Latest from Lorenzo Franceschi-Bicchierai
An international coalition of police agencies have resurrected the dark web site of the notorious LockBit ransomware gang, which they had seized earlier this year, teasing new revelations about the…
Security
UnitedHealthcare CEO says ‘maybe a third’ of US citizens were affected by recent hack
12:38 pm PDT • May 1, 2024
Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it’s still unclear how many Americans were impacted by the cyberattack. Last month, Andrew Witty,…
Security
UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack
8:15 am PDT • May 1, 2024
UnitedHealth Group Chief Executive Officer Andrew Witty told senators on Wednesday that the company has now enabled multi-factor authentication on all the company’s systems exposed to the internet in response…
Security
US fines telcos $200M for sharing customer location data without consent
8:13 am PDT • April 30, 2024
The U.S. Federal Communications Commission said on Monday that it is fining the four U.S. major wireless carriers around $200 million in total for “illegally” sharing and selling customers’ real-time…
Security
Ex-NSA hacker and ex-Apple researcher launch startup to protect Apple devices
5:05 am PDT • April 25, 2024
Two veteran security experts are launching a startup that aims to help other makers of cybersecurity products to up their game in protecting Apple devices. Their startup is called DoubleYou,…
Security
Apex Legends hacker says game developers patched exploit used on streamers
6:00 am PDT • April 18, 2024
Last month, a hacker wreaked havoc during an esports tournament of the popular shooter game Apex Legends, hacking two well-known streamers mid-game to make it look like they were using…
Security
A crypto wallet maker’s warning about an iMessage bug sounds like a false alarm
11:51 am PDT • April 16, 2024
A crypto wallet maker claimed this week that hackers may be targeting people with an iMessage “zero-day” exploit — but all signs point to an exaggerated threat, if not a…
Shakeeb Ahmed, a cybersecurity engineer convicted of stealing around $12 million in crypto, was sentenced on Friday to three years in prison. In a press release, the U.S. Attorney for…
Featured Article
How Ukraine’s cyber police fights back against Russia’s hackers
On February 24, 2022, Russian forces invaded Ukraine. Since then, life in the country has changed for everyone. For the Ukrainian forces who had to defend their country, for the regular citizens who had to withstand invading forces and constant shelling, and for the Cyberpolice of Ukraine, which had to…
7:52 am PDT • April 12, 2024
Ransomware gangs are increasingly calling up victim organizations to extort and intimidate rank-and-file employees.
Security
Hackers stole 340,000 Social Security numbers from government consulting firm
9:30 am PDT • April 8, 2024
U.S. consulting firm Greylock McKinnon Associates (GMA) disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers. The data breach was disclosed on Friday on…
Featured Article
Price of zero-day exploits rises as companies harden products against hackers
Tools that allow government hackers to break into iPhones and Android phones, popular software like the Chrome and Safari browsers, and chat apps like WhatsApp and iMessage, are now worth millions of dollars — and their price has multiplied in the last few years as these products get harder to…
8:00 am PDT • April 6, 2024
Security
Activision investigating password-stealing malware targeting game players
1:38 pm PDT • March 28, 2024
Video game giant Activision is investigating a hacking campaign that’s targeting players with the goal of stealing their credentials, TechCrunch has learned. At this point, the hackers’ specific goals —…
Security
Facebook snooped on users’ Snapchat traffic in secret project, documents reveal
2:05 pm PDT • March 26, 2024
In 2016, Facebook launched a secret project designed to intercept and decrypt the network traffic between people using Snapchat’s app and its servers. The goal was to understand users’ behavior…
Featured Article
Investors’ pledge to fight spyware undercut by past investments in US malware maker
On Monday, the Biden administration announced that six new countries had joined an international coalition to fight the proliferation of commercial spyware, sold by companies such as NSO Group or Intellexa. Now, some investors have announced that they too are committed to fighting spyware. But at least one of those…
6:47 am PDT • March 22, 2024
On Sunday, the world of video games was shaken by a hacking and cheating scandal. During a competitive esports tournament of Apex Legends, a free-to-play shooter video game played by…
