hacking

Verizon says it has secured its network after breach by China-linked Salt Typhoon group

U.S. telecom giant Verizon says it has secured its network after being targeted by the China-linked Salt Typhoon cyberespionage group. In a statement given to TechCrunch on Sunday, Verizon spokesperson Richard Young said the company has “contained the cyber incident brought on by this nation-state threat actor,” and that it has not detected any threat actor […]

Verizon says it has secured its network after breach by China-linked Salt Typhoon group Read More »

Serbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phone

This year, a Serbian journalist and an activist had their phones hacked by local authorities using a cellphone-unlocking device made by forensic tool maker Cellebrite. The authorities’ goal was not only to unlock the phones to access their personal data, as Cellebrite allows, but also to install spyware to enable further surveillance, according to a

Serbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phone Read More »

Russian government spies targeted Ukraine using tools developed by cybercriminals

A Russian-government backed hacking group targeted Ukraine’s military using tools and infrastructure developed by cybercriminals, according to new research. On Wednesday, Microsoft published a report detailing a hacking campaign carried out by a group it calls Secret Blizzard, which the U.S. Cybersecurity and Infrastructure Security Agency (CISA) previously said “is almost certainly subordinate to the

Russian government spies targeted Ukraine using tools developed by cybercriminals Read More »

Krispy Kreme discloses cyberattack that is disrupting online orders

International doughnut chain Krispy Kreme disclosed a security incident on Wednesday, which the company said has caused  “certain operational disruptions, including with online ordering in parts of the United States.” Krispy Kreme disclosed the cyberattack in an 8-K filing with the SEC. The company said it was “notified regarding unauthorized activity on a portion of

Krispy Kreme discloses cyberattack that is disrupting online orders Read More »

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure

The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos

US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure Read More »

US Senator announces new bill to secure telecom companies in wake of Chinese hacks

U.S. Democratic Senator Ron Wyden announced a new draft bill with the goal of securing American telephone networks and Americans’ communications in response to the massive hack of telecom providers allegedly done by Chinese government hackers.  In a press release on Tuesday, Wyden announced the Secure American Communications Act. The bill would order the Federal

US Senator announces new bill to secure telecom companies in wake of Chinese hacks Read More »

Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again

Security researchers are warning that hackers are actively exploiting another high-risk vulnerability in a popular file transfer technology to launch mass hacks.  The vulnerability, tracked as CVE-2024-50623, affects software developed by Illinois-based enterprise software company Cleo, according to researchers at cybersecurity company Huntress.  The flaw was first disclosed by Cleo in a security advisory on

Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again Read More »

Ukraine says Russian hackers are targeting country’s defense contractors

Ukraine’s Computer Emergency Response Team (CERT-UA) said in a report published over the weekend that a hacking group has been targeting the country’s defense and military companies with phishing attacks.  The CERT identified the hacking group as UAC-0185 — also known as UNC4221 — without saying who was behind the group. Earlier this year, however,

Ukraine says Russian hackers are targeting country’s defense contractors Read More »

North Korean hackers have stolen billions in crypto by posing as VCs, recruiters and IT workers

A venture capitalist, a recruiter from a big company, and a newly hired remote IT worker might not seem to have much in common, but all have been caught as imposters secretly working for the North Korean regime, according to security researchers.  On Friday at Cyberwarcon, an annual conference in Washington DC focused on disruptive

North Korean hackers have stolen billions in crypto by posing as VCs, recruiters and IT workers Read More »

Russia-linked hackers exploited Firefox and Windows zero-day bugs in ‘widespread’ hacking campaign

Security researchers have uncovered two previously unknown zero-day vulnerabilities that are being actively exploited by RomCom, a Russian-linked hacking group, to target Firefox browser users and Windows device owners across Europe and North America. RomCom is a cybercrime group that is known to carry out cyberattacks and other digital intrusions for the Russian government. The

Russia-linked hackers exploited Firefox and Windows zero-day bugs in ‘widespread’ hacking campaign Read More »