Law firm Williams & Connolly said state-sponsored hackers breached some of its systems and gained access to attorney email accounts. The prominent Washington, DC-based law firm is known for representing political figures and government officials, including Barack Obama and the Clintons, as well as major companies such as Intel, Samsung, Google, Disney, and Bank of America. The probe showed that the attack was likely the work of a state-sponsored hacker group. READ MORE...
Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company's Zendesk support system instance, including government IDs and partial payment information for some people. The company is also pushing back on claims that 2.1 million photos of government IDs were disclosed in the breach, stating that approximately 70,000 users had their government ID photos exposed. READ MORE...
The attackers who brute-forced their way into SonicWall's firewall cloud backup service accessed configuration backup files of all customers who have used the service, SonicWall stated on Wednesday, following the conclusion of a Mandiant-supported investigation into the incident. On September 17, SonicWall publicly confirmed the security incident and said that backup firewall preference files for fewer than 5% of its firewall install base had been accessed. READ MORE...
A pro-Russian hacktivist group called TwoNet pivoted in less than a year from launching distributed denial-of-service (DDoS) attacks to targeting critical infrastructure. Recently, the threat actor claimed an attack on a water treatment facility that turned out to be a realistic honeypot system set up by threat researchers specifically to observe adversaries' movements. The compromise revealed that the threat actor moved from initial access to disruptive action in about 26 hours. READ MORE...
A Vietnam-based threat group is targeting job seekers and digital marketing professionals with phishing emails that deliver malware designed for surveillance and data theft. The campaign, which researchers at Aryaka Threat Research Labs attributed to the group BatShadow, relies on zip archives containing lure PDFs and hidden malicious files that trigger installation of the malware once opened. Vampire Bot, as Aryaka is tracking the malware, supports features to profile compromised systems. READ MORE...
Chaos ransomware has gotten a significant facelift with an "aggressive" new variant that adds destructive tactics and clipboard hijacking for cryptocurrency theft, as well as other capabilities to bolster its operations for speed and effectiveness. Researchers from FortiGuard Labs have identified a new version of Chaos ransomware written in C++, the first not written in .NET, they revealed in a report published Wednesday. READ MORE...
If you think Apple's 'Find My' feature was just there to help you locate your phone when it slipped down the side of the couch, think again. It turns out this service also helps law enforcement capture criminals. The original "Find My iPhone" was introduced in 2010 as a feature on the iPhone. It was a separate service from "Find My Friends," which allows you to track the location of contacts who consent. Apple merged these in 2019 for iOS 13. READ MORE...
Legit Security has detailed a vulnerability in the GitHub Copilot Chat AI assistant that led to sensitive data leakage and full control over Copilot's responses. Combining a Content Security Policy (CSP) bypass with remote prompt injection, Legit Security's Omer Mayraz was able to leak AWS keys and zero-day bugs from private repositories, and influence the responses Copilot provided to other users. READ MORE...