DDoSers are abusing Microsoft RDP to make attacks more powerful
Enlarge / Hacker attacking server or database. Network security, Database secure and personal data protection DDoS-for-hire services are abusing the
Read more
Author: Dan Goodin
Chrome and Edge want to help with that password problem of yours
Enlarge / Please don’t do this. Getty Images If you’re like lots of people, someone has probably nagged you to
Read more
Phishing scam had all the bells and whistles—except for one
Enlarge / The query window for username and password on a webpage can be seen on the monitor of a
Read more
Security firm Malwarebytes was infected by same hackers who hit SolarWinds
Security firm Malwarebytes said it was breached by the same nation-state-sponsored hackers who compromised a dozen or more US government
Read more
Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine
Getty Images Last month, the makers of one of the most promising coronavirus vaccines reported that hackers stole confidential documents
Read more
The NSA warns enterprises to beware of third-party DNS resolvers
Getty Images DNS over HTTPS is a new protocol that protects domain-lookup traffic from eavesdropping and manipulation by malicious parties.
Read more
Hackers used 4 zero-days to infect Windows and Android devices
Google researchers have detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android
Read more
Hackers steal Mimecast certificate used to encrypt customers’ M365 traffic
Email management provider Mimecast said that hackers have compromised a digital certificate it issued and used it to target select
Read more
Parler’s amateur coding could come back to haunt Capitol Hill rioters
Getty Images By now, you may have heard of the hacker who says she scraped 99 percent of posts from
Read more
Hackers can clone Google Titan 2FA keys using a side channel in NXP chips
Google There’s wide consensus among security experts that physical two-factor authentication keys provide the most effective protection against account takeovers.
Read more
DoJ says SolarWinds hackers breached its Office 365 system and read email
The US Justice Department has become the latest federal agency to say its network was breached in a long and
Read more
Bucking Trump, NSA and FBI say Russia was “likely” behind SolarWinds hack
Enlarge / Side view of colorful St. Basil’s Cathedral in Moscow on Red Square in front of the Kremlin, Russia.
Read more
Telegram feature exposes your precise address to hackers
If you’re using an Android device—or in some cases an iPhone—the Telegram messenger app makes it easy for hackers to
Read more
Hackers are exploiting a backdoor built into Zyxel devices. Are you patched?
Hackers are attempting to exploit a recently discovered backdoor built into multiple Zyxel device models that hundreds of thousands of
Read more
2020 had its share of memorable hacks and breaches. Here are the top 10
2020 was a tough year for a lot of reasons, not least of which were breaches and hacks that visited
Read more
Zero-click iMessage zero-day used to hack the iPhones of 36 journalists
Three dozen journalists had their iPhones hacked in July and August using what at the time was an iMessage zero-day
Read more
Kazakhstan spies on citizens’ HTTPS traffic; browser makers fight back
Google, Mozilla, Apple, and Microsoft said they’re joining forces to stop Kazakhstan’s government from decrypting and reading HTTPS-encrypted traffic sent
Read more
Microsoft president calls SolarWinds hack an “act of recklessness”
Enlarge / Close up of digital data and binary code in network. Getty Images Of the 18,000 organizations that downloaded
Read more
Microsoft is reportedly added to the growing list of victims in SolarWinds hack
Microsoft was hacked by the same group that compromised the networks of software maker SolarWinds and multiple federal agencies, Reuters
Read more
SolarWinds hack that breached gov networks poses a “grave risk” to the nation
The supply chain attack used to breach federal agencies and at least one private company poses a “grave risk” to
Read more
“Evil mobile emulator farms” used to steal millions from US and EU banks
Getty Images Researchers from IBM Trusteer say they’ve uncovered a massive fraud operation that used a network of mobile device
Read more
Up to 3 million devices infected by malware-laced Chrome and Edge add-ons
As many as 3 million people have been infected by Chrome and Edge browser extensions that steal personal data and
Read more
SolarWinds hackers have a clever way to bypass multi factor authentication
The hackers behind the supply chain attack that compromised public and private organizations have devised a clever way to bypass
Read more
~18,000 organizations downloaded backdoor planted by Cozy Bear hackers
About 18,000 organizations around the world downloaded network management tools that contained a backdoor that a nation state used to
Read more
Russian hackers hit US government using widespread supply chain attack
Getty Images Russian hackers have breached networks belonging to the US government and private organizations worldwide in a widespread espionage
Read more
Zodiac Killer cipher is cracked after eluding sleuths for 51 years
Enlarge / Composite drawings of the Zodiac Killer. Getty Images A coded message sent by a brutal serial killer who
Read more
Facebook says hackers backed by Vietnam’s government are linked to IT firm
Facebook said it has linked an advanced hacking group widely believed to be sponsored by the government of Vietnam to
Read more
Wormable code-execution flaw in Jabber has a severity rating of 9.9 out of 10
Getty Images Cisco has patched its Jabber conferencing and messaging application against a critical vulnerability that made it possible for
Read more
COVID-19 vaccine data has been unlawfully accessed in hack of EU regulator
Covid-19 Coverage View more stories Information relating to the one of the most promising coronavirus vaccines has been “unlawfully accessed”
Read more
GE puts default password in radiology devices, leaving healthcare networks exposed
Dozens of radiology products from GE Healthcare contain a critical vulnerability that threatens the networks of hospitals and other health
Read more
Rusty but intact: Nazi Enigma cipher machine found in Baltic Sea
Enlarge / The Enigma cipher machine found in the Baltic Sea is lying on a table in front of the
Read more
Android apps with millions of downloads are vulnerable to serious attacks
Android apps with hundreds of millions of downloads are vulnerable to attacks that allow malicious apps to steal contacts, login
Read more
Verizon has been leaking customers’ personal information for days (at least)
Enlarge / A Verizon FiOS truck in Manhattan on September 15, 2017. Verizon is struggling to fix a glitch that
Read more
Abusive add-ons aren’t just a Chrome and Firefox problem. Now it’s Edge’s turn
Microsoft For years, Google and Mozilla have battled to keep abusive or outright malicious browser extensions from infiltrating their official
Read more
Google is testing end-to-end encryption in Android Messages
Enlarge / Security padlock in circuit-board background. Google has begun rolling out end-to-end encryption for Rich Communication Service, the text-messaging
Read more
Massive, China-state-funded hack hits companies around the world, report says
Enlarge / Computer chip with Chinese flag, 3d conceptual illustration. Researchers have uncovered a massive hacking campaign that’s using sophisticated
Read more