Skip to main content
All Stories Tagged:

Security

Cybersecurity is the rickety scaffolding supporting everything you do online. For every new feature or app, there are a thousand different ways it can break – and a hundred of those can be exploited by criminals for data breaches, identity theft, or outright cyber heists. Staying ahead of those exploits is a full-time job, and one of the most lucrative and sought-after skills in the tech industry. All too often, it’s something up-and-coming companies decide to skip out on, only to pay the price later on.

Is LockBit back in control?

It’s been four days since the FBI announced it had disrupted the group, and now, cybersecurity researcher Kevin Beaumont reports that LockBit seems to have surfaced with claims that it has struck back at the US intelligence agency. Malware tracker vx-underground says the group now has new TOR domains.

The US State Deparment has offered a $15 million reward for information that results in arrests of LockBit attackers.


Julius “Zeekill” Kivimäki, Lizard Squad hacker, is arrested (again).

Cybersecurity blogger Brian Krebs reshared this post showing Kivimäki has been arrested in Helsinki after disappearing when a Finnish appeals court overturned his release from prison.

Kivimäki was initially arrested in France last year for allegedly hacking the Vastaamo online therapy center and leaking patient info online.


Microsoft says its automated AI red teaming tool finds malicious content “in a matter of hours.”

PyRIT, or Python Risk Identification Toolkit, can point human evaluators to “hot spot” categories in AI that might generate harmful prompt results.

Microsoft used PyRIT while redteaming (the process of intentionally trying to get AI systems to go against safety protocols) its Copilot services to write thousands of malicious prompts and score the response based on potential harm in categories that security teams can now focus on.


R
Twitter
AT&T says its massive wireless outage was probably not due to a cyberattack.

After AT&T wireless service went out for many customers and even first responders across the US Thursday morning, one of the concerns was that the problem, and AT&T’s long delay before making a public statement about it, indicated a possible security breach.

However, according to this tweet, the company thinks it has identified the cause, described as “ the application & execution of an incorrect process used as we were expanding our network.”


E
External Link
The journalist who leaked Kanye West’s unaired Fox News rant has been arrested.

Tim Burke faces 14 federal charges in connection to an alleged hack on Fox News, which leaked unreleased portions of a Tucker Carlson interview where West went on an antisemitic rant. The indictment claims Burke and a co-conspirator used “compromised credentials” to “access and save protected commercial broadcast video streams,” according to the Tampa Bay Times.

Following an FBI raid on Burke’s home last year, his lawyers argued he accessed the video feed with no username or password required. “It’s not hacking, it’s just good investigative journalism,” Michael Maddux, Burke’s lawyer, told the Tampa Bay Times on Thursday.


J
External Link
Federal agencies are investigating whether this morning’s AT&T outage was a cyberattack.

ABC News reports the FBI and Department of Homeland Security (DHS), and other federal agencies, are “urgently investigating” the nation-wide outage to determine if it really was a cyberattack, or a not-so-nefarious technical mishap.

Reuters also has notes from White House spokesperson John Kirby’s comments to reporters:

When asked if government communication was disrupted by AT&T outages, Kirby said: “There was some impact to Commerce (Department) but I don’t know the extent of that, I don’t think it was crippling.” He added that the FirstNet nationwide public safety network was hit but had been fully restored.

U.S. officials have been told that AT&T had no reason to think this was a cybersecurity incident, Kirby said.


T
External Link
Massive leak posted to GitHub reveals coordinated Chinese hacking scheme.

Here’s how The Washington Post describes the trove of documents deemed authentic by cybersecurity experts:

The cache — containing more than 570 files, images and chat logs — offers an unprecedented look inside the operations of one of the firms that Chinese government agencies hire for on-demand, mass data-collecting operations.

Worth a read in full to understand what Google, Microsoft, and Apple are up against as state-sponsored hackers seize upon vulnerabilities to grow their businesses.


A
Twitter
Now you can sign into your PlayStation account without a password.

Passkey support is now available for Sony PlayStation accounts. Users can activate the feature in the security section of their Account Management settings on a PS5, PS4, computer, or mobile device.

PlayStation isn’t the first console to embrace the post-password future. Nintendo added support for passkeys last fall, enabling users to access their accounts with authentication methods such as iOS Face ID or the Android fingerprint sensor.

Update, Wednesday, February 21st, 2024, 5:02PM ET: Updated to include new tweet from the Ask PlayStation Twitter account.


L
Twitter
The US isn’t done cracking down on the LockBit ransomware group.

The Department of State is offering up to $15 million in rewards for information that leads to the arrest or conviction of anyone who’s been involved in the ransomeware attacks with LockBit.

