The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity's Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets … [Read more...] about Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
hack
Potential consequences of Okta hack
Hackers belonging to the LAPSUS$ cybercrime group have published screenshots, allegedly taken from inside Okta’s information systems. If the claims are true, they have access not only to the company’s website, but also to a number of other internal systems, including quite critical ones. LAPSUS$ claims that they did not steal any data from the company itself, and that their … [Read more...] about Potential consequences of Okta hack
U.S. Arrests Two and Seizes $3.6 Billion Cryptocurrency Stolen in 2016 Bitfinex Hack
The U.S. Justice Department (DoJ) on Tuesday announced the arrest of a married couple in connection with conspiring to launder cryptocurrency worth $4.5 billion that was siphoned during the hack of the virtual currency exchange Bitfinex in 2016. Ilya Lichtenstein, 34, and his wife, Heather Morgan, 31, both of New York, are alleged to have "stolen funds through a labyrinth of … [Read more...] about U.S. Arrests Two and Seizes $3.6 Billion Cryptocurrency Stolen in 2016 Bitfinex Hack
Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat … [Read more...] about Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services
Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine. Tracked as CVE-2021-41556, the issue occurs when a game library referred to as … [Read more...] about Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services
North Korea Exploited VPN Flaw to Hack South’s Nuclear Research Institute
South Korea's state-run Korea Atomic Energy Research Institute (KAERI) on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart. The intrusion is said to have taken place on May 14 through a vulnerability in an unnamed virtual private network (VPN) vendor and involved a total of 13 IP addresses, one of which … [Read more...] about North Korea Exploited VPN Flaw to Hack South’s Nuclear Research Institute
Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers
India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System (PSS) provider SITA fell victim to a cyber attack earlier this year. The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of … [Read more...] about Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers
1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Them
Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, … [Read more...] about 1-Click Hack Found in Popular Desktop Apps — Check If You’re Using Them
Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad
Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and dissidents predominantly among Uyghurs from Xinjiang in China primarily living … [Read more...] about Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad
New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card
Cybersecurity researchers have disclosed a novel attack that could allow criminals to trick a point of sale terminal into transacting with a victim's Mastercard contactless card while believing it to be a Visa card. The research, published by a group of academics from the ETH Zurich, builds on a study detailed last September that delved into a PIN bypass attack, permitting bad … [Read more...] about New Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa Card