A hacker, and HackerOne community member, by the name of haxta4ok00, posted a report to the bug bounty platform on November 24, which stated: "i can read all reports @security and more program." The hacker, in broken English, was revealing something very worrying indeed. Namely that they had accessed a HackerOne security analyst's account and was able to read sensitive information as a result.
"While I commend HackerOne for their response," said Craig Young, a senior security researcher at Tripwire, "this incident is yet another reminder of a distinct risk organizations take by using managed vulnerability reporting services like BugCrowd or HackerOne." Anywhere that valuable data is consolidated will inevitably become, as Young said, "a hugely attractive attack target for intelligence agencies, or even criminal actors, to fill their arsenal."
Quite a lot has been going on:
Smart TVs can allow hackers into your home, bedroom: FBI
In a pre-holiday advisory to consumers , the FBI warned that the high-tech, internet-connected devices — especially those with built-in cameras, facial recognition capabilities and microphones — make their unsuspecting owners an easy target for hackers and cyberspies.
But if a smart TV is still on your wish list, the FBI recommends taking some precautions to protect your home from nefarious forces.
It urges smart TV owners to educate themselves with their particular model’s security features and to learn how to carefully control them. This can be achieved with a quick Google search of the model number with the keywords “microphone,” “camera” and “privacy.”
BMW Infiltrated by Hackers Hunting for Automotive Trade Secrets
.jpg)
The German automotive giant BMW discovered and monitored a group of hackers who infiltrated the company's networks and stayed active since at least the spring of 2019.
BMW's security team spotted the hackers after discovering an instance of the legitimate penetration testing tool Cobalt Strike on a company computer, a tool regularly used in red team testing scenarios to simulate adversaries.
Following the discovery, the hackers were allowed to stay active with the probable end purpose of collecting more info on who they were, how many systems they managed to compromise, and what data they were after, if any, as Munich-based Bayerischer Rundfunk's reports.
2 Russian Hackers Accused Of Using Malware Attacks To Steal Millions From Local Entities –
PITTSBURGH (KDKA) – Two Russian hackers who allegedly stole millions from local entities have been identified by the FBI and a massive award is out for any information about them.
A federal jury unsealed a 10-count indictment against alleged Russian hackers Maksim Yakubets and Igor Turashev on Thursday.
The hackers allegedly stole millions of dollars, with the most recent hack happening in March of this year.
* * *
The most successful attack in our region came on the Friday before Labor Day in 2012 against Penneco Oil.
Not to change the topic here:
Facebook sues Chinese ad company over alleged hacking campaign - CNET
Hackers spent at least $4 million from compromised ads accounts on Facebook, according to the company.
Facebook filed a lawsuit Wednesday against two Chinese citizens , accusing them of operating a hacking campaign targeting ad accounts on the social network.
In Facebook's lawsuit, the tech giant alleges that Chen Xiao Cong, a Chinese software developer, and Huang Tao, a marketing director for the company GuangZhou HongYi Technology, were behind a similar hacking campaign starting in 2016. The lawsuit is also filed against the company ILikeAds, a Hong Kong based advertising business that promoted itself as a "one-stop comprehensive solution to advertisers."
Feds allege Russian hackers targeted Western Pennsylvania school, banks, businesses | TribLIVE.com
After a 10-year investigation, Russian nationals Maskim V. Yakubets and Igor Turashev were indicted in Pittsburgh and accused of distributing financial malware as part of a conspiracy involving computer hacking, wire fraud and bank fraud schemes.
“We know that for every dollar stolen from a school district, that’s one less dollar for the football team or the girls basketball team. One less dollar for teacher salaries or special education,” Brady said during a news conference at the Department of Justice in Washington, D.C.
FBI Issues 'Drive-By' Hacking Warning: This Is How To Secure Your Devices
Disney+ fans without answers after thousands hacked - BBC News
Thousands of Disney customers say they have been hacked after signing up to its online streaming service.
People waited on telephone and online chat lines for hours, and many still say that Disney has yet to sort their problems.
* * *
"Disney takes the privacy and security of our users' data very seriously and there is no indication of a security breach on Disney+," a spokesman said.
Disney's answer to Netflix, Disney+ is an online platform where fans can view its movies, short films and TV shows, including the Marvel and Star Wars franchises.
Happening on Twitter
Es gibt eine Website, auf der können Hacker gefundene Sicherheitslücken verkaufen. Die Website wurde gehackt. https://t.co/25Yv35KX7F ennolenze (from Kurdistan) Fri Dec 06 08:22:00 +0000 2019
No comments:
Post a Comment