infosec
UnitedHealthcare CEO says ‘maybe a third’ of US citizens were affected by recent hack
Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it’s still unclear how many Americans were impacted by the cyberattack. Last month, Andrew Witty,…
UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack
UnitedHealth Group Chief Executive Officer Andrew Witty told senators on Wednesday that the company has now enabled multi-factor authentication on all the company’s systems exposed to the internet in response…
Ex-NSA hacker and ex-Apple researcher launch startup to protect Apple devices
Two veteran security experts are launching a startup that aims to help other makers of cybersecurity products to up their game in protecting Apple devices. Their startup is called DoubleYou,…
Apex Legends hacker says game developers patched exploit used on streamers
Last month, a hacker wreaked havoc during an esports tournament of the popular shooter game Apex Legends, hacking two well-known streamers mid-game to make it look like they were using…
A crypto wallet maker’s warning about an iMessage bug sounds like a false alarm
A crypto wallet maker claimed this week that hackers may be targeting people with an iMessage “zero-day” exploit — but all signs point to an exaggerated threat, if not a…
Shakeeb Ahmed, a cybersecurity engineer convicted of stealing around $12 million in crypto, was sentenced on Friday to three years in prison. In a press release, the U.S. Attorney for…
Featured Article
How Ukraine’s cyber police fights back against Russia’s hackers
On February 24, 2022, Russian forces invaded Ukraine. Since then, life in the country has changed for everyone. For the Ukrainian forces who had to defend their country, for the regular citizens who had to withstand invading forces and constant shelling, and for the Cyberpolice of Ukraine, which had to shift its focus and priorities.…
Ransomware gangs are increasingly calling up victim organizations to extort and intimidate rank-and-file employees.
Hackers stole 340,000 Social Security numbers from government consulting firm
U.S. consulting firm Greylock McKinnon Associates (GMA) disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers. The data breach was disclosed on Friday on…
Featured Article
Price of zero-day exploits rises as companies harden products against hackers
Tools that allow government hackers to break into iPhones and Android phones, popular software like the Chrome and Safari browsers, and chat apps like WhatsApp and iMessage, are now worth millions of dollars — and their price has multiplied in the last few years as these products get harder to hack. On Monday, startup Crowdfense…
Featured Article
Investors’ pledge to fight spyware undercut by past investments in US malware maker
On Monday, the Biden administration announced that six new countries had joined an international coalition to fight the proliferation of commercial spyware, sold by companies such as NSO Group or Intellexa. Now, some investors have announced that they too are committed to fighting spyware. But at least one of those investors, Paladin Capital Group, has…
A government watchdog hacked a US federal agency to stress-test its cloud security
A U.S. government watchdog stole more than 1GB of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior. The good news: The data was…
Featured Article
Spyware startup Variston is losing staff — some say it’s closing
In July 2022, someone sent Google a batch of malicious code that could be used to hack Chrome, Firefox, and PCs running Microsoft Defender. That code was part of an exploitation framework called Heliconia. And at the time, the exploits used to target those applications were zero-days, meaning the software makers were unaware of the…
Government hackers targeted iPhone owners with zero-days, Google says
Government hackers last year exploited three unknown vulnerabilities in Apple’s iPhone operating system to target victims with spyware developed by a European startup, according to Google. On Tuesday, Google’s Threat…
On Tuesday, hackers stole around $112 million of the Ripple-focused cryptocurrency XRP from a crypto wallet, Ripple’s co-founder and executive chairman has disclosed. Ripple’s Chris Larsen said on Wednesday that…
In a data breach notification letter filed with regulators this weekend, 23andMe revealed that hackers started breaking into customers’ accounts in April 2023 and continued through most of September. In…
Hackers breached Microsoft to find out what Microsoft knows about them
Wouldn’t you want to know what tech giants know about you? That’s exactly what Russian government hackers want, too. On Friday, Microsoft disclosed that the hacking group it calls Midnight…
You’re watching a movie. A criminal is trying to evade a crime scene in a sports car on the highway. A helicopter is following the car from above. The car…
Featured Article
These are the cybersecurity stories we were jealous of in 2023
Back in 2018, my former colleague at VICE Motherboard Joseph Cox and I started publishing a list of the best cybersecurity stories that were published elsewhere. It wasn’t just a way to tip our hats at our friendly competitors; by pointing to other publications’ stories, we were giving our readers a fuller picture of what…
CISA says US government agency was hacked thanks to ‘end of life’ software
U.S. cybersecurity agency CISA has warned that unknown hackers broke into the servers of a federal government agency by taking advantage of a previously known vulnerability in software that no…
After a week-long outage, Fidelity National Financial confirms cyberattack is now ‘contained’
Fidelity National Financial, or FNF, one of the largest real estate services companies in the United States, said it “contained” a recent cyberattack that engulfed its many subsidiaries and customers…
Fidelity National Financial shuts down network in wake of cybersecurity incident
Fidelity National Financial, or FNF, a Fortune 500 company that provides title insurance and settlement services for the mortgage and real estate industries, announced on Tuesday that it was the…
Thousands of new honeypots deployed across Israel to catch hackers
On October 7, Hamas launched an unprecedented terrorist attack on Israel, killing more than 1,200 people, with hundreds taken hostage. The attack prompted a deadly response from the Israel Defense…
Hacker leaks millions more 23andMe user records on cybercrime forum
The same hacker who leaked a trove of user data stolen from the genetic testing company 23andMe two weeks ago has now leaked millions of new user records. On Tuesday,…
23andMe resets user passwords after genetic data posted online
Days after user personal surfaced online, the genetic testing company 23andMe said it’s requiring all users to reset their passwords “out of caution.” On Friday, 23andMe confirmed that hackers had…
Zero-days for hacking WhatsApp are now worth millions of dollars
Thanks to improvements in security mechanisms and mitigations, hacking cell phones — both running iOS and Android — has become an expensive endeavor. That’s why hacking techniques for apps like…
FBI most-wanted Russian hacker reveals why he burned his passport
Russian hacker Mikhail Matveev, also known on the internet as “Wazawaka” and “Boriselcin,” is wanted by the FBI, which is offering a $10 million reward for information that could lead…
Russian zero-day seller offers $20M for hacking Android and iPhones
A company that acquires and sells zero-day exploits — flaws in software that are unknown to the affected developer — is now offering to pay researchers $20 million for hacking…
LogicMonitor customers hit by hackers, because of default passwords
Some customers of the network security company LogicMonitor have been hacked due to the use of default passwords, TechCrunch has learned. A LogicMonitor spokesperson confirmed to TechCrunch that there’s “a…
Researchers jailbreak a Tesla to get free in-car feature upgrades
A group of researchers said they have found a way to hack the hardware underpinning Tesla’s infotainment system, allowing them to get what normally would be paid upgrades — such…