Security News

The New York Times is reporting that a US citizen's phone was hacked by the Predator spyware. A U.S. and Greek national who worked on Meta's security and trust team while based in Greece was placed under a yearlong wiretap by the Greek national intelligence service and hacked with a powerful cyberespionage tool, according to documents obtained by The New York Times and officials with knowledge of the case.

Leading Bitcoin ATM maker General Bytes disclosed that hackers stole cryptocurrency from the company and its customers using a zero-day vulnerability in its BATM management platform. General Bytes makes Bitcoin ATMs allowing people to purchase or sell over 40 cryptocurrencies.

In August 2022, we wrote how General Bytes had fallen victim to a server-side bug in which remote attackers could trick a customer's ATM server into giving them access to the "Set up a brand new system" configuration pages. In the General Bytes ATM server the unauthorised access path that got the attackers into the "Start from scratch" setup screens didn't neutralise any data on the infiltrated device first.

Last year, a U.S. federal agency's Microsoft Internet Information Services web server was hacked by exploiting a critical. According to a joint advisory issued today by CISA, the FBI, and MS-ISAC, the attackers had access to the server between November 2022 and early January 2023 based on indicators of compromise found on the unnamed federal civilian executive branch agency's network.

ESET researchers have uncovered a compromise of an East Asian data loss prevention company. The attackers utilized at least three malware families during the intrusion, compromising both the internal update servers and third-party tools utilized by the company.

GSC Game World, the developer of the highly-anticipated 'STALKER 2: Heart of Chornobyl' game, warned their systems were breached, allowing threat actors to steal game assets during the attack. The Ukrainian game publisher says that a "Community from a Russian social network" was behind the attack and is blackmailing the company by threatening to release data for Stalker 2, which is expected to be released later this year.

An ongoing hacking campaign called 'Hiatus' targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and build a covert proxy network. DrayTek Vigor devices are business-class VPN routers used by small to medium-size organizations for remote connectivity to corporate networks.

American fast food chain Chick-fil-A has confirmed that customers' accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information. At the time, Chick-fil-A set up a support page with information on what customers should do if they detect suspicious activity on their accounts.

LastPass disclosed a breach in December where threat actors stole partially encrypted password vault data and customer information. "The threat actor was able to capture the employee's master password as it was entered, after the employee authenticated with MFA, and gain access to the DevOps engineer's LastPass corporate vault," reads a new security advisory published today.

On Android, Google offers its own authenticator app, unsurprisingly called Google Authenticator, that you can get from Google Play. Google's add-on app does the job of generating the needed one-time login code sequences, just like Apple's Settings > Passwords utility on iOS. But we're going to assume that at least some people, and possibly many, will perfectly reasonably have asked themselves, "What other authenticator apps are out there, so I don't have to put all my cybersecurity eggs into Apple's basket?".