Cybersecurity

0 readers
54 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

founded 2 years ago
MODERATORS
1
 
 

"Hackers have compromised several different companies' Chrome browser extensions in a series of intrusions dating back to mid-December, according to one of the victims and experts who have examined the campaign.

Among the victims was the California-based Cyberhaven, a data protection company that confirmed the breach in a statement to Reuters on Friday.

"Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension," the statement said. It cited public comments from cybersecurity experts. These comments, said Cyberhaven, suggested that the attack was "part of a wider campaign to target Chrome extension developers across a wide range of companies."

Cyberhaven added: "We are actively cooperating with federal law enforcement.""

https://www.reuters.com/technology/cybersecurity/data-loss-prevention-company-cyberhaven-hit-by-breach-statement-says-2024-12-27/

#CyberSecurity #GoogleChrome #Chrome #Cyberhaven

2
 
 

Thanks for obscuring my email address, TikTok.

What criminal mind could possibly figure out what the missing character is?! #cybersecurity

3
 
 

WPA3 secures WiFi passwords but is vulnerable to a man-in-the-middle attack that tricks users into revealing them.

#CyberSecurity #password #WiFi #security #CyberAttack

https://cnews.link/wifi-hackers-can-bypass-wpa3-security-1/

4
 
 

"Barcelona has become the cyber offensive capital of Europe, and Haaretz has learned that at least three teams of Israeli researchers focused on facilitating advanced hacking capabilities have relocated to the Catalonian capital in the past year and a half, the latest of them in recent months.
Haaretz Podcast

"There are roughly six such groups of Israelis who are the elite in the field – and half of them have moved to Spain," says an industry executive.

In the past two months, a team of Israeli vulnerability researchers - an industry term for hackers specializing in identifying weaknesses in digital defenses, known as "exploits" - arrived in Barcelona from Singapore. The team specializes in finding breaches in smartphone defenses through which spyware can be remotely installed."

https://www.haaretz.com/israel-news/security-aviation/2024-12-26/ty-article/.premium/israeli-hackers-flock-to-barcelona-as-spyware-industry-shifts/00000193-fec4-df5b-a9b3-fec5d9dc0000

#Israel #CyberSecurity #Hacking #Spyware #Spain #Barcelona

5
 
 

American Addiction Centers (AAC) has suffered a cybersecurity incident exposing the personal records of 422,424 people.

#dataprivacy #datasecurity #cybersecurity #Hacked

https://cnews.link/patients-exposed-addiction-treatment-hack-3/

6
 
 

The personal information of nearly 18,000 individuals was exposed in a breach targeting McMurry University in Abilene, Texas.

#texas #databreach #cybersecurity #university #DataSecurity #dataprivacy

https://cnews.link/texas-university-suffers-breach-3/

7
 
 

Cl0p ransomware has listed 63 organizations on its dark web victim site.

#ransomware #cybercrime #CyberSecurity #darkweb

https://cnews.link/cl0p-ransomware-hits-over-60-companies-using-cleo-platform-1/

8
 
 

A gang of North Korean-affiliated threat actors stole $308 million worth of cryptocurrency from a Japanese crypto company.

#FBI #Crypto #hack #cybersecurity #NorthKorea #cybercrime

https://cnews.link/north-korean-hackers-steal-308m-crypto-linkedin-recruiter-3/

9
 
 

"EFF supporters get that strong encryption is tied to one of our most basic rights: the right to have a private conversation. In the digital world, privacy is impossible without strong encryption.

That’s why we’ve always got an eye out for attacks on encryption. This year, we pushed back—successfully—against anti-encryption laws proposed in the U.S., the U.K. and the E.U. And we had a stark reminder of just how dangerous backdoor access to our communications can be."

https://www.eff.org/deeplinks/2024/12/defending-encryption-us-and-abroad

#Encryption #USA #UK #CyberSecurity #EU #Surveillance #Privacy #DigitalRights

10
 
 

Japan Airlines said it was hit by a cyberattack, causing delays to more than 20 domestic flights but the carrier said it was able to stop the onslaught and restore its systems hours later. Read more at @AssociatedPress. #JapanAirlines #CyberSecurity #Tech #Technology https://flip.it/mJrcQ-

11
 
 

Before 2020, Pegasus infected 1,400 devices to surveil WhatsApp. Last week, a US court held NSO Group liable for computer crimes.

#malware #cybercrime #CyberSecurity #hacking #spyware #Court

https://cnews.link/pegasus-maker-nso-group-liable-for-hacking-whatsapp-users-1/

12
 
 

"North Korea-linked hackers stole more from cryptocurrency platforms this year than ever before, according to Chainalysis Inc., showcasing rising capabilities that researchers say threaten US national security.

Digital thieves linked to North Korea utilize advanced methods such as manipulating remote work opportunities and are responsible for more than half of the total $2.2 billion stolen from platforms in 2024, the blockchain analytics company said in a report Thursday. North Korean-affiliated groups stole $1.34 billion in 47 incidents 2024, up from $660.5 million across 20 incidents in 2023, according to the company’s findings."

https://www.bloomberg.com/news/articles/2024-12-19/north-korean-hackers-stole-record-1-3-billion-in-crypto-in-2024

#Crypto #CryptoCurrencies #NorthKorea #CyberCrime #CyberSecurity

13
 
 

Accessing a coworker’s computer without permission could violate the Computer Fraud and Abuse Act (CFAA).

