Tag: hacking
-
Telefónica confirms internal ticketing system breach after data leak
by
in SecurityNewsSpanish telecommunications company Telefónica confirms its internal ticketing system was breached after stolen data was leaked on a hacking forum. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telefonica-confirms-internal-ticketing-system-breach-after-data-leak/
-
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
by
in SecurityNewsMicrosoft has revealed that it’s pursuing legal action against a “foreign-based threatactor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “develop First seen on…
-
Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures
by
in SecurityNewsA research project into vulnerabilities affecting Microsoft’s PlayReady DRM raises some questions on responsible disclosure. The post Microsoft DRM Hacking Raises Questions on Vulnerability Disclosures appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-drm-hacking-raises-questions-on-vulnerability-disclosures/
-
Hacking Group ‘Silk Typhoon’ Linked to US Treasury Breach
The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department’s Office of Foreign Assets Control. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/hacking-group-silk-typhoon-linked-us-treasury-breach
-
Years-long hacking spree against Japan linked to Chinese hackers
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/years-long-hacking-spree-against-japan-linked-to-chinese-hackers
-
DEF CON 32 Reverse Engineering And Hacking Ecovacs Robots
by
in SecurityNewsAuthors/Presenters: Dennis Giese, Braelynn Hacker Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/def-con-32-reverse-engineering-and-hacking-ecovacs-robots/
-
MirrorFace hackers targeting Japanese govt, politicians since 2019
by
in SecurityNewsThe National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a cyber-espionage campaign targeting the country to the Chinese state-backed “MirrorFace” hacking group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mirrorface-hackers-targeting-japanese-govt-politicians-since-2019/
-
New Great Morpheus Hacker Group Claims Hacking Into Arrotex Pharmaceuticals And PUS GmbH
by
in SecurityNewsA Data Leak Site (DLS) belonging to a new extortion group named Morpheus, which has stolen data from Arrotex Pharmaceuticals (Australia) on December 12th and PUS GmbH (Germany) on December 20th. Morpheus offers stolen data for sale on the DLS, requiring buyers to create accounts. While a researcher suggests a link to Hellcat ransomware, there…
-
Malicious hackers have their own shadow IT problem
by
in SecurityNewsResearchers at watchTowr Labs found that abandoned and expired internet infrastructure left by hacking groups can function as backdoors within other backdoors. First seen on cyberscoop.com Jump to article: cyberscoop.com/malicious-hackers-have-their-own-shadow-it-problem/
-
Pall Mall Process to tackle commercial hacking proliferation raises more concerns than solutions
by
in SecurityNewsAn initiative spearheaded by France and the U.K. last year to tackle commercial spyware has experienced setbacks and significant gaps, according to participants.]]> First seen on therecord.media Jump to article: therecord.media/pall-mall-process-commercial-hacking-concerns
-
Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages
The Russian ISP blamed the Ukrainian hackers for causing a “complete failure” across its internet infrastructure. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/08/ukrainian-hackers-take-credit-for-hacking-russian-isp-that-wiped-out-servers-and-caused-internet-outages/
-
Microsoft moves to disrupt hacking-as-a-service scheme that’s bypassing AI safety measures
The defendants used stolen API keys to gain access to devices and accounts with Microsoft’s Azure OpenAI service, which they then used to generate “thousands” of images that violated content restrictions. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-generative-ai-lawsuit-hacking/
-
Microsoft moves to disrupt hacking-as-a-service scheme that’s bypassing AI safety measures
The defendants used stolen API keys to gain access to devices and accounts with Microsoft’s Azure OpenAI service, which they then used to generate “thousands” of images that violated content restrictions. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-generative-ai-lawsuit-hacking/
-
Japan says Chinese hackers targeted its government and tech companies for years
by
in SecurityNewsThe years-long hacking spree targeted government organizations as well as companies across Japan. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/08/japan-says-chinese-hackers-targeted-its-government-and-tech-companies-for-years/
-
Thousands of credit cards stolen in Green Bay Packers store breach
by
in SecurityNewsAmerican football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/thousands-of-credit-cards-stolen-in-green-bay-packers-store-breach/
-
