Security News

MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
2023-05-08 15:23

The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security firm Binarly, said in a tweet over the weekend.

MSI’s firmware, Intel Boot Guard private keys leaked
2023-05-08 11:25

The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company's private code signing keys on their dark web site. MSI is a corporation that develops and sells computers and computer hardware.

Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons
2023-03-31 01:24

An unidentified whistleblower has provided several media organizations with access to leaked documents from NTC Vulkan - a Moscow IT consultancy - that allegedly show how the firm supports Russia's military and intelligence agencies with cyber warfare tools. According to The Guardian, this latest whistleblower chose to distribute the secret Russian documents due to anger over Russia's bloody invasion of Ukraine and a desire to see the information reveal some of what is going on inside Russia.

Russian Cyberwarfare Documents Leaked
2023-03-30 22:00

Thousands of pages of secret documents reveal how Vulkan's engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet. The company's work is linked to the federal security service or FSB, the domestic spy agency; the operational and intelligence divisions of the armed forces, known as the GOU and GRU; and the SVR, Russia's foreign intelligence organisation.

Twitter takes down source code leaked online, hunts for downloaders
2023-03-27 14:55

Twitter has taken down internal source code for its platform and tools that was leaked on GitHub for months.On Friday, GitHub complied with a DMCA infringement notice issued by Twitter because the leak exposed proprietary source code and internal tools, which could pose a security risk to Twitter.

Hands on with Windows 11's new leaked File Explorer feature
2023-03-12 22:13

Microsoft is working on a new XAML-based gallery view for Windows 11 File Explorer. This new Gallery option can be accessed via the right sidebar of File Explorer, letting you view your pictures in one place.

Money Lover for Android & iOS leaked email addresses, transactions
2023-02-08 15:57

Money Lover is a finance app allowing users to manage their expenses and budgets that has been downloaded five million times on the Play Store, with the app also available for iOS and Windows. Money Lover allows users to create "Shared wallets" with specific users, like family members or coworkers, to log transactions to collaborate in expense logging and monitoring.

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
2023-01-16 10:09

Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency's Hive multi-platform malware suite, the source code of which was released by WikiLeaks in November 2017. "This is the first time we caught a variant of the CIA Hive attack kit in the wild, and we named it xdr33 based on its embedded Bot-side certificate CN=xdr33," Qihoo Netlab 360's Alex Turing and Hui Wang said in a technical write-up published last week.

Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System
2023-01-12 07:21

Twitter on Wednesday said that its investigation found "No evidence" that users' data sold online was obtained by exploiting any security vulnerabilities in its systems. "Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems," the company said in a statement.

Twitter claims leaked data of 200M users not stolen from its systems
2023-01-11 20:18

Twitter finally addressed reports that a dataset of email addresses linked to hundreds of millions of Twitter users was leaked and put up for sale online, saying that it found no evidence the data was obtained by exploiting a vulnerability in its systems. "In response to recent media reports of Twitter users' data being sold online, we conducted a thorough investigation and there is no evidence that data recently being sold was obtained by exploiting a vulnerability of Twitter systems," the company said.