#computer #fraud #hacker #permission #cybersecurity #privacy

https://cnews.link/hackers-perspective-computer-fraud-and-abuse-act-3/

14
 
 

Two #cybersecurity experts on how to avoid package-delivery and other scams this holiday season: https://theconversation.com/how-to-avoid-the-latest-generation-of-scams-this-holiday-season-246284
#AI #fraud #phishing #smishing

15
 
 

Cybercriminals extort millions through ransomware attacks, but everything started from a floppy disk received by mail.

#cybersecurity #ransomware #cybercrime #Disk #DataSecurity #dataprivacy

https://cnews.link/history-of-ransomware-anniversary-3/

16
 
 

The notorious LockBit ransomware gang continues to crumble.

#Ransomware #US #arrest #cybercrime #CyberSecurity

https://cnews.link/top-lockbit-developer-arrested-awaiting-extradition-1/

17
 
 

Google Chrome is experimenting with a new AI-powered tool designed to help you avoid online scams. Read more at @TechRadar. #AI #CyberSecurity #OnlineScams #Google #Chrome #Tech #Technology https://flip.it/0OlBin

18
 
 

"Every year, countless emails hit our inboxes telling us that our personal information was accessed, shared, or stolen in a data breach. In many cases, there is little we can do. Most of us can assume that at least our phone numbers, emails, addresses, credit card numbers, and social security numbers are all available somewhere on the internet.

But some of these data breaches are more noteworthy than others, because they include novel information about us, are the result of particularly noteworthy security flaws, or are just so massive they’re impossible to ignore. For that reason, we are introducing the Breachies, a series of tongue-in-cheek “awards” for some of the most egregious data breaches of the year.

If these companies practiced a privacy first approach and focused on data minimization, only collecting and storing what they absolutely need to provide the services they promise, many data breaches would be far less harmful to the victims. But instead, companies gobble up as much as they can, store it for as long as possible, and inevitably at some point someone decides to poke in and steal that data."

https://www.eff.org/deeplinks/2024/12/breachies-2024-worst-weirdest-most-impactful-data-breaches-year

#CyberSecurity #Privacy #DataBreaches

19
 
 

Ukraine’s state registers were knocked out for at least two weeks after a suspected Russian cyberattack.

#Ukraine️ #Russia #cyberattack #cybersecurity #Country

https://cnews.link/ukraine-cyberattack-critical-infrastructure-registers-1/

20
 
 

A cyberattack earlier this year exposed sensitive data of 5.6 million Ascension Health patients and employees.

#CyberAttack #cybersecurity #healthcare #US #DataPrivacy #DataSecurity

https://cnews.link/6m-people-exposed-in-ascension-health-ransomware-incident-3/

21
 
 

🔄 8 ENTRY CHANGES 🔄

⌚ watchOS 11.1 - 1 added
https://support.apple.com/en-us/121565
🥽 visionOS 2.1 - 1 added
https://support.apple.com/en-us/121566
📺 tvOS 18.1 - 1 added
https://support.apple.com/en-us/121569
💻 macOS Ventura 13.7.1 - 1 added
https://support.apple.com/en-us/121568
💻 macOS Sonoma 14.7.1 - 1 added
https://support.apple.com/en-us/121570
💻 macOS Sequoia 15.1 - 1 added
https://support.apple.com/en-us/121564
📱 iOS and iPadOS 18.1 - 1 added
https://support.apple.com/en-us/121563
📱 iOS and iPadOS 17.7.1 - 1 added
https://support.apple.com/en-us/121567

#apple #cybersecurity #infosec #security #ios

22
 
 

Krispy Kreme is claimed by the Play ransomware group on Thursday, and now the gang is threatening to leak sensitive data.

#Christmas #ransomware #databreach #DataSecurity #cybersecurity

https://cnews.link/krispy-kreme-breach-claimed-by-play-ransomware-group-1/

23
 
 

North Korean hackers are suspected to be behind more than half of the $2.2 billion stolen from cryptocurrency platforms this year.

#Northkorea #Crypto #cybercrime #cybersecurity #hack

https://cnews.link/north-korean-hackers-steal-billions-crypto-1/

24
 
 

So, why do almost all banks, in the U.S. at least, only support the worst 2FA authentication method exclusively? And, this article doesn't mention SIM-swap attacks, which are unavoidable. It can't be that difficult to support an authenticator app.

https://gizmodo.com/feds-warn-sms-authentication-is-unsafe-after-worst-hack-in-our-nations-history-2000541129

#Cybersecurity

25
 
 

"U.S. authorities are investigating whether a Chinese company whose popular home-internet routers have been linked to cyberattacks poses a national-security risk and are considering banning the devices.

The router-manufacturer TP-Link, established in China, has roughly 65% of the U.S. market for routers for homes and small businesses. It is also the top choice on Amazon.com, and powers internet communications for the Defense Department and other federal government agencies.

Investigators at the Commerce, Defense and Justice departments have opened their own probes into the company, and authorities could ban the sale of TP-Link routers in the U.S. next year, according to people familiar with the matter. An office of the Commerce Department has subpoenaed TP-Link, some of the people said.

Action against the company would likely fall to the incoming Trump administration, which has signaled an aggressive approach to China."

https://www.wsj.com/politics/national-security/us-ban-china-router-tp-link-systems-7d7507e6?st=oP8Bk2&reflink=desktopwebshare_permalink

#USA #CyberSecurity #China #TPLink #StateHacking #TradeWar

view more: next ›