Silence gets you nowhere in a data breach
An important lesson in how not to respond to a breach, courtesy of LastPass and Fortra.
Read more
Security
Hackers used spyware made in Spain to target users in the UAE, Google says
In November 2022, Google revealed the existence of a then-unknown spyware vendor called Variston. Now, Google researchers say they have seen hackers use Variston’s tools in the United Arab Emirates. In a report published on Wednesday, Google’s Threat Analysis Group (TAG) said it discovered hackers targeting people in the UAE who used Samsung’s native Android […]
Read more
Children’s data feared stolen in Fortra ransomware attack
The fallout from Fortra’s mass ransomware attack continues to widen as the hackers claim a new victim: a children’s virtual mental health care startup. In a data breach disclosure filed with the Maine attorney general’s office, U.S. healthcare giant Blue Shield of California confirmed that one of its providers, Brightline, had data stolen from data […]
Read more
Microsoft lets generative AI loose on cybersecurity
As a part of its continued quest to inject generative AI into all its products, Microsoft today introduced Security Copilot, a new tool that aims to “summarize” and “make sense” of threat intelligence. In a light-on-the-details announcement, Microsoft pitched Security Copilot as a way to correlate data on attacks while prioritizing security incidents. Countless tools […]
Read more
Lawmakers call on USPS to combat surge in ‘change of address’ fraud
A group of bipartisan lawmakers has called on the U.S. Postal Service to strengthen its internal processes to reduce change of address fraud, which each year allows fraudsters to redirect thousands of people’s mail, including bills, checks and bank statements. U.S. Congressman Josh Gottheimer (D-NJ, 5th) and other House lawmakers want USPS to make it […]
Read more
Hackers could remotely turn off lights, honk, mess with Tesla’s infotainment system
Thanks to three vulnerabilities chained together, malicious hackers could remotely hack into a Tesla, turn off the lights, honk the horn, open the trunk, activate the windshield wipers, and mess with the infotainment system, according to security researchers. The researchers, who work for security firm Synacktiv, found the vulnerabilities and showcased them at the Pwn2Own […]
Read more
Biden executive order bans federal agencies from using commercial spyware
The Biden administration on Monday announced a new executive order that would broadly ban U.S. federal agencies from using commercially developed spyware that poses threats to human rights and national security. The move to ban federal agencies — including law enforcement, defense and intelligence — from using commercial spyware comes as officials confirmed that dozens […]
Read more
GitHub takes down repository containing Twitter’s source code
Microsoft-owned GitHub took down a repository by a user named “FreeSpeechEnthusiast” that contained proprietary source code to Twitter after the social network filed a DCMA takedown request. The username certainly seems to be a jab at Twitter owner Elon Musk, who has claimed to be a “free speech absolutist” many times. On Friday, Twitter filed […]
Read more
Fortra told breached companies their data was safe
Software maker Fortra told its corporate customers that their data was safe — even when it wasn’t — following a ransomware attack on its systems, TechCrunch has learned. As we have been reporting, the Clop ransomware gang exploited a newly discovered bug in Fortra’s GoAnywhere file transfer software, used by thousands of organizations to transfer […]
Read more
How the FBI caught the BreachForums admin
On Friday, the U.S. Justice Department announced that the now-arrested alleged administrator of the infamous hacking forum BreachForums facilitated the sale and purchase of private information that belonged to “millions of U.S. citizens and hundreds of U.S. and foreign companies, organizations, and government agencies.” In a statement, prosecutors confirmed the arrest of Conor Fitzpatrick, 20, […]
Read more