Metacurity

Home
Notes
Best Long Reads of the Week -…
Archive
About

Sitemap - 2021 - Metacurity

Polygon Paid Two White Hat Hackers $3.46 Million Bounties For Discovering Critical Flaw

Chinese Hacking Group Used Log4j Vulnerability to Target Large Academic Institution

LastPass Confirms Credential Stuffing Attempts But Says No Accounts Have Been Compromised

LastPass Users Report Mysterious Blocked Logins That Use Master Login Passwords

Conti Ransomware Gang Attacked Shutterfly, Thousands of Devices, Machines Encrypted

Five Eyes Intelligence Partners Issue Guidance on Risks of Log4j Exploits

NSO Group's Spyware Used By UAE Against Jamal Khashoggi's Wife and By Uganda Against U.S. Diplomats

Justice Department Extradites Kremlin-Linked Hacker Accused of Stealing Earnings Information

CISA Issues Emergency Directive as Third Log4j Bug and New Attack Vector Emerge

Facebook Tells 50,000 Users They Have Been Targets of Cyber Mercenaries

Real-World Impacts of Log4j Vulnerability Emerge in Ransomware Delivery, Attempted Use by Iranian Threat Group

Hackers Linked to China, Iran Seek to Exploit the Log4Shell Vulnerability

Chronic Log4Shell Problems Will Likely Last for Years

Ransomware Attacks Are Likely Imminent As Admins, Cybersecurity Pros Scramble to Address Log4Shell Vulnerability

Serious Code Execution Bug for Log4j Poised to Affect Wide Range of Enterprises

Chinese Hackers Targeted Military, Civilian Organizations in Southeast Asia

Google Sues Two Russian Nationals for Their Role in Creating Login-Stealing Glupteba Botnet

Russia's Nobelium Threat Group Continues to Target Governments and Enterprises Worldwide

Cyber Command Admits Military Has Taken Action Against Ransomware Operators

Hackers Stole $120 Million in Currency From DeFi Platform Badger

Chinese Hacking Campaign Breached Four More U.S. Defense Firms, Scope Reaches 600 U.S. Systems

FBI Seizes $2.3 Million in Bitcoin From REvil and GandCrab Affiliate

Finland Battles Flood of Malicious Text Messages

Sanctioned Iranian Airline Claims It Thwarted a Cyberattack

DOJ Indicts Two Iranian Men for a Bold Hacking and Disinformation Campaign Prior to the 2020 Presidential Campaign

U.S., UK, and Australian Security Authorities Warn of Malicious Cyber Activity by Iran

Belarus, Not Russia, Is Behind Anti-NATO Information Ops Mandiant Says

Emotet is Back and Possibly Poised to Fuel Major Ransomware Operations

A Hacker Sent Thousands of Fake Emails From FBI System Warning of a Cyberattack

Hackers Used macOS Zero-Day Against Hong Kong Users in Watering Hole Attacks

Hackers' Breach of Australian Regional Water Supplier Went Undetected for Nine Months

Thirteen Flaws That Could Crash Anesthesia Machines, Patient Monitors Discovered

REvil Gang Members Arrested and Charged, $6 Million Recovered in Sweeping U.S. Actions to Knock Back Ransomware Attackers

Suspected Foreign Hackers Breached Nine Organizations in Ongoing Espionage Campaign

State Department Offers $10 Million Bounty for Location of DarkSide Gang Leaders

Commerce Department Sanctions Spyware Company NSO Group, Three Other Foreign Firms

CISA Orders Federal Agencies to Patch Nearly 300 Flaws Under Wide-Ranging Directive

Virtually All Code Is Vulnerable to Insidious Attack Due to Trojan Source Vulnerability, Researchers

Iran Says U.S. and Israel Are Behind Last Week's Cyberattack Against Gas Stations

German Authorities Reportedly Identify Russian Man as Prominent Player in REvil Ransomware Gang

Russia-Connected Grief Group Hits NRA With Ransomware Attack

Coordinated Law Enforcement Operation Busts 150 Darknet Forum Buyers and Sellers

Iranian Gas Stations Reportedly Struck by Damaging Cyberattack

Russia Has Launched a Broad Espionage Campaign Targeting Cloud Services

FBI, Cyber Command, Secret Service and Allies Hacked and Forced Ransomware Group REvil Offline

Evil Corp. Used New Macaw Malware in Sinclair Broadcasting Attack, Sources

Subscriber Bonus Post: Venture Spending in Cybersecurity Accelerated to $13.9 Billion for First Three Quarters of 2021

Commerce Department Rule Seeks to Bar Sales of Hacking Software, Gear to Repressive Regimes

