Sunday, April 24, 2022

Lapsus$ hackers breached T-Mobile’s systems and stole its source code - The Verge

The Lapsus$ hacking group stole T-Mobile's source code in a series of breaches that took place in March, as first reported by Krebs on Security .

According to screenshotted messages posted by Krebs, Lapsus$ hackers also attempted to crack into the FBI and Department of Defense's T-Mobile accounts. They were ultimately unable to do so, as additional verification measures were required.

Publisher: The Verge
Date: 2022-04-23T12:51:58-04:00
Author: Emma Roth
Twitter: @verge
Reference: (Read more) Visit Source



These hackers just showed how easy it is to target critical infrastructure | MIT Technology Review

In 2012, he hacked a brand-new iPhone and took home $30,000 while on center stage at Pwn2Own, the biggest hacking contest in the world. Driven by curiosity, Keuper and his colleague Thijs Alkemade then hacked a car in 2018.

This week, the two Dutch researchers took home $90,000 and a new Pwn2Own championship trophy by targeting the software that helps run the world's critical infrastructure.

Publisher: MIT Technology Review
Reference: (Read more) Visit Source



North Korea hackers still accessing money they stole from Axie Infinity - The Washington Post

North Korean hackers who last month carried out one of the largest cryptocurrency thefts ever are still laundering their haul more than a week after they were identified as the thieves.

The cybercriminals' continued access to the money, more than $600 million stolen from the Axie Infinity video game, underscores the limits of law enforcement's ability to stop the flow of illicit cryptocurrency across the globe.

Publisher: Washington Post
Date: 2022-04-23T15:02:16.509Z
Twitter: @WashingtonPost
Reference: (Read more) Visit Source



Instagram hackers may just have accessed your account and you did not even know | How-to

Instagram is a popular social media platform that offers a lot of features, entertainment, and all the latest trends from fashion, news to even memes! Meta-owned Instagram has a billion or more active users. But what if your favourite app has been hacked by someone!

If you have lost access to the account then go to the Hacked Accounts page via help.instagram.com and follow the instructions to recover your account.

logo
Publisher: HT Tech
Date: 2022-04-24T14:50:50 05:30
Twitter: @HTTech
Reference: (Read more) Visit Source



Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica

Malicious hackers have been hammering servers with attacks that exploit the recently discovered SpringShell vulnerability in an attempt to install cryptomining malware, researchers said.

SpringShell came to light late last month when a researcher demonstrated how it could be used to remotely execute malicious code on servers that run the Spring model-view-controller or WebFlux applications on top of Java Development Kit versions 9 or higher.

Publisher: Ars Technica
Author:
Twitter: @arstechnica
Reference: (Read more) Visit Source



Hackers are exploiting 0-days more than ever | Ars Technica

Previously unknown " zero-day " software vulnerabilities are mysterious and intriguing as a concept. But they're even more noteworthy when hackers are spotted actively exploiting the novel software flaws in the wild before anyone else knows about them.

Mandiant and Project Zero each have a different scope for the types of zero-days they track. Project Zero, for example, doesn't currently focus on analyzing flaws in Internet-of-things devices that are exploited in the wild.

Publisher: Ars Technica
Author:
Twitter: @arstechnica
Reference: (Read more) Visit Source



An introduction to binary diffing for ethical hackers

Binary diffing is a reverse-engineering technique that involves comparing two versions of the same software to reveal recent code changes -- not unlike the spot-the-difference puzzles in Reader's Digest .

In ethical hacking , the goal of binary diffing is to flag new security patches as a means of locating and identifying corresponding vulnerabilities. Penetration testers and red teamers can then use this information to launch N-day exploits in unpatched systems, for example.

Publisher: SearchSecurity
Twitter: @SearchSecurity
Reference: (Read more) Visit Source



HackerOne CISO: 'Hackers need a seat at the table'

HackerOne's Chris Evans says companies that don't partner with hackers are increasingly seen to be 'lagging behind' in cybersecurity.

Chris Evans is the CISO and chief hacking officer at HackerOne, a California-headquartered bug bounty platform that connects businesses with penetration testers and cybersecurity researchers.

Publisher: Silicon Republic
Date: 2022-04-22T06:00:13 00:00
Author: silicon
Twitter: @siliconrepublic
Reference: (Read more) Visit Source



Binance freezes stolen Axie Infinity crypto after North Korean hackers move funds - The Record by ...

Binance CEO Changpeng Zhao said the cryptocurrency platform has frozen $5.8 million in funds that were stolen from popular DeFi platform Ronin Network by cybercriminals connected to the North Korean government. 

More than $540 million worth of Ethereum and US dollar-pegged stablecoin USDC was stolen on March 29 from Ronin Network, which underpins the Axie Infinity game.

logo
Publisher: The Record by Recorded Future
Date: 2022-04-22T21:24:26 00:00
Twitter: @therecord_media
Reference: (Read more) Visit Source



No comments:

Post a Comment

Popular Posts