Sicurezza

The SolarWinds Hackers Used Tactics Other Groups Will Copy

Pubblicato il

One of the most chilling aspects of Russia’s recent hacking spree—which breached numerous United States government agencies among other targets—was the successful use of a “supply chain attack” to gain tens of thousands of potential targets from a single compromise at the IT services firm SolarWinds. But this wasn’t the only striking feature of the […]

Sicurezza

Hackers Used Zero-Days to Infect Windows and Android Devices

Pubblicato il

Google researchers have detailed a sophisticated hacking operation that exploited vulnerabilities in Chrome and Windows to install malware on Android and Windows devices. Some of the exploits were zero-days, meaning they targeted vulnerabilities that at the time were unknown to Google, Microsoft, and most outside researchers. (Both companies have since patched the security flaws.) The […]

Sicurezza

The SolarWinds Hackers Shared Tricks With a Russian Spy Group

Pubblicato il

Ever since the December revelation that hackers breached the IT-management software firm SolarWinds, along with an untold number of its customers, Russia has been the prime suspect. But even as US officials have pinned the attack on the Kremlin with varying degrees of certainty, no technical evidence has been published to support those findings. Now […]

Sicurezza

Ticketmaster Pays Up for Hacking a Rival Company

Pubblicato il

Ticketmaster has agreed to pay a $10 million criminal fine after admitting its employees repeatedly used stolen passwords and other means to hack a rival ticket sales company. The fine, which is part of a deferred prosecution agreement Ticketmaster entered with federal prosecutors, resolves criminal charges filed last week in federal court in the Eastern […]

Sicurezza

The Most Dangerous People on the Internet in 2020

Pubblicato il

For many of us, 2020 has been a very dangerous year. Alongside the usual headline grabbers like wars, violent crime, and terrorism, we also faced more insidious, creeping threats: a pandemic that has claimed more than 300,000 American lives, and the lives of 1.5 million people worldwide, thanks in part to waves of viral lies […]

Sicurezza

Ransomware Is Headed Down a Dire Path

Pubblicato il

At the end of September, an emergency room technician in the United States gave WIRED a real-time account of what it was like inside their hospital as a ransomware attack raged. With their digital systems locked down by hackers, health care workers were forced onto backup paper systems. They were already straining to manage patients […]

Sicurezza

The Worst Hacks of 2020, a Surreal Pandemic Year

Pubblicato il

Attackers had full access—a nightmare security scenario that would be any nation-state hacker’s dream. Instead, the assault was simply part of a bitcoin scam that ended up netting about $120,000. In all, the scammers targeted 130 accounts and took control of 45. In a mad scramble to contain the situation, Twitter temporarily froze all verified […]

Sicurezza

A Massive Fraud Operation Stole Millions From Online Accounts

Pubblicato il

Researchers from IBM Trusteer say they’ve uncovered a massive fraud operation that used a network of mobile device emulators to drain millions of dollars from online bank accounts in a matter of days. The scale of the operation was unlike anything the researchers have seen before. In one case, crooks used about 20 emulators to […]

Sicurezza

How to Understand the Russia Hack Fallout

Pubblicato il

This means there are really three subgroups within the potential victims of these attacks: Orion users who installed the backdoor but were never otherwise exploited; victims who had some malicious activity on their networks, but who ultimately weren’t appealing targets for attackers; and victims who were actually deeply compromised because they held valuable data. “If […]

Sicurezza

Russia’s Hacking Frenzy Is a Reckoning

Pubblicato il

This week, several major United States government agencies—including the Departments of Homeland Security, Commerce, Treasury, and State—discovered that their digital systems had been breached by Russian hackers in a months-long espionage operation. The breadth and depth of the attacks will take months, if not longer, to fully understand. But it’s already clear that they represent […]