37c3 in Review: My favourite talks
The 37th edition of the Chaos Communication Congress (37c3) was held in Germany and was the first in person CCC event since the pandemic. The congress returns to the Congress Center Hamburg (CCH) in Hamburg after renovations, the event was originally held in Hamburg before moving to Leipzig for several years. Every year, hackers, artists, […]
Five Eyes using push notifications to spy on smartphone users
The office of Senator Ron Wyden received a tip that foreign governments including the Five eyes were using push notifications to spy on users. Once this information was received, an investigation was launched and a letter requesting more information that was sent to the Department of Justice: In the spring of 2022, my office received […]
Have I Been Pwned celebrates 10 year anniversary
Have I Been Pwned (HIBP), a free online service created by Troy Hunt that enables users to check if their email address has been exposed in a data breach, celebrated its 10th anniversary earlier this week. HIBP has enabled users to see which data breaches their email addresses have been present in and take proactive […]
NAFO goes after Truth Social
The North Atlantic Fella Organization (NAFO) is trying to take down Donald Trump’s Truth Social platform. NAFO is an online activist group founded to combat pro-Russia propaganda related to the invasion of Ukraine. Last month, the group turned its attention to Trump’s social network and launched a campaign to take over the trending topics section […]
Android 14 Bug Cripples Multiple User Profiles on Pixel Devices
Android 14 users beware! A critical bug is affecting devices running the new operating system, particularly those utilizing the “multiple profiles” feature. This bug renders devices practically unusable, locking users out of their own storage. The issue, likened to “ransomware” by some users, initially appeared limited to the Pixel 6 series. However, with the wider […]
First Kazakhstan APT group found
A new report from the Cisco Talos group this week, researchers detail how YoroTrooper, a cyberespionage group likely from Kazakhstan (based on language and currency use), has been active since June 2022 targeting governments in CIS countries. Despite obfuscating their origins through tactics like using Azerbaijani VPNs, they’ve compromised government websites and officials’ accounts. Their […]
MGM Resorts and Caesars hit by ransomware attack
MGM Resorts and Caesars have been hit by a cyberattack in which ransomware was deployed and has taken multiple of their systems offline across several hotels and casinos that they operate. The initial access tactic was social engineering which has prompted inquiries regarding past actions associated with malicious actors and the weak points they exploit. […]
Cybercrime wave driven by youth hacking group
In the last two years, many significant cybersecurity breaches share a common factor: a young, online community known for their bold attacks. At SentinelOne’s LABScon cyber threat conference, researchers highlighted an online group named “the Com,” which has become pivotal in the cybercrime world, notably in attacks on Las Vegas establishments that severely impacted several […]
Egyptian Presidential Candidate targeted with Predator spyware
In a report published by Citizen Lab, details have emerged how the presential candidate Ahmed Eltantawy has been targeted with predatory spyware made by Cytrox. The spyware was sent to Ahmed via SMS and WhatsApp after he announced his intention to run for president of Egypt. The report sheds light on how the candidate’s phone […]
International Criminal Court has been breached
With the number of regional conflicts increasing, it is worrying to see that the International Criminal Court has been victim of a cyber-attack. Potentially exposed information includes criminal evidence to names of protected witnesses. From Reuters: The ICC said it had detected unusual activity on its computer network at the end of last week, prompting […]