Tag Archives: hacking

Hackers spent 2+ years looting secrets of chipmaker NXP before being detected

reader comments 17 with A prolific espionage hacking group with ties to China spent over two years looting the corporate network of NXP, the Netherlands-based chipmaker whose silicon powers security-sensitive components found in smartphones, smartcards, and electric vehicles, a news outlet has reported. The intrusion, by a group tracked under names including “Chimera” and “G0114,”… Read More »

Okta hit by another breach, this one stealing employee data from 3rd-party vendor

Getty Images reader comments 25 with Identity and authentication management provider Okta has been hit by another breach, this one against a third-party vendor that allowed hackers to steal personal information for 5,000 Okta employees. The compromise was carried out in late September against Rightway Healthcare, a service Okta uses to support employees and their… Read More »

Microsoft profiles new threat group with unusual but effective practices

Enlarge / This is not what a hacker looks like. Except on hacker cosplay night. reader comments 4 with Microsoft has been tracking a threat group that stands out for its ability to cash in from data theft hacks that use broad social engineering attacks, painstaking research, and occasional physical threats. Unlike many ransomware attack… Read More »

Okta says hackers breached its support system and viewed customer files

reader comments 8 with Identity and authentication management provider Okta said hackers managed to view private customer information after gaining access to credentials to its customer support management system. “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases,” Okta Chief Security Officer David Bradbury said… Read More »

How China gets free intel on tech companies’ vulnerabilities

Wired staff; Getty Images reader comments 46 with For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they’re revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them in secret from the hacker gray… Read More »

Hacker gains admin control of Sourcegraph and gives free access to the masses

Getty Images reader comments 9 with An unknown hacker gained administrative control of Sourcegraph, an AI-driven service used by developers at Uber, Reddit, Dropbox, and other companies, and used it to provide free access to resources that normally would have required payment. In the process, the hacker(s) may have accessed personal information belonging to Sourcegraph… Read More »

Barracuda thought it drove 0-day hackers out of customers’ networks. It was wrong.

reader comments 31 with In late May, researchers drove out a team of China state hackers who over the previous seven months had exploited a critical vulnerability that gave them backdoors into the networks of a who’s who of sensitive organizations. Barracuda, the security vendor whose Email Security Gateway was being exploited, had deployed a… Read More »

Cybersecurity experts say the west has failed to learn lessons from Ukraine

Enlarge / Viktor Zhora from Ukraine’s information protection service, says cyber has become a major component of hybrid warfare. Dragonflypd.com/Black Hat reader comments 21 with Viktor Zhora, the public face of Ukraine’s success against Russian cyberattacks, received a hero’s welcome earlier this month on stage at Black Hat, the world’s biggest cybersecurity gathering, in Las… Read More »

Unlimited miles and nights: Vulnerability found in rewards programs

reader comments 17 with Travel rewards programs like those offered by airlines and hotels tout the specific perks of joining their club over others. Under the hood, though, the digital infrastructure for many of these programs—including Delta SkyMiles, United MileagePlus, Hilton Honors, and Marriott Bonvoy—is built on the same platform. The backend comes from the… Read More »

US senator blasts Microsoft for “negligent cybersecurity practices”

Getty Images reader comments 47 with A US senator is calling on the Justice Department to hold Microsoft responsible for “negligent cybersecurity practices” that enabled Chinese espionage hackers to steal hundreds of thousands of emails from cloud customers, including officials in the US Departments of State and Commerce. “Holding Microsoft responsible for its negligence will… Read More »