Security News
The Dutch police announced on Friday that they dismantled the Exclu encrypted communications platform after hacking into the service to monitor the activities of criminal organizations. In the Netherlands alone, the police searched 22 locations and arrested 11 individuals believed to be connected with the Exclu platform.
For the most part, this week has been relatively quiet regarding ransomware attacks and researcher - that is, until the FBI announced the disruption of the Hive ransomware operation. Hive ransomware launched in June 2021 and quickly became one of the most active and prominent ransomware operations.
Early in his career, Kevin Mitnick successfully hacked California law. The setup is that he just discovered that there's warrant for his arrest by the California Youth Authority, and he's trying to figure out if there's any way out of it.
CISA, the NSA, and MS-ISAC warned today in a joint advisory that attackers are increasingly using legitimate remote monitoring and management software for malicious purposes. More worryingly, CISA discovered malicious activity within the networks of multiple federal civilian executive branch agencies using the EINSTEIN intrusion detection system after the release of a Silent Push report in mid-October 2022.
A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that's been believed to be active since at least 2017. According to GoDaddy-owned Sucuri, the infections involve the injection of obfuscated JavaScript hosted on a malicious domain named "Track[.]violetlovelines[.]com" that's designed to redirect visitors to unwanted sites.
Riot Games, the video game developer and publisher behind League of Legends and Valorant, says it will delay game patches after its development environment was compromised last week. Riot Games also added that the breach directly impacted its ability to publish patches for its games.
T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming...
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the threat actors to access the data of 133 customers. MailChimp says the attackers gained access to employee credentials after conducting a social engineering attack on Mailchimp employees and contractors.
As opening paragraphs go, this one is pretty straightforward, and contains uncomplicated if potentially time-consuming advice: someone other than you probably knows your Norton account password; they may have been able to peek into your password manager as well; please change all passwords as soon as you can. In LastPass's case the stolen passwords weren't of direct and immediate use to the attackers, because each user's password vault was protected by a master password, which wasn't stored by LastPass and therefore wasn't stolen at the same time.
Cellebrite is an cyberweapons arms manufacturer that sells smartphone forensic software to governments around the world. Someone has released software and documentation from both companies.