The announcement comes one day after law enforcement agencies said they’d disrupted the group and gotten the keys to decrypt hacked data.


E
Twitter
The FCC is cracking down on robocallers and robotexters who don’t let you opt out.

The new rules require robocallers and robotexters to stop calling or sending you messages within 10 business days of receiving your request to opt out. Earlier this month, the FCC also banned robocalls that use AI-generated voices.


A
External Link
The missing black cat with a $15 million award.

Or, the ALPHV / Blackcat ransomware gang that’s accused of extorting millions from hospitals, schools, and even Reddit.

The State Department is offering a $10 million reward to anyone with information on the key leaders of the multinational group that would lead to their location or arrest. The agency is offering another $5 million for intel on “any individual conspiring to participate in or attempting to participate” in the notorious ransomware gang’s activities.


E
External Link
The FBI took down a Russian botnet operating on hundreds of home WiFi routers.

The Justice Department said the botnet used the Moobot malware, which was initially installed by “non-GRU cybercriminals” on Ubiquiti Edge OS routers. Then, the feds say, Russia’s GRU Military Unit 26165, (aka APT28, Fancy Bear, and a few other names), repurposed the network to harvest credentials of “targets of intelligence interest to the Russian government.”

The FBI used the same malware to wipe the routers and disable remote access.


W
Youtube
Forever a sucker for cowboy robots.

Y’all don’t know this about me, but I had designs of making a cowboy robot comic book in the early 2000s, when becoming a Real Comic Book Artist was my primary goal in life.

I never published one, but this Super Bowl commercial from cybersecurity company CrowdStrike, like Cowboys & Aliens before it, was made for exactly me.


W
External Link
The Canadian government targets a hobbyist hacking tool in car theft crackdown.

The Canadian Department of Innovation, Science, and Economic Development said it “will pursue all avenues to ban” devices like the Flipper Zero, an open-source wireless hacking tool, asserting that it can be used to steal keyless entry signals.

While it’s true that the device have caused some trouble, Ars Technica spoke with a number of experts, including the COO of Flipper Devices, who insist it just isn’t powerful or sophisticated enough for car theft.


W
External Link
A Verizon employee gained unauthorized access to 63,000 employees’ data in September.

The company recently filed a data breach notification with Maine’s Attorney General’s office saying that the employee doesn’t seem to have shared the data, which included names, physical addresses, and social security numbers.

Verizon told BleepingComputer that it had contacted law enforcement, but that “there is no indication of malicious intent.”


A
External Link
US plans visa bans for people connected to spyware that targets journalists and activists.

The State Department can restrict visas to individuals linked to the illegal use of commercial spyware, Secretary of State Antony Blinken announced. The new policy covers investors and heads of companies, as well as those acting on behalf of governments that carry out illegal surveillance.

The policy will be applied using the information in an individual’s visa application, a senior official told reporters.

The US has already placed export limits on spyware firms like Pegasus maker NSO, and Candiru.


R
Twitter
Joshua Schulte sentenced to 40 years in prison for leaking “Vault 7” CIA material to Wikileaks.

Schulte was convicted two years ago on all nine charges he faced as a result of the single largest leak in the CIA’s history. A year after the 2017 leaks, the ex-CIA engineer was arrested on charges of possessing CSAM, and he has been in prison ever since.

Dubbed Vault 7, the 2017 Wikileaks dump exposed tactics and exploits the CIA used to hack its targets’ computersiPhones or Android phones, and even Samsung smart TVs. His lawyers said they will appeal.


E
External Link
Feds shut down a China-backed botnet targeting home office routers.

The FBI disrupted the botnet last December, which hijacked “hundreds” of small office and home office routers in the US. Officials linked the attack to Volt Typhoon, a hacking group with ties to the Chinese Communist Party.

The hackers primarily targeted Cisco and NetGear routers that no longer receive security updates. Even though officials deleted the malware from affected routers, the FBI is still advising users to remove or replace any small office routers that have reached end of life, as they’re still vulnerable to other attacks.


Google’s Pixel Password manager makes switching to passkeys easy for Best Buy, Nintendo, Uber, and others.

Google Pixels recently updated the built-in password manager to identify accounts that support passkeys — a more secure login method than passwords — and prompt users for a simple security upgrade.

It’s coming to other devices eventually, and Google announced today several companies that not only support passkeys, but they've also set up their accounts so users will be taken directly to the correct page to set up a passkey. Better yet, other services can freely add the feature too.


Screenshot of Google Password Manager on a Pixel phone promting the user to simplify their sign-in by switching to passkeys.
Google Password Manager passkeys prompt for supported accounts.
Image: Google