All posts tagged: hacking

Threat actor says he scraped 49M Dell customer addresses before the company found out

Threat actor says he scraped 49M Dell customer addresses before the company found out

[ad_1] The person who claims to have 49 million Dell customer records told TechCrunch that he brute-forced an online company portal and scraped customer data, including physical addresses, directly from Dell’s servers.  TechCrunch verified that some of the scraped data matches the personal information of Dell customers. On Thursday, Dell sent an email to customers saying the computer maker had experienced a data breach that included customer names, physical addresses and Dell order information.  “We believe there is not a significant risk to our customers given the type of information involved,” Dell wrote in the email, in an attempt to downplay the impact of the breach, implying it does not consider customer addresses to be “highly sensitive” information. The threat actor said he registered with several different names on a particular Dell portal as a “partner.” A partner, he said, refers to a company that resells Dell products or services. After Dell approved his partner accounts, Menelik said he brute-forced customer service tags, which are made of seven digits of only numbers and consonants. He …

Daily Mail denies Prince Harry hacking claim ‘under oath’

Daily Mail denies Prince Harry hacking claim ‘under oath’

[ad_1] The publisher of the Daily Mail has “denied under oath” that it engaged in phone-hacking and other illegal newsgathering methods against Prince Harry and others. Prince Harry, Sir Elton John, Sadie Frost, Sir Simon Hughes, Doreen Lawrence, Elizabeth Hurley and David Furnish launched their legal action against the Mail titles in October 2022, alleging illegal newsgathering dating back up to 30 years. The privacy claim includes allegations that the Mail titles hired private investigators to secretly place listening devices in cars and homes. Claimants also allege that journalists eavesdropped on private phone calls and obtained bank and medical records by deception. Associated Newspapers Ltd (ANL) is the corporate entity defending the case. Parent company DMG Media said in a statement: “In papers submitted to the High Court, the publisher of the Daily Mail and The Mail on Sunday denied under oath that its journalists had commissioned or obtained information derived from phone hacking, phone tapping, bugging, computer or email hacking or burglary to order. “Associated also denied claims made by Prince Harry and Baroness …

A (Strange) Interview the Russian-Military-Linked Hackers Targeting US Water Utilities

A (Strange) Interview the Russian-Military-Linked Hackers Targeting US Water Utilities

[ad_1] She later added, somewhat confusingly, that “the Sandworm hacker group does have something in common [with us] … This is the commander-in-chief of our Cyber Army.” It wasn’t clear, however, whether that comment was referring to a shared leader overseeing the two groups—or even a kind of imagined ideological leader such as Russian president Vladimir Putin—or whether Julia meant that Sandworm itself gives the Cyber Army its orders, in contradiction to her previous statements. Julia didn’t respond to WIRED’s requests for clarification on that question or, in fact, to any questions following that comment. A Hacktivist Hype Machine Russian information warfare and influence operations experts with whom WIRED shared the full text of the interview noted that, despite Cyber Army of Russia’s claims of acting as an independent grassroots organization, it closely adheres to both Russian government talking points as well the Russian military’s published information warfare doctrine. The group’s rhetoric about changing “minds and hearts” beyond the front lines of a conflict through attacks targeting civilian infrastructure mirrors a well-known paper on “information …

LockBit ransomware indictment and reward for Russian

LockBit ransomware indictment and reward for Russian

[ad_1] Zoom In IconArrows pointing outwards Dmitry Yuryevich Khoroshev, Russian national and a leader of LockBit. Courtesy: U.S. Department of the Treasury Federal prosecutors on Tuesday announced criminal charges against a Russian national, Dmitry Yuryevich Khoroshev, for allegedly creating, developing and administrating the LockBit ransomware-as-a-service group. The U.S. State Department at the same time offered a $10 million reward for information leading to the apprehension and arrest of Khoroshev, a 31-year-old from Voronezh, Russia. The Treasury Department also imposed sanctions on Khoroshev, blocking all property and interests he holds in the U.S. or are in the possession of Americans. The Department of Justice said the LockBit group led by Khoroshev at times was “the most prolific ransomware group in the world,” targeting more than 2,000 victims, most of them in the U.S., stealing more than $500 million in ransomware payments, and causing billions of dollars more in broader losses including lost revenue. LockBit’s ransomware-as-a-service model licensed its software to other cybercriminals in exchange for payments that included a percentage of ransoms paid by victims, which …

Hackers can steal data by messing with a computer’s processor

Hackers can steal data by messing with a computer’s processor

[ad_1] Watch out – hackers have a new way to get at your data Shutterstock Copyright: solarseven/Shutterstock Hackers could extract information from software that has been banned from connecting to the internet, by adjusting the speed of a computer’s processor up or down and encoding data in the fluctuations. Details of these fluctuations could then be accessed remotely, circumventing the ban. Some computers handle such sensitive tasks that they are separated from the internet entirely to avoid hacks – a precaution known as air-gapping. But an attacker who manages to install malware on a machine like… [ad_2] Source link

