GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The Microsoft-owned code hosting service said it learned of the attack on September 16, 2022, adding the campaign impacted "many victim organizations." The fraudulent … [Read more...] about Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts
hack
Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
Budget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans designed to target WhatsApp and WhatsApp Business messaging apps. The trojans, which Doctor Web first came across in July 2022, were discovered in the system partition of at least four different smartphones: P48pro, radmi note 8, Note30u, and … [Read more...] about Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
Pegasus Spyware Used to Hack Devices of Pro-Democracy Activists in Thailand — The Hacker News
Thai activists involved in the country's pro-democracy protests have had their smartphones infected with NSO Group's infamous Pegasus government-sponsored spyware. At least 30 individuals, spanning activists, academics, lawyers, and NGO workers, are believed to have been targeted between October 2020 and November 2021, many of whom have been previously detained, arrested and … [Read more...] about Pegasus Spyware Used to Hack Devices of Pro-Democracy Activists in Thailand — The Hacker News
New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a … [Read more...] about New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars
Scammers steal seed phrases to hack cryptowallets
Scammers will stop at nothing when it comes to stealing cryptocurrency. Some try to sell scarce mining equipment, others lure victims with gifts from cryptoexchanges or Elon Musk himself, or even post screenshots on public platforms with passwords for cryptowallets and collect “fees” from cryptoinvestors enticed by the prospect of a free lunch. Today we tell you about a new … [Read more...] about Scammers steal seed phrases to hack cryptowallets
Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity's Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets … [Read more...] about Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
Potential consequences of Okta hack
Hackers belonging to the LAPSUS$ cybercrime group have published screenshots, allegedly taken from inside Okta’s information systems. If the claims are true, they have access not only to the company’s website, but also to a number of other internal systems, including quite critical ones. LAPSUS$ claims that they did not steal any data from the company itself, and that their … [Read more...] about Potential consequences of Okta hack
U.S. Arrests Two and Seizes $3.6 Billion Cryptocurrency Stolen in 2016 Bitfinex Hack
The U.S. Justice Department (DoJ) on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, are alleged to have "stolen funds through a labyrinth of … [Read more...] about U.S. Arrests Two and Seizes $3.6 Billion Cryptocurrency Stolen in 2016 Bitfinex Hack
Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat … [Read more...] about Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services
Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine. Tracked as CVE-2021-41556, the issue occurs when a game library referred to as … [Read more...] about Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services