As we enter the age of the software-defined automobile, especially those with electric drivetrains, we’re facing unprecedented risk from cyberattacks, say a wide coterie of experts. According to the Israel-based Upstream firm, from 2019 to 2023 disclosed cybersecurity incidents in the automotive and mobility space increased by more than 50%, with 295 such occurrences in 2023. Some 64% of these attacks were executed by “bad hat actors” with malevolent intent, the report said. And 65% of deep and
All Articles (2531)
Between November and December 2023, a threat actor successfully stole more than two million email addresses and other personal information from at least 65 websites, threat intelligence firm Group-IB reports. ResumeLooters is confirmed to have stolen several databases containing 2,079,027 unique emails and other records, such as names, phone numbers, dates of birth, and information about job seekers’ experience and employment history. The stolen data was then offered for sale by ResumeLooters
Since the Internet Age and cybercrime were invented, it is hard to imagine when crimes were committed in person, and rivalries were settled with gunfire. Nearly 100 years ago, St. Valentine’s Day had more than a passing interest for the citizens of Chicago, Illinois.
On the morning of 14 February 1929, two men dressed as police officers and two men dressed as civilians entered gangster Bugs Moran’s headquarters on North Clark Street in Chicago. Inside, they lined up seven of Moran’s unarmed he
DarkReading recently provided an editorial on the recent cyber security repose to Ivanti’s VPN issues. “Here's what's clear about the current cybersecurity state of Ivanti's VPN appliances, they have been widely vulnerable to cyberattack, and threat actors are onto the possibilities. It's up to enterprise cyber teams to decide what comes next.”
So far, Ivanti has disclosed five VPN flaws in 2024, most exploited as zero-days — with two of them publicly announced weeks before patches became avai
A United States federal judge has sentenced Joshua Adam Schulte, a former CIA employee, to 40 years in prison for one of the most significant disclosures of classified information in US history. Schulte worked as a software developer for the CIA's cyber operations division from 2012 to 2016, where he built hacking tools for intelligence gathering. According to the US Department of Justice, an internal dispute in 2016 led to Schulte's administrator privileges being revoked. He had secretly ope
Bitdefender researchers have discovered a new backdoor targeting Mac OS users. This previously undocumented family of malware is written in Rust and includes several interesting features. While the investigation is ongoing, we’re sending out this alert to share indicators of compromise with the community. Bitdefender products identify this threat as Trojan.MAC.RustDoor.*.
Here’s what we know so far: Distribution - The backdoor seems to impersonate a Visual Studio update, and all identified fi
The US State Department announced a $10 million reward for information leading to the identification or location of key members of the Hive ransomware gang. The FBI disrupted the gang’s operations almost exactly one year ago, shutting the ransomware group’s infrastructure after a seven-month operation.
Last week, the State Department said that in addition to the $10 million for information on those holding key leadership positions in the gang, they are offering $5 million “for information leadi
A bipartisan congressional investigation has found that US venture capital firms invested billions in Chinese technology companies in semiconductor, AI, and cybersecurity, sectors that threaten US national security. According to a report released on 08 February 2024 by the House Select Committee on China, five prominent venture firms, GGV Capital, GSR Ventures, Qualcomm Ventures, Sequoia Capital, and Walden International, invested in hundreds of Chinese companies that directly or indirectly sup
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against US critical infrastructure in the event of a significant crisis or conflict with the United States.[1]
CISA, NSA, FBI and the following partners are releasing this advisory to warn criti
Valentine's Day is a time when many people feel particularly vulnerable, but others also feel generous and giving. This makes it the perfect time for cybercriminals and fraudsters to operate.
The Cyber Helpline https://www.lighthousevictimcare.org/organisation/the-cyber-helpline/, a UK charity led by volunteers and staff from the cybersecurity industry, has expanded to the USA to support those experiencing cybercrime and online harm. The charity expects a considerable increase in online relatio
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. "An out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests," the company said in a bulletin released last week.
It further acknowledged that the iss
The Colonial Pipeline ransomware infection has become a cautionary story about how ‘borking’ critical infrastructure can cause real-world pain, with fuel shortages leading to long lines and fistfights breaking out at gas stations. Or as Jen Easterly, boss of the US Cybersecurity and Infrastructure Security Agency, warned Congress recently, "Societal panic and chaos."
The CISA Director and other security and law enforcement chiefs stressed the reality in which nation-states operating against Ame
Swedish astronaut Marcus Wandt took control of a series of robots in Germany while on board the International Space Station, zipping around the Earth at 28,000 kilometers per hour (17,500 mph.) Researchers want to understand how time delays can affect the remote control of robots from an orbiting platform. Future astronauts could control rovers on the moon or Mars from a spacecraft in orbit. Until now, only wheeled rovers have been part of the tests, but now they have added a dog-like robot call
It has been reported that three million electric toothbrushes have been hacked and abused for a highly disruptive distributed denial-of-service (DDoS) attack, but cybersecurity experts have rushed to question the claims. The Swiss German-language daily newspaper Aargauer Zeitung published an article describing the alleged attack on 30 January 2024. According to a machine translation of the article, cybercriminals installed malware on three million electric toothbrushes and used the compromised
The expression “drop a dime” usually refers to informing the police or other investigators about someone’s illegal activity. Still, it is sometimes used for more general and less severe circumstances whenever someone informs on another person’s infractions. The young readers may not know how a dime was used in the previous century, before the advent of cell phones. On almost every corner in the US, there was a coin-operated telephone, and anyone with 10 cents or a dime (no pennies) could make
Is nothing sacred? Criminal hackers have reached a new low. The Municipality of Korneuburg in Austria said it was hit by a ransomware attack, leading to funerals reportedly being canceled and the town hall informing residents its staff can only be reached via telephone. The small town on the banks of the Danube a few kilometers north of Vienna has a population of under 13,000 people. In a statement on the municipality’s website, the town hall said its technical department was “working hard t
As more than 65,000 football fans descend on Allegiant Stadium in Las Vegas, Nevada, for Super Bowl LVIII, attractive targets for cybercriminals and hackers. The major sporting events like the Super Bowl face elevated cyber risks due to the proliferation of connected networks and devices used by venues, teams, vendors, media, and attendees. This year, the US Department of Homeland Security (DHS) is working closely with partners to assess and strengthen cyber protections. "There are no known,
Hackers from the People's Republic of China spent up to five years in US networks as part of a cyber operation that targeted US critical infrastructure, law enforcement and international agencies said earlier this week. "The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People's Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive o
Author Mercy Kuo often engages subject-matter experts, policy practitioners, and strategic thinkers across the globe for their diverse insights into US Asia policy. This article highlights a conversation with Christopher R. O’Dea, adjunct fellow at Hudson Institute and author of the forthcoming book “Ships of State: China’s New Maritime Empire,” is the 400th in “The Trans-Pacific View Insight Series.”
How are China’s shipping companies serving the Chinese state? Beijing’s state-owned shipping
A Houston woman is going to prison for her role in an elaborate scheme that included hundreds of thousands of fake paper license plates. Leidy Hernandez Lopez, 43, pleaded guilty to buying and selling fraudulent Texas-issued temporary buyer tags for cars in and outside of Texas.[1]
Earlier this week, a US District Judge ordered Lopez to serve 30 months in federal prison followed by three years of supervised release. The court also ordered Hernandez Lopez to pay restitution to the Texas Departm