A New Surveillance Tool Invades Border Towns

A New Surveillance Tool Invades Border Towns

[ad_1] This week, WIRED reported that a group of prolific scammers known as the Yahoo Boys are openly operating on major platforms like Facebook, WhatsApp, TikTok, and Telegram. Evading content moderation systems, the group organizes and engages in criminal activities that range from scams to sextortion schemes. On Wednesday, researchers published a paper detailing a new AI-based methodology to detect the “shape” of suspected money laundering activity on a blockchain. The researchers—composed of scientists from the cryptocurrency tracing firm Elliptic, MIT, and IBM—collected patterns of bitcoin transactions from known scammers to an exchange where dirty crypto could get turned into cash. They used this data to train an AI model to detect similar patterns. Governments and industry experts are sounding the alarm about the potential for major airline disasters due to increasing attacks against GPS systems in the Baltic region since the start of the war in Ukraine. The attacks can jam or spoof GPS signals, and can result in serious navigation issues. Officials in Estonia, Latvia, and Lithuania blame Russia for the GPS issues …

Biden replaces Obama infrastructure policy amid Chinese cyberthreats

Biden replaces Obama infrastructure policy amid Chinese cyberthreats

[ad_1] US President Joe Biden speaks after signing the foreign aid bill at the White House in Washington, D.C., on April 24, 2024. Jim Watson | AFP | Getty Images President Joe Biden on Tuesday updated a more than decade-old policy to protect U.S. critical infrastructure sectors like energy and financial services from foreign attacks as public officials continue to sound the alarm on Chinese cyberthreats. Biden’s new policy is largely a rewrite of the Obama administration’s rule to safeguard U.S. critical infrastructure called the Presidential Policy Directive, or PPD-21, which was published in 2013. The effort to redraft that Obama-era infrastructure policy began over a year ago, in part to modernize it and keep up with hackers who have benefited from over a decade of technological advancement. “The threat environment has changed significantly since PPD-21 was issued in 2013, shifting from counterterrorism to strategic competition, advances in technology like artificial intelligence and malicious cyberactivity from nation-state actors,” a senior administration official said on a Monday call with reporters. At its core, Biden’s updated policy …

Ex-Belgian PM Guy Verhofstadt was a victim of Chinese hacking – POLITICO

Ex-Belgian PM Guy Verhofstadt was a victim of Chinese hacking – POLITICO

[ad_1] Verhofstadt is the fifth Belgian official to have been targeted by the Chinese hacker group APT31 for his work on China through IPAC. Other targeted Belgian officials include Samuel Cogolati, a Green MP; Els Van Hoof, the chair of Belgium’s Foreign Affairs Committee; Hilde Vautmans, a liberal MEP; and Georges Dallemagne, a federal deputy. Last week, Belgian Foreign Minister Hadja Lahbib summoned the Chinese ambassador over the allegations. Cogolati told POLITICO that he was targeted in 2021, the same year Beijing sanctioned him, alongside other EU lawmakers. The cyberattacks were brought to Cogolati’s attention only in February 2023 via an email from the Centre for Cybersecurity Belgium. According to a U.S. FBI letter sent to Cigolati dated April 5, the 2021 hacking campaign targeted the .gov-style accounts of EU legislators who were members of IPAC. The perpetrators registered and used 10 accounts to send over 1,000 emails to more than 400 individuals associated with IPAC. In Van Hoof’s case, the spies targeted her laptop via an email that looked like it came from an …

Nerds, Rejoice – The Latest ‘Love Hacking’ Dating Trend Caters To Us

Nerds, Rejoice – The Latest ‘Love Hacking’ Dating Trend Caters To Us

[ad_1] If you’ve been in the dating scene for a while, you will have likely tried a range of techniques to improve your matches on dating apps, have more exciting dates and even just define exactly what you’re looking for in a partner. Well, now, according to dating site Seeking.com, there is a new trend rising just in time for Hot Girl Summer. It’s called “love hacking” and unlike previous dating trends, this one is far more data-heavy and requires constant tweaking and reviewing to get exactly right. It sounds like a lot of work but maximum input = maximum return, right? What love hacking actually is According to Seeking.com: “In dating terms, “love hacking” refers to hacking or optimisation techniques to enhance the online dating experience. “This can include a variety of methods and tools, such as artificial intelligence, to maximise the effectiveness of interactions on dating platforms, increase the chances of matching with potential partners, or optimise one’s bio to attract a specific type of partner.” Sounds… like a lot of work, actually. …

‘ArcaneDoor’ Cyberspies Hacked Cisco Firewalls to Access Government Networks

‘ArcaneDoor’ Cyberspies Hacked Cisco Firewalls to Access Government Networks

[ad_1] Network security appliances like firewalls are meant to keep hackers out. Instead, digital intruders are increasingly targeting them as the weak link that lets them pillage the very systems those devices are meant to protect. In the case of one hacking campaign over recent months, Cisco is now revealing that its firewalls served as beachheads for sophisticated hackers penetrating multiple government networks around the world. On Wednesday, Cisco warned that its so-called Adaptive Security Appliances—devices that integrate a firewall and VPN with other security features—had been targeted by state-sponsored spies who exploited two zero-day vulnerabilities in the networking giant’s gear to compromise government targets globally in a hacking campaign it’s calling ArcaneDoor. The hackers behind the intrusions, which Cisco’s security division Talos is calling UAT4356 and which Microsoft researchers who contributed to the investigation have named STORM-1849, couldn’t be clearly tied to any previous intrusion incidents the companies had tracked. Based on the group’s espionage focus and sophistication, however, Cisco says the hacking appeared to be state-sponsored. “This actor utilized bespoke tooling that demonstrated …