Security News

The United Nations' European headquarters in Geneva and Vienna were hacked last summer, putting thousands of staff records at miscreants' fingertips. Despite the size and extent of the hack, the UN decided to keep it secret.

The United Nations headquarters in New York as well as the U.N.'s sprawling Palais des Nations compound in Geneva, its European headquarters, did not immediately respond to questions from the AP about the incident. The internal document from the U.N. Office of Information and Technology said 42 servers were "Compromised" and another 25 were deemed "Suspicious," nearly all at the sprawling United Nations offices in Geneva and Vienna.

Those two forces are, one, individual social media users and, second, the engagement algorithms used by social media platforms. Social media algorithms can be used to magnify a troll's message and promote the re-sharing of a message that appeals to a niche corner of a social media platform.

A cyberattack disclosed recently by Mitsubishi Electric, which resulted in hackers gaining access to the company's network and stealing corporate data, likely involved exploitation of a vulnerability in Trend Micro's OfficeScan product. Mitsubishi Electric is a top contractor for Japan's military and infrastructure, but the company said in its data breach notice that no infrastructure-related information was impacted in the hack.

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman. "[W]ithin hours of the encrypted downloader being received, a massive and unauthorized exfiltration of data from Bezos' phone began, continuing and escalating for months thereafter," the report states.

A forensic investigation commissioned by Bezos concludes claims to have uncovered the May 2018 hack attack. Bin Salman sent Bezos a large video file on May 1, 2018, which FTI describes as "Arriving unexpectedly and without explanation," as if people routinely warn their friends that they're about to send a video attachment.

U.N. human rights experts are asking Washington to investigate a suspected Saudi hack that may have siphoned data from the personal smartphone of Jeff Bezos, Amazon founder and owner of The Washington Post. Bezos went public with the suspected hack shortly thereafter, saying the National Enquirer tabloid had threatened to publish his private messages and photos.

The U.S. Cyber Command's campaign to hack ISIS and disrupt its media operations faced some challenges, including a lack of data storage, but ultimately proved successful, according to government documents from 2016 that were made public Tuesday. The heavily-redacted documents published by the National Security Archive, a not-for-profit research organization, show that U.S. Cyber Command was not prepared to handle the amount of information it collected when it hacked ISIS. The command, which is part of the U.S. Defense Department and includes units from all military branches, also faced problems with interagency coordination and the lengthy process of vetting ISIS cyber targets.

The Saudi embassy in Washington on Tuesday dismissed suggestions the kingdom hacked the phone of Washington Post owner Jeff Bezos, as media reports linked the security breach to a WhatsApp message from an account of Crown Prince Mohammed bin Salman. The 2018 intrusion into the device led to the release of intimate images of Amazon founder Bezos, whose Post newspaper employed as a contributing columnist Jamal Khashoggi, a Saudi journalist murdered later that same year at Riyadh's consulate in Istanbul.

Trend Micro's Zero Day Initiative on Thursday announced the targets and prizes for the 2020 Pwn2Own competition, which is set to take place on March 18-20 in Vancouver at the CanSecWest conference. Pwn2Own 2019 introduced the automotive category and participants were invited to hack a Tesla Model 3.