Monday, January 24, 2022

Hactivists say they hacked Belarus rail system to stop Russian military buildup

Enlarge / Servicemen of Russia's Eastern Military District units attend a welcoming ceremony as they arrive in Belarus to take part in joint military exercises. Russia's military is combining its own...

A white supremacist website got hacked, airing all its dirty laundry

Enlarge / Patriot Front members spray painting in Springfield, IL. (credit: Unicornriot.ninja) Chat messages, images, and videos leaked from the server of a white supremicist group called the Patriot Front...

This 22-year-old builds chips in his parents’ garage

Enlarge / Sam Zeloof completed this homemade computer chip with 1,200 transistors, seen under a magnifying glass, in August 2021. (credit: Sam Kang) In August, chipmaker Intel revealed new details...

Supply chain attack used legitimate WordPress add-ons to backdoor sites

Enlarge (credit: Getty Images) Dozens of legitimate WordPress add-ons downloaded from their original sources have been found backdoored through a supply chain attack, researchers said. The backdoor has been found...

Red Cross implores hackers not to leak data for 515k “highly vulnerable people”

Enlarge (credit: Getty Images) The Red Cross on Wednesday pleaded with the threat actors behind a cyberattack that stole the personal data of about 515,000 people who used a program...

If you like the data on your WD My Cloud OS 3 device, patch it now

Enlarge (credit: Western Digital) Western Digital has patched three critical vulnerabilities—one with a severity rating of 9.8 and another with a 9.0—that make it possible for hackers to steal data...

FAA clears 62% of US planes for “low-visibility landings” amid 5G rollout

Enlarge / A Boeing 777. (credit: Boeing) The Federal Aviation Administration today said it has cleared 62 percent of US commercial airplanes to perform low-visibility landings at airports where AT&T...

Microsoft fixes Patch Tuesday bug that broke VPN in Windows 10 and 11

Enlarge (credit: Aurich Lawson) Microsoft's monthly Patch Tuesday updates for Windows are generally meant to fix problems, but that isn't how it always goes. January's updates, released last week, caused...

Safari and iOS bug reveals your browsing activity and ID in real time

Enlarge (credit: Getty Images) For the past four months, Apple’s iOS and iPadOS devices and Safari browser have violated one of the Internet’s most sacrosanct security policies. The violation results...

Microsoft warns of destructive disk wiper targeting Ukraine

Enlarge (credit: Getty Images) Over the past few months, geopolitical tensions have escalated as Russia amassed tens of thousands of troops along Ukraine’s border and made subtle but far-reaching threats...

Backdoor for Windows, macOS, and Linux went undetected until now

Enlarge (credit: Jeremy Brooks / Flickr) Researchers have uncovered a never-before-seen backdoor written from scratch for systems running Windows, macOS, or Linux that remained undetected by virtually all malware scanning...

North Korean hackers stole nearly $400 million in crypto last year

Enlarge The past year saw a breathtaking rise in the value of cryptocurrencies like Bitcoin and Ethereum, with Bitcoin gaining 60 percent in value in 2021 and Ethereum spiking...

Russia says it has neutralized the cutthroat REvil ransomware gang

Enlarge (credit: Getty Images) Russian law enforcement authorities said on Friday that they have arrested 14 people associated with REvil, a top ransomware group that has disrupted critical operations of...

Ukraine says government websites hit by “massive cyber attack”

Enlarge / An Ukrainian Military Forces serviceman watches through spyglass in a trench on the frontline with Russia-backed separatists near to Avdiivka, southeastern Ukraine, on January 9, 2022. (credit: Anatolii...

New Chrome security measure aims to curtail an entire class of Web attack

Enlarge (credit: Getty Images) For more than a decade, the Internet has remained vulnerable to a class of attacks that uses browsers as a beachhead for accessing routers and other...

MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists

State-sponsored cyberattackers are using Google Drive, Dropbox and other legitimate services to drop spyware on Middle-Eastern targets and exfiltrate data.

The Case for Backing Up Source Code

As enterprise data security concerns grow, security experts urge businesses to back up their GitLab, GitHub, and BitBucket repositories.

Surge in Malicious QR Codes Sparks FBI Alert

QR codes have become a go-to staple for contactless transactions of all sorts during the pandemic, and the FBI is warning cybercriminals are capitalizing on their lax security to steal data and money, and drop malware.

Dark Souls 3 Servers Shut Down Due to Critical RCE Bug

The bug can allow attackers to remotely execute code on gamers’ computers. The devs temporarily deactivated PvP servers across multiple affected versions.
TechRepublic

REvil gang member arrests strike fear among cybercriminals on the Dark Web

Dark Web forum posts uncovered by Trustwave show that the recent arrests in Russia have triggered major concerns among fellow criminals.