Security News

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach
2024-01-25 05:48

Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise's (HPE) cloud email environment to exfiltrate mailbox data. "The...

HPE joins the 'our executive email was hacked by Russia' club
2024-01-25 02:02

HPE has become the latest tech giant to admit it has been compromised by Russian operatives. HPE "Immediately activated our response process to investigate, contain, and remediate the incident, eradicating the activity."

Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024
2024-01-24 13:36

Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits. Synacktiv Team took home $100,000 after successfully chaining three zero-day bugs to get root permissions on a Tesla Modem.

SEC confirms X account was hacked in SIM swapping attack
2024-01-22 23:04

The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the cell phone number associated with the account. Today, the SEC has confirmed that a cell phone account associated with the X account suffered a SIM-swapping attack.

Malicious web redirect scripts stealth up to hide on hacked sites
2024-01-22 20:15

Security researchers looking at more than 10,000 scripts used by the Parrot traffic direction system noticed an evolution marked by optimizations that make malicious code stealthier against security mechanisms. The operators behind Parrot sell the traffic to threat actors, who use it on users visiting infected sites for profiling and redirecting relevant targets to malicious destinations such as phishing pages or locations that deliver malware.

Payoneer accounts in Argentina hacked in 2FA bypass attacks
2024-01-19 20:28

Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping. Starting last weekend, many Payoneer users in Argentina, whose accounts were protected by two-factor authentication, reported suddenly losing access to their accounts or simply logging in to empty wallets, losing "Years of work" worth in money ranging from $5,000 to $60,000.

Docker hosts hacked in ongoing website traffic theft scheme
2024-01-18 11:00

A new campaign targeting vulnerable Docker services deploys an XMRig miner and the 9hits viewer app on compromised hosts, allowing a dual monetization strategy. 9hits is a web traffic exchange platform where members can drive traffic to each others' sites.

Mandiant's X Account Was Hacked Using Brute-Force Attack
2024-01-11 06:10

The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group....

Mandiant's X account hacked by crypto Drainer-as-a-Service gang
2024-01-10 22:21

As Mandiant found during a follow-up investigation into the incident, the attacker used a wallet drainer dubbed CLINKSINK. This same drainer has been used since December to steal funds and tokens from users of Solana cryptocurrency as part of a large-scale campaign involving at least 35 affiliate IDs linked to a shared drainer-as-a-service. Since the start of the year, a massive wave of account breaches has impacted X users, with verified organizations getting hacked to spread cryptocurrency scams and links to wallet drainers.

SEC’s X account hacked to post fake news of Bitcoin ETF approval
2024-01-10 13:35

Someone has hijacked the X account of the US Securities and Exchange Commission, and posted an announcement saying the agency has decided to allow the listing of Bitcoin ETFs on registered national security exchanges. SEC X account hijacked, "Unauthorized tweet" posted.