Security News

A U.K. citizen has been arrested in the Spanish town of Estepona over his alleged involvement in the July 2020 hack of Twitter, resulting in the compromise of 130 high-profile accounts. Joseph O'Connor, 22, has been charged with intentionally accessing a computer without authorization and obtaining information from a protected computer, as well as for making extortive communications.

A fourth suspect has been arrested today for his role in the Twitter hack last year that gave attackers access to the company's internal network exposing high-profile accounts to hijacking. The United States Department of Justice announced that Joseph O'Connor, a 22-year old UK national, was detained in Spain on several charges related to the Twitter hack in July 2020.

The Wi-Fi network name bug that was found to completely disable an iPhone's networking functionality had remote code execution capabilities and was silently fixed by Apple earlier this year, according to new research. The denial-of-service vulnerability, which came to light last month, stemmed from the way iOS handled string formats associated with the SSID input, triggering a crash on any up-to-date iPhone that connected to wireless access points with percent symbols in their names such as "%p%s%s%s%s%n.

iPhones have been compromised by the NSO Group's Pegasus spyware. The findings indicated that the Pegasus spyware program sold by surveillance company NSO Group was able to infect iPhone 11 and iPhone 12 models through zero-click attacks in the iOS iMessage app.

China on Tuesday said the US had "Fabricated" allegations it carried out a massive Microsoft hack, countering that Washington was the "World champion" of cyber attacks while raging at American allies for signing up to a rare joint statement of condemnation. The United States on Monday accused Beijing of carrying out the March cyber attack on Microsoft Exchange, a top email server for corporations around the world, and charged four Chinese nationals over the "Malicious" hack.

Human rights and press freedom activists are up in arms about a new report on NSO Group, the notorious Israeli hacker-for-hire company. The report, by a global media consortium, expands public knowledge of the target list used in NSO's military-grade spyware.

The US has also blamed hackers working with China for ransomware attacks, extortion, crypto-jacking and other cybercrimes. The United States and several allies have officially pointed the finger at China for the recent hack of Microsoft Exchange server as well as an ongoing series of cyberattacks carried out by contract hackers for personal profit.

Hackers gained access to the Social Security numbers of more than two dozen people during a ransomware attack that forced the city of Tulsa to shut down parts of its computer network for months, officials said. The hackers got Social Security numbers for 27 people in the cyberattack Tulsa detected May 6, Michael Dellinger, the city's chief information officer, said Tuesday.

Based on these parameters, Nevada topped the roundup by a significant margin with 523 hacking victims per 100,000 residents. For perspective, the District of Columbia claimed the second-highest ratio with 302 attack victims per 100,000 residents, just ahead of Iowa, Alaska and Florida.

A vulnerability affecting some of Schneider Electric's Modicon programmable logic controllers can be exploited to bypass authentication mechanisms, allowing attackers to take complete control of the targeted device. It can be exploited by an unauthenticated attacker who has network access to the targeted PLC. The exploit chain demonstrated by Armis also involves several other vulnerabilities discovered over the past few years.