It's not often you see a new threat actor make an appearance, but these guys appear to be the real deal.

And that is quite a first hack, if it's legitimate.

#cybersecurity #databreach #israel

https://www.cyberdaily.au/security/11332-exclusive-anti-israel-hacker-claims-hack-on-ministry-of-national-security-posts-settler-ids-online

"At the end of October, Tor directory authorities, relay operators, and even the Tor Project sysadmin team received multiple abuse complaints from their providers about port scanning. These complaints were traced back to a coordinated IP spoofing attack, where an attacker spoofed non-exit relays and other Tor-related IPs to trigger abuse reports aimed at disrupting the Tor Project and the Tor network.

Thanks to a joint effort from the Tor community, InterSecLab, and the support of Andrew Morris and the team at GreyNoise, the origin of these spoofed packets was identified and shut down on November 7th, 2024.

We want to reassure everyone that this incident had no effect on Tor users. While the attack had a limited impact on the Tor network - taking a few relays offline temporarily - it caused unnecessary stress and inconvenience for many relay operators who had to address these complaints. Although this attack targeted our community, IP spoofing attacks can happen with any online service.

There's still work ahead: we need to support relay operators in getting their accounts reinstated and assist providers in unblocking IPs for Tor directory authorities."

https://blog.torproject.org/defending-tor-mitigating-IP-spoofing/

#Tor #CyberSecurity #Anonymity #Privacy #IPSpoofing

"The FBI is warning that hackers are obtaining private user information — including emails and phone numbers — from U.S.-based tech companies by compromising government and police email addresses to submit “emergency” data requests.

The FBI’s public notice filed this week is a rare admission from the federal government about the threat from fraudulent emergency data requests, a legal process designed to help police and federal authorities obtain information from companies to respond to immediate threats affecting someone’s life or property. The abuse of emergency data requests is not new, and has been widely reported in recent years. Now, the FBI warns that it saw an “uptick” around August in criminal posts online advertising access to or conducting fraudulent emergency data requests, and that it was going public for awareness.

“Cyber-criminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes,” reads the FBI’s advisory."

https://techcrunch.com/2024/11/08/fbi-says-hackers-are-sending-fraudulent-police-data-requests-to-tech-giants-to-steal-peoples-private-information/

#USA #CyberSecurity #FBI #Hacking #Privacy #DataProtection #DataBreaches

"Sweden and Norway are backpedalling on plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats, and concern for those unable to use them.

A combination of good high-speed internet coverage, high digital literacy rates, large rural populations and fast-growing fintech industries had put the Nordic neighbours on a fast track to a future without cash.

Swish, a mobile payment system that six banks launched in 2012, is ubiquitous in Sweden, from market stalls to coffee shops and clothes stores. The Norwegian equivalent, Vipps, which merged with Danish MobilePay in 2022 to form Vipps MobilePay, is also very popular. Last month, it also launched in Sweden."

#Sweden #Norway #CashlessSociety #Russia #CyberSecurity #Money #Banking

https://www.theguardian.com/world/2024/oct/30/sweden-and-norway-rethink-cashless-society-plans-over-russia-security-fears

"AT&T. Ticketmaster. Santander Bank. Neiman Marcus. Electronic Arts. These were not entirely isolated incidents. Instead, they were all hacked thanks to “infostealers,” a type of malware that is designed to pillage passwords and cookies stored in the victim’s browser. In turn, infostealers have given birth to a complex ecosystem that has been allowed to grow in the shadows and where criminals fulfill different roles. There are Russian malware coders continually updating their code; teams of professionals who use glitzy advertising to hire contractors to spread the malware across YouTube, TikTok, or GitHub; and English-speaking teenagers on the other side of the world who then use the harvested credentials to break into corporations. At the end of October, a collaboration of law enforcement agencies announced an operation against two of the world’s most prevalent stealers. But the market has been able to grow and mature so much that now law enforcement action against even one part of it is unlikely to make any lasting dent in the spread of infostealers.

Based on interviews with malware developers, hackers who use the stolen credentials, and a review of manuals that tell new recruits how to spread the malware, 404 Media has mapped out this industry. Its end result is that a download of an innocent-looking piece of software by a single person can lead to a data breach at a multibillion-dollar company, putting Google and other tech giants in an ever-escalating cat-and-mouse game with the malware developers to keep people and companies safe."

https://www.wired.com/story/inside-the-massive-crime-industry-thats-hacking-billion-dollar-companies/

#CyberSecurity #CyberCrime #Hacking #Malware #InfoStealers #DataBreaches

"A man in Canada who is suspected of being the hacker behind this year’s wave of Snowflake-related breaches has been arrested.

The news comes after months of high profile data breaches, including AT&T, Ticketmaster, and LendingTree. In all, the hacker, who uses the nicknames Judische and Waifu, is linked to more than 165 Snowflake instance breaches. The arrest also comes after 404 Media reported that the walls were closing in on the hacker, with cybersecurity researchers gathering valuable information on the suspect and coordinating with international law enforcement.

Messages sent by 404 Media to Judische over the last week have gone undelivered, with 404 Media last speaking to them on October 27. In mid-October, Judsiche told 404 Media they were worried that they would be arrested soon. “I've destroyed a lot of evidence and well poisoned the stuff I can't destroy so when/if it does happen it's just conspiracy which I can bond out and beat,” they claimed."

https://www.404media.co/suspected-snowflake-hacker-arrested-in-canada/

#CyberSecurity #DataBreaches #Hacking #CyberCrime #Snowflake #Canada

Autonomous LLM Eco-Terrorism Threat

https://sites.google.com/view/dan-tech-blog

@altbot
#LLM #tech #blog #ai #cybersecurity #phishing #perplexity #perplexityai

Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware

https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/

#technology #tech #web #blogging #security #cybersecurity #hacked #hackers #wordpress

Security News This Week: Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over

https://www.wired.com/story/russia-hackers-microsoft-source-code/

#technology #tech #hacked #hackers #microsoft #security #cybersecurity #datasecurity

Genetic testing firm 23andMe has suffered a data breach.

1 million data points exclusively about Ashkenazi Jews have been advertised for sale on a cybercrime forum. There's also information about hundreds of thousands of users of Chinese descent.

It appears to be a credential stuffing attack—where previously leaked logins and passwords from other sites are tried on 23andMe—with the attackers then scraping data from profiles

@lhn's story has all the details we know so far:
https://www.wired.com/story/23andme-credential-stuffing-data-stolen/ #cybersecurity #news #tech #23andme #infosec

These devices have NO security. If you know their IP address, you're in. #cybersecurity #privacy #iot