrime Ransomware Government 237

The Last Watchdog

OCTOBER 23, 2024

LastPass reports that 80% of all hacking-related breaches leveraged either stolen and/or weak passwords. 2 – Keeping the files on 2 different media types to protect against different types of hazards. INE Security recommends implementing strong password policies that require the use of complex passwords and regular updates.

Small Business 162

Small Business Data breaches Backups Passwords 162

Security Affairs

OCTOBER 7, 2024

Russian state media VGTRK faced a major cyberattack, which a Ukrainian source claimed was conducted by Kyiv’s hackers. A Ukrainian government source told Reuters that Kyiv’s hackers are behind the cyber attack that disrupted operations at the Russian state media company VGTRK on Putin’s birthday.

Cyber Attacks 135

Cyber Attacks Media Backups Government 135

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] Bloom’s recommendation came to Biderman via Trevor Sykes, then chief technology officer for Ashley Madison parent firm Avid Life Media (ALM). pleaded guilty to running LeakedSource[.]com

Hacking 231

Hacking Accountability Data breaches Marketing 231

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Synology) 10053 or above) Synology Photos 1.6

Firmware 123

Firmware Manufacturing Hacking Media 123

Schneier on Security

FEBRUARY 15, 2021

Vice is reporting on a new police hack: playing copyrighted music when being filmed by citizens, trying to provoke social media sites into taking the videos down and maybe even banning the filmers: In a separate part of the video, which Devermont says was filmed later that same afternoon, Devermont approaches [BHPD Sgt.

Media 363

Media Accountability Hacking 363

Malwarebytes

DECEMBER 5, 2024

Speaking to Reuters , a senior US official said the attack telecommunications infrastructure was broad and that the hacking was still ongoing. We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Encryption 141

Encryption Identity Theft Media Telecommunications 141

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. “ SpyLoan apps exploit official app stores like Google Play, deceptive branding, and social media ads to appear credible. The researchers reported the apps to Google who notified the developers that their apps violate Google Play policies.

Social Engineering 128

Social Engineering Media Mobile Scams 128