Security News
The HSE did not have a Chief Information Security Officer or a "single responsible owner for cybersecurity at either senior executive or management level to provide leadership and direction. Under-resourced Information Security Managers were not performing their business as usual role but were working on evaluating security controls for the COVID-19 vaccination system.
Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. Successful exploitation of this bug allows attackers to execute arbitrary code on iPhones and iPads running vulnerable versions of iOS and iPadOS after processing maliciously crafted web content.
The U.S. Justice Department on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, are alleged to have "Stolen funds through a labyrinth of cryptocurrency transactions," with the law enforcement getting hold of over $3.6 billion in cryptocurrency by following the money trails, resulting in the "Largest financial seizure ever."
The US Department of Justice announced that law enforcement seized billions worth of cryptocurrency linked to the 2016 Bitfinex cryptocurrency exchange hack. In 2016, the 119,756 bitcoins stolen during the attack were worth almost $78 million and are now valued at roughly $4.5 billion.
ExpressVPN has updated its bug bounty program to make it more inviting to ethical hackers, now offering a one-time $100,000 bug bounty to whoever can compromise its systems. Today, ExpressVPN announced that they are now offering a $100,000 bug bounty for critical vulnerabilities in their in-house technology, TrustedServer.
Those following the tech world have probably heard about the recent hack of blockchain bridging service Wormhole that has amounted to the fourth-largest crypto theft, and second-largest De-Fi theft, ever. In this particular case, the attacker exploited Wormhole in such a way that they were able to trick it into minting 120,000 wrapped ethereum on the Solana blockchain, most of which the attacker then moved to the ethereum blockchain.
The attack discovered sometime this January, reportedly allowed threat actors to access emails and documents of some News Corp employees, including journalists. In a Securities & Exchange Commission filing seen by BleepingComputer today, News Corp shared that one of its systems had been subject to "Persistent cyberattack activity."
Some of Britain's favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack. Kenyon Produce, to give the company its formal name, wrote to small shops around the UK saying it had been infected with ransomware on 28 January, as reported by industry news site Better Retailing.
A researcher who showed Apple how its webcams can be hijacked via a universal cross-site scripting bug Safari bug has been awarded what is reportedly a record $100,500 bug bounty. The bug could be used by an adversary as part of an attack to gain full access to every website ever visited by the victim.
Apple last year fixed a new set of macOS vulnerabilities that exposed Safari browser to attack, potentially allowing malicious actors to access users' online accounts, microphone, and webcam. Security researcher Ryan Pickren, who discovered and reported the bugs to the iPhone maker, was compensated with a $100,500 bug bounty, underscoring the severity of the issues.