Thomas Claburn reports: GitLab on Thursday issued security updates for three versions of GitLab Community Edition (CE) and Enterprise Edition (EE) software that address, among other flaws, a critical hard-coded password bug. The cloud-hosted software version control service released versions 14.9.2, 14.8.5, and 14.7.7 of its self-hosted CE and EE software, fixing one “critical” security…
Category: Commentaries and Analyses
Blockchains Have a ‘Bridge’ Problem, and Hackers Know It
Lily Hay Newman reports: This week, the cryptocurrency network Ronin disclosed a breach in which attackers made off with $540 million worth of Ethereum and USDC stablecoin. The incident, which is one of the biggest heists in the history of cryptocurrency, specifically siphoned funds from a service known as the Ronin Bridge. Successful attacks on “blockchain bridges” have…
Unmasking China’s State Hackers
Kim Zetter reports on Intrusion Truth, a group working to unmask China’s state hackers. Her report begins: In 2017, an anonymous person or group calling themselves Intrusion Truth launched a bold initiative — a blog devoted to uncovering and publicly exposing the real names of Chinese state hackers allegedly responsible for stealing billions of dollars worth of…
An Interview with AgainstTheWest
They are anonymous, but they are not Anonymous. Meet the individuals who are using their skills to take on the West’s enemies. Names can be misleading. When I first read about a group called “AgainstTheWest,” I assumed they were working against the west. But while threat actors from Russia, China, Belarus, and North Korea attack…
Monetary penalties issued to Spanish telecoms over failure to protect consumers from sim swapping
Last year the Spanish DPA tackled sim swapping cases and issued monetary penalties to four telecoms for failure to adequately protect the confidential information of consumers, resulting in loss of service to consumers, but also leaving them victims or potential victims of bank fraud. Four decisions have now been posted on the EDPB website. The…
Vietnamese bank accounts targeted by hackers
An article in VietnamNet has some findings about cybercrime in Vietnam and how work-from-home and COVID-19 have contributed to the increase in certain kinds of crime. Some of the findings reported in the article include: In 2021, the number of phishing cases increased by three times compared with 2020. As many as 2,739 phishing websites…