Dark Reading reports: Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information. The breach began with a phishing attack that had “some limited impact” on EWA email accounts, officials report in a notification letter. Their investigation determined an attacker broke into EWA email accounts…
Category: Business Sector
bZx Network Hacked for $55M
Vishal Chawla reports: bZx, a widely-used DeFi protocol, has lost $55 million to an unknown hacker who it claims gained illegitimate access to its private key. It is still not clear how the hackers carried out the attack. Read more on Crypto Briefing although not much is known at the time of this posting.
Cyberattack Hits Multiple Greek Shipping Firms
The Maritime Executive reports: Multiple Greek shipping companies have been hit by a ransomware attack that spread through the systems of a popular, well-established IT consulting firm, according to Greek outlet Mononews. Danaos Management Consultants, the IT service provider whose services were affected by the hack, confirmed the incident and. The company said that Danaos’…
CISA urges vendors to patch BrakTooth bugs after exploits release
Sergiu Gatlan reports: Researchers have released public exploit code and a proof of concept tool to test Bluetooth devices against System-on-a-Chip (SoC) security bugs impacting multiple vendors, including Intel, Qualcomm, Texas Instruments, and Cypress. Collectively known as BrakTooth, these 16 flaws impact commercial Bluetooth stacks on over 1,400 chipsets used in billions of devices such as…
US sanctions four companies selling hacking tools, including NSO Group & Candiru
Catalin Cimpanu reports: The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today. The four companies include Israel’s NSO Group and Candiru, Russian security firm Positive Technologies, and Singapore-based Computer Security Initiative Consultancy. Read more on The Record.
Alleged Twitter hacker charged with theft of $784K in crypto via SIM swaps
Lawrence Abrams reports that in an unsealed indictment in the Southern District of New York, the Department of Justice claimed that Joseph O’Connor, a/k/a “PlugwalkJoe,” and co-conspirators used SIM swaps to gain access to accounts for a Manhattan-based cryptocurrency company. Using this access, the alleged hackers stole $784,000 Bitcoin Cash, Litecoin, Ethereum, and Bitcoin from…