Security News

Microsoft disclosed today that Iranian state-sponsored hackers successfully hacked into the email accounts of multiple high-profile individuals and potential attendees at this year's Munich Security Conference and the Think 20 summit. "The attacks were successful in compromising several victims, including former ambassadors and other senior policy experts who help shape global agendas and foreign policies in their respective countries," Tom Burt, Corporate Vice President for Customer Security & Trust at Microsoft said earlier today.

Donald Trump's Twitter password was easily guessed, and he still isn't using multi-factor authentication, claims a Dutch hacker who on Thursday bragged he broke into the President's account last week. Twitter was having none of it, though: the password guessing nor the link posting.

Dutch ethical hacker Victor Gevers claims it only took five attempts to guess the password to President Donald Trump's Twitter account - "Maga2020!". Twitter Safety & 2FA. Twitter said it is dubious about the report.

Over the past two weeks, Sam's Club has started sending automated password reset emails and security notifications to customers who were hacked in credential stuffing attacks. In emails sent out to Sam's Club members, and seen by BleepingComputer, the company is alerting members that an unauthorized party may have gained access to their accounts.

Hackers compromised mobile-based Asian food delivery service Chowbus, stole customer data, and emailed victims a link pointing to the stolen data. Information in the CSV files included names, email addresses, phone numbers, addresses, rates, and addresses for the Chowbus partner restaurants.

Dubbed WarezThe Remote, the attack allowed taking over the remote and snooping on conversations from at least 65 feet, making possible a "Van parked outside" scenario. Unlike regular remotes that use infrared, Comcast's XR11 relies on radiofrequency to communicate with cable set-top boxes and comes with a built-in microphone to allow voice commands.

The hospital chain Universal Health Services said Thursday that computer services at all 250 of its U.S. facilities were hobbled in last weekend's malware attack and efforts to restore hospital networks were continuing. Doctors and nurses at affected hospitals and clinics, many already burdened with coronavirus care, have had to rely on manual record-keeping, with lab work slowed.

NFL and NBA athletes whose social-media accounts were taken over have been thrown the ball of justice. Federal prosecutors alleged that between December 2017 and April 2019, Washington and Magrehbi actively took part in illegal schemes to gain access to social media and other personal online accounts of the players.

A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that's more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American social media firms, including LinkedIn, Dropbox, and now-defunct social-networking firm Formspring, and stole data on over 200 million users.

Threat actors are expected to spread false information regarding hacked voter information and voting systems, the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency say in an alert. At the time, the agencies noted that disinformation campaigns might leverage websites, social media, and other venues to disseminate false information about voter suppression, cyber-attacks on election infrastructure, fraud, and other issues.