UN aviation agency confirms recruitment database security breach
by
in SecurityNewsThe United Nations’ International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/un-aviation-agency-confirms-recruitment-database-security-breach/
-
New Labels Will Help People Pick Devices Less at Risk of Hacking
by
in SecurityNewsThe US government is rolling out a consumer labeling system designed to help Americans pick smart devices that are less vulnerable to hacking. The post New Labels Will Help People Pick Devices Less at Risk of Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-labels-will-help-people-pick-devices-less-at-risk-of-hacking/
-
China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks
by
in SecurityNewsChina has slammed a decision by the US Treasury to sanction a Beijing-based cybersecurity company for its alleged role in multiple hacking incidents targeting critical infrastructure. The post China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/china-protests-us-sanctions-for-its-alleged-role-in-hacking-complains-of-foreign-hacker-attacks/
-
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
by
in SecurityNews
Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-dayGenerative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
-
CISA Investigates Chinese Hacking of Treasury Department
by
in SecurityNewsUS Cyber Defense Agency Confirms Role in Federal Probe Following ‘Major Incident’. The Cybersecurity and Infrastructure Security Agency is working closely with the Treasury Department in an ongoing investigation to determine the full scale and scope of a Chinese-linked hack targeting key offices tasked with sanctions enforcement, the agency confirmed Monday. First seen on govinfosecurity.com…
-
China’s Hacking of US Telecoms: Officials Name More Victims
by
in SecurityNewsReportedly Hacked: Charter Communications, Consolidated Communications, Windstream. The nine known victims of a broad and significant cyberespionage campaign the White House has tied to China reportedly include Charter Communications, Consolidated Communications and Windstream, as officials said the hackers’ earliest known telecom network penetration began in mid-2023. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinas-hacking-us-telecoms-officials-name-more-victims-a-27222
-
Thousands of BeyondTrust Systems Remain Exposed
by
in SecurityNewsWeeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say — though it’s impossible to tell how many are still vulnerable. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/thousands-of-buggy-beyondtrust-systems-still-exposed
-
US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure
by
in SecurityNewsThe US Treasury has sanctioned Chinese company Integrity Technology for supporting state-sponsored group Flax Typhoon in hacking US critical infrastructure. The post US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-sanctions-chinese-firm-linked-to-flax-typhoon-attacks-on-critical-infrastructure/
-
U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns
by
in SecurityNewsThe U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims.These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or First seen on…
-
U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns
by
in SecurityNewsThe U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims.These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or First seen on…
-
US sanctions Chinese cyber firm linked to Flax Typhoon hacks
by
in SecurityNewsU.S. officials say the sanctioned Chinese firm provided botnet infrastructure for the China-backed hacking group Flax Typhoon First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/03/us-sanctions-chinese-cyber-firm-linked-to-flax-typhoon-hacks/
-
US Sanctions Beijing Company for Flax Typhoon Hacking
by
in SecurityNewsIntegrity Technology Group Built Botnet for Chinese Hackers, US Treasury Says. The Department of Treasury blacklisted Integrity Technology Group, declaring transactions with the company to be off-limits for U.S. financial institutions and persons. The effect will likely have more symbolic than actual disruptive effect. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-sanctions-beijing-company-for-flax-typhoon-hacking-a-27209
-
US sanctions Chinese company linked to Flax Typhoon hackers
by
in SecurityNewsThe U.S. Treasury Department has sanctioned Beijing-based cybersecurity company Integrity Tech (also known as Yongxin Zhicheng) for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-chinese-company-linked-to-flax-typhoon-hackers/
-
In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury
by
in SecurityNewsNoteworthy stories that might have slipped under the radar: location data of 800,000 electric Volkswagen cars leaked, DoubleClickjacking attack, China denies hacking US Treasury. The post In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-volkswagen-data-leak-doubleclickjacking-china-denies-hacking-us-treasury/