The Pokémon Company said it detected hacking attempts against some of its users and reset those user account passwords. Last week, an alert was visible on Pokémon’s official support website…
On Sunday, two competitive esports players appeared to get hacked during a live-streamed game, prompting the organizers to postpone the tournament. Players were competing in the Apex Legends Global Series,…
Featured Article
Four things we learned when US intelligence chiefs testified to Congress
Cyberattacks, regional conflict, weapons of mass destruction, terrorism, commercial spyware, AI, misinformation, disinformation, deepfakes and TikTok. These are just some of the top perceived threats that the United States faces, according to the U.S. government’s intelligence agency’s latest global risk assessment. The unclassified report published Monday — sanitized for public…
3:20 pm PDT • March 11, 2024
Security
Spyware makers express concern after US sanctions spyware veteran
7:48 am PST • March 8, 2024
Earlier this week, the U.S. government announced sanctions against the founder of a controversial government spyware maker, Tal Dilian, and his business associate, Sara Aleksandra Fayssal Hamou. In announcing the…
Security
Russian spies keep hacking into Microsoft in ‘ongoing attack,’ company says
7:13 am PST • March 8, 2024
On Friday, Microsoft said Russian government hackers continue to break into its systems using information obtained during a hack last year. This time, the Russian hackers dubbed Midnight Blizzard have…
Security
US sanctions founder of spyware maker Intellexa for targeting Americans
7:30 am PST • March 5, 2024
The U.S. government announced Tuesday sanctions against the founder of the notorious spyware company Intellexa and one of his business partners. This is the first time the U.S. government has…
Featured Article
Elon Musk switched on X calling by default: Here’s how to switch it off
In his quest to turn a simple and functioning Twitter app into X, the everything app that doesn’t do anything very well, Elon Musk launched audio and video calling on X last week — and this new feature is switched on by default, it leaks your IP address to anyone…
3:40 pm PST • March 4, 2024
Security
A government watchdog hacked a US federal agency to stress-test its cloud security
10:10 am PST • February 29, 2024
A U.S. government watchdog stole more than 1GB of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior. The good news: The data was…
Security
Popular video doorbells can be easily hijacked, researchers find
3:05 am PST • February 29, 2024
Several internet-connected doorbell cameras have a security flaw that allows hackers to take over the camera by just holding down a button, among other issues, according to research by Consumer…
Featured Article
Spyware leak offers ‘first-of-its-kind’ look inside Chinese government hacking efforts
Over the weekend, someone posted a cache of files and documents apparently stolen from the Chinese government hacking contractor, I-Soon. This leak gives cybersecurity researchers and rival governments an unprecedented chance to look behind the curtain of Chinese government hacking operations facilitated by private contractors. Like the hack-and-leak operation that…
8:05 am PST • February 23, 2024
Featured Article
Spyware startup Variston is losing staff — some say it’s closing
In July 2022, someone sent Google a batch of malicious code that could be used to hack Chrome, Firefox, and PCs running Microsoft Defender. That code was part of an exploitation framework called Heliconia. And at the time, the exploits used to target those applications were zero-days, meaning the software…
12:05 pm PST • February 15, 2024
Security
Fertility tracker Glow fixes bug that exposed users’ personal data
7:05 am PST • February 13, 2024
A bug in the online forum for the fertility tracking app Glow exposed the personal data of around 25 million users, according to a security researcher. The bug exposed users’…
Security
Government hackers targeted iPhone owners with zero-days, Google says
5:13 am PST • February 6, 2024
Government hackers last year exploited three unknown vulnerabilities in Apple’s iPhone operating system to target victims with spyware developed by a European startup, according to Google. On Tuesday, Google’s Threat…
Security
Here is Apple’s official ‘jailbroken’ iPhone for security researchers
9:41 am PST • February 1, 2024
In 2019, Apple announced it would start sending some security researchers a “special” version of the iPhone designed to be used to find vulnerabilities, which could then be reported to…
