KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. READ MORE...
Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. Cryptomining gangs are a constant threat to poorly secured or misconfigured Docker systems, with multiple mass-exploitation campaigns reported in recent years. LemonDuck, in particular, was previously focusing on exploiting vulnerable Microsoft Exchange servers. READ MORE...
"When we found the No. 10 case, my jaw dropped." John Scott-Railton recalled after finding out on July 7, 2020 that Pegasus, the highly sophisticated flagship spyware of Israel's NSO Group, was used to infect a phone linked to the network at 10 Downing Street, the UK Prime Minister's home and office. For years, the Citizen Lab, a specialized research group based at the University of Toronto, has been investigating Pegasus and its misuse by governments who bought the spyware from NSO. READ MORE...
Security researchers said they uncovered a vulnerability that could have allowed hackers to commandeer millions of Android devices equipped with mobile chipsets made by Qualcomm and MediaTek. The vulnerability resided in ALAC-short for Apple Lossless Audio Codec and also known as Apple Lossless-which is an audio format introduced by Apple in 2004 to deliver lossless audio over the Internet. READ MORE...