Ben Lovejoy reports: Twitter GodMode – an internal tool that hackers used to tweet from high-profile accounts, including Apple, back in 2020 – remains available to all of the company’s engineers, according to a new report today. […] The Washington Post reports that a whistleblower reported this to Congress back in October, and it has now been shared…
Category: Of Note
LastPass owner GoTo says hackers stole customers’ backups
Carly Page reports: LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems. The breach was first confirmed by LastPass on November 30. At the time, LastPass chief executive Karim Toubba said an “unauthorized party” had gained access to some customers’ information stored in a third-party…
Data Breach Reporting Requirements: A Proposed Rule by the Federal Communications Commission on 01/23/2023
This document has a comment period that ends in 29 days. (02/22/2023) AGENCY: Federal Communications Commission. ACTION: Proposed rule. SUMMARY: In this document, the Federal Communications Commission (Commission) begins the process to update and strengthen its data breach rule to provide greater protections to the public. We propose to expand the Commission’s definition of “breach”…
North Korea-linked hackers behind $100 million crypto heist, FBI says
Arjun Kharpal reports: North Korean-linked actors were behind the theft of $100 million through the hack of a crypto product last year, the Federal Bureau of Investigation said. The FBI said it was “able to confirm” that Lazarus Group and APT38, two hacking groups linked to Pyongyang, were responsible for the attack on the so-called Horizon…
TSA ‘no fly’ list leaked after being found on unsecured airline server
Chris Pandolfo reports: The Swiss hacker known as “maia arson crimew” blogged Thursday that she discovered the Transportation Security Administration “no fly” list from 2019 and a trove of data belonging to CommuteAir on an unsecured Amazon Web Services cloud server used by the airline. The hacker told The Daily Dot the list appeared to have more…
Ransomware Revenue Falls by 40% as Majority of Victims Refuse to Pay
Abdul Karim Abdulwahab reports: The illegal revenue accruing to crypto criminals from ransomware exploits declined in 2022 as more victims refused to pay, according to recent data published by market intelligence firm, Chainalysis. The report noted that Ransomware attackers could only extort $456 million from victims in 2022 after stealing nearly twice that value in…