Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which senior U.S. national security officials have described as an “epoch-defining threat.” The U.S. says Chinese government-backed hackers have — in some cases for years — been burrowing deep into the networks of U.S. […]
Meet the Chinese ‘Typhoon’ hackers preparing for war Read More »
In October 2024, security researcher Ben Sadeghipour was analyzing Facebook’s ad platform when he found a security vulnerability that allowed him to run commands on the internal Facebook server housing that platform, essentially giving him control of the server. After he reported the vulnerability to Facebook’s owner Meta, which Sadeghipour said took just one hour
Facebook awards researcher $100,000 for finding bug that granted internal access Read More »
The United Nations’ aviation agency has confirmed that a hacker accessed thousands of records after compromising its internal recruitment database. Over the weekend, an individual using the alias “Natohub” claimed to have accessed 42,000 documents from the International Civil Aviation Organization (ICAO). The agency said it was investigating the incident on Monday and, in an
Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which senior U.S. national security officials have described as an “epoch-defining threat.” The U.S. says Chinese government-backed hackers have — in some cases for years — been burrowing deep into the networks of U.S.
Meet the Chinese ‘Typhoon’ hackers preparing for war Read More »
The U.S. government has sanctioned a Beijing-based cybersecurity company over its alleged links to a China government-backed hacking group, tracked as Flax Typhoon. The Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday announced the sanctions against the Integrity Technology Group for its role in “multiple computer intrusion incidents against U.S. victims,” including U.S.
US sanctions Chinese cyber firm linked to Flax Typhoon hacks Read More »
U.S. telecom giant Verizon says it has secured its network after being targeted by the China-linked Salt Typhoon cyberespionage group. In a statement given to TechCrunch on Sunday, Verizon spokesperson Richard Young said the company has “contained the cyber incident brought on by this nation-state threat actor,” and that it has not detected any threat actor
Verizon says it has secured its network after breach by China-linked Salt Typhoon group Read More »
This year, a Serbian journalist and an activist had their phones hacked by local authorities using a cellphone-unlocking device made by forensic tool maker Cellebrite. The authorities’ goal was not only to unlock the phones to access their personal data, as Cellebrite allows, but also to install spyware to enable further surveillance, according to a
Serbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phone Read More »
A Russian-government backed hacking group targeted Ukraine’s military using tools and infrastructure developed by cybercriminals, according to new research. On Wednesday, Microsoft published a report detailing a hacking campaign carried out by a group it calls Secret Blizzard, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) previously said “is almost certainly subordinate to the
Russian government spies targeted Ukraine using tools developed by cybercriminals Read More »
International doughnut chain Krispy Kreme disclosed a security incident on Wednesday, which the company said has caused “certain operational disruptions, including with online ordering in parts of the United States.” Krispy Kreme disclosed the cyberattack in an 8-K filing with the SEC. The company said it was “notified regarding unauthorized activity on a portion of
Krispy Kreme discloses cyberattack that is disrupting online orders Read More »
The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos
