Wow. Following a serious vulnerability disclosure affecting casinos globally, an executive of casino technology vendor Atrient has assaulted the security researcher who disclosed the vulnerability at the ICE conference in London. This is the story of a vulnerability disclosure gone bad, one involving the FBI, a vendor with a global customer base of casinos and…
Category: Of Note
Hackers targeted universities with phishing attacks
The FBI has published more about a case that was previously reported on this site (the DOJ’s press release at the time can be found here). Today, the FBI wrote: Two men who were citizens of Nigeria, living in Malaysia, and conducting their crimes from behind computers likely assumed they were safe from the reach…
Two hacker groups responsible for 60 percent of all publicly reported hacks
Catalin Cimpanu reports: Two hacker groups are behind 60% of all publicly reported cryptocurrency exchange hacks and are believed to have stolen around $1 billion worth of cryptocurrency, according to a report published last week by blockchain analysis firm Chainalysis. “On average, the hacks we traced from the two prominent hacking groups stole $90 million…
Russian Darknet Forum Selling Access to U.S. News Sites
M.H.n reports: Sixgill, an Israeli threat intelligence company, recently revealed that a Russian-language darknet forum has been selling access to the content management systems of a variety of news sites. According to the company, the illicit trade has been going on since October 2018. One bundle that the darknet website offered contained logins to 1,425…
‘Inherently invasive’: FBI counter-hacking operations raise red flags over privacy
Jeff Mordock reports: To catch a hacker, sometimes you have to be a hacker. But when it’s the FBI doing the hacking, civil liberties groups get worried. The agency’s revelation this week that it joined a computer botnet attack piggybacking on the malware’s signal to track its activities has raised new questions about what is…
Security firm identifies hacker behind Collection 1 leak, as Collection 2-5 become public
Catalin Cimpanu reports: The threat intel team at Recorded Future, a US-based cyber-security firm, claims to have identified the hacker who assembled and then sold a massive collection of email addresses and passwords known as Collection #1. The company’s experts believe a hacker going online by the pseudonym of “C0rpz” is the person who rigorously…