A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. The direction of SafeBreach researcher Alon Leviev's probing was inspired by the BlackLotus UEFI bootkit, which was able to bypass the UEFI Secure Boot by exploiting a vulnerability, as well as disable Windows security mechanisms (e.g., BitLocker, HVCI, and Windows Defender) and persist on compromised machines. READ MORE...
Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH and 2 million USDC, totaling $12 million. This figure corresponds to the maximum amount of ETH and USDC that can be withdrawn from the bridge via a single transaction, so this critical security measure prevented the theft of potentially astronomical figures. READ MORE...
American building security giant ADT confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum. ADT is a public American company that specializes in security and smart home solutions for residential and small business customers. The firm employs 14,300 people, has an annual revenue of $4.98 billion, and serves approximately 6 million customers across 200 locations in the United States. READ MORE...
In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade's social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of that piece, a 22-year-old Kentucky man, is now brazenly suing his financial institution after it blocked a $75,000 wire transfer and froze his account, citing an active law enforcement investigation. READ MORE...
State-sponsored cyber spies and criminals are increasingly using legitimate cloud services to attack their victims, according to Symantec's threat hunters who have spotted three such operations over recent months, plus new data theft and other malware tools in development by these goons. The security firm's Marc Elias discussed the different groups, and their favorite cloud platforms, during a Wednesday talk at the Black Hat infosec conference. READ MORE...
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new vulnerability affecting a popular CPU that is based on the RISC-V architecture. RISC-V is an open source instruction set architecture (ISA) designed for developing custom processors for various types of applications, including embedded systems, microcontrollers, data centers, and high-performance computers. READ MORE...
Researchers at cybersecurity firm Bitdefender claim to have found serious vulnerabilities in widely used solar power systems, potentially enabling attackers to cause disruption and blackouts. The researchers analyzed photovoltaic system management platforms provided by Chinese companies Solarman and Deye, which, according to Bitdefender, are used to operate millions of solar installations worldwide, generating 195 GW, or roughly 20% of the global solar power production. READ MORE...