Signal, widely considered one of the most secure messaging platforms globally, was among the companies directly impacted by a phishing attack against Twilio earlier this month. Once attackers gained access to Twilio's customer support console, the phone numbers or verification codes used by about 1,900 users to verify Signal accounts via Twilio were revealed, according to an update published by Signal. READ MORE...
Threat analysts monitoring cyberattacks on Ukraine report that the operations of the notorious Russian state-backed hacking group 'Gamaredon' continue to heavily target the war-torn country. Gamaredon (aka Armageddon or Shuckworm) is a group of Russian hackers believed to be part of the 18th Center of Information Security of the FSB, Russia's Federal Security Service. READ MORE...
South Staffordshire Water, a company supplying 330 million liters of drinking water to 1.6 consumers daily, has issued a statement confirming IT disruption from a cyberattack. As the announcement explains, the safety and water distribution systems are still operational, so the disruption of the IT systems doesn't impact the supply of safe water to its customers or those of its subsidiaries, Cambridge Water and South Staffs Water. READ MORE...
In years past, a massive Windows exploit netted mass casualties, but here at Black Hat, talks turned toward other massive attack platforms like clouds and cars. Windows is no longer alone at the front of the pack, hackwise - it has company. It makes sense. If you can find a cloud exploit like one presented here on multi-tenant cloud platform database hacks, one user can slurp up data from another company with a few commands. That's not good. READ MORE...
Bootloaders present in a majority of computers made in the past 10 years are affected by Secure Boot bypass vulnerabilities, according to firmware security company Eclypsium. Secure Boot is a mechanism designed to protect a device's boot process from attacks, and bypassing it can allow an attacker to execute arbitrary code before the operating system loads. This can be useful for installing stealthy and persistent malware. READ MORE...
At DEF CON 30 on Saturday, an Australian who goes by the handle Sick Codes showed off a way to fully take control of some John Deere farming machine electronics to run first-person shooter Doom. With some rather-involved hardware hacking and the help of a New Zealand-based maker of Doom mods identified as Skelegant on Twitter, Sick Codes managed to get a corn-themed version of the 1993 classic computer game to run on a John Deere tractor display. READ MORE...