Feds Issue BlackMatter Ransomware Warning

Sinclair TV Stations Taken Down in Ransomware Attack

Missouri Governor Seeks to Prosecute Journalist for Responsibly Reporting Flaw in State's Website

Flaw Could Have Allowed Bitcoin Theft Using Poisoned NFT Art

White House Ransomware Summit Excludes Russia, China

Iran-Linked Threat Actors Are Targeting Office 365 Tenants of U.S., Israeli Defense Technology Companies in Password Spraying Attacks

Former DoD Chief Software Officer Says U.S. Failure to Respond to Chinese Cyber, Other Threats Means We Have 'No Fighting Chance'

Twitch Says No Password, Payment Card Data Were Leaked in Breach, Blames Attack on Configuration Error

New TSA Cybersecurity Directives Coming for Rail, Aviation Organizations

Hacker Leaks the Entirety of Video Gaming Giant Twitch, Including Platform Source Code

Hackers Had Years-Long Access to Potentially Billions of Text Messages Processed for Top Carriers

Ukraine Police Arrest Ransomware Gang Members Responsible for More Than 100 Attacks

Mother Sues Alabama Hospital for Baby's Death During Ransomware Attack

Flaw in iPhone Allows Bad Actors to Make Payments With Visa Card From Locked Devices

Massive Hack Shows Right-Wing Health Care Providers Pocketed Millions Selling Ineffective COVID-19 Treatments

Apple Apologizes for Ignoring Zero Day Reports

EU Accuses Russian State Hackers of Meddling With Member States' Elections, Political Systems

Foreign-Backed Hackers Breached Port of Houston's Computer Networks

FBI, NSA, and CISA Warn Organizations to Watch Out for Conti Ransomware

Treasury Department Urges Ransomware Victims to Work With the Feds, Sanctions Russian-Owned Suex Cryptocurrency Exchange for Facilitating Ransom Payments

Russia-Linked BlackMatter Gang Demands $5.9 Million in Ransom From Iowa Grain Cooperative

Biden Administration Expected to Sanction Exchanges That Facilitate Ransomware Payments

Master Decryptor for REvil Operation Released

Microsoft to Let Users Go Passwordless

Former U.S. Intelligence Operatives Who Were Cyber Spies for UAE Fined for Violating U.S. Law

Chrome Issues Eleven Security Fixes, Including Two for Zero Day Flaws Exploited in the Wild

Special Report: Apple Issues Emergency Updates After Citizen Lab Discovers Zero-Day, Zero-Click Exploit Against iMessage

Olympus Is Recovering From a Reported Ransomware Attack

Corporate Execs Fear SEC's SolarWinds Probe Will Expose Unreported Cybersecurity Incidents

Microsoft Warns Customers of Azure Flaw That Could Give Malicious Actors Access to Data

Microsoft Warns of New Zero-Day Exploited in Real-World Attacks

Cyber Command Issues Rare Warning to Patch Atlassian Confluence Critical Flaw

Apple Postpones Launch of Controversial CSAM Photo Scanning Program

FTC Bans SpyFone From Surveillance Business Due to Secret Data Harvesting Allegations

Feds Warn of Potential Ransomware Attacks Over Labor Day Weekend

SEC Fines Three Firms for Inadequate Cybersecurity Practices That Allowed Email Account Takeovers

T-Mobile Apologizes, Hires Mandiant and KPMG in Wake of Fifth Data Breach in Five Years

Microsoft Warns That Azure Cosmos Flaw Can Let Intruders Alter Main Databases

Tech Titans Pledge At Least $30 Billion to Improve Cybersecurity

White House to Release New Cybersecurity Initiatives Following CEOs Meeting

'Mr. White Hat' Returned All Funds Stolen From Poly Network

CISA Issues Urgent Warning About ProxyShell Vulnerabilities

FCC Will Probe T-Mobile's Massive Data Breach

T-Mobile Confirms Hackers Got Social Security Numbers

CISA Warns of BadAlloc Flaw in Blackberry System That Could Allow Malicious Actors to Take Over Sensitive OT Infrastructure, Medical Devices

T-Mobile Confirms Hackers Gained Access to Its System

Hackers Are Purportedly Selling Personal Data of 100 Million T-Mobile Customers

Apple Employees Complain About Scanning User Photos for Child Sexual Abuse Material

Hackers Hand Over Nearly Half of the $600+ Million They Stole From Poly Network

DeFi Poly Network Claims Hacker Stole $611 Million, Asks for Funds to Be Returned

Apple Promises It Won’t Accede to Government Demands for Expanded Access To Photos

Fears Arise Over Apple's New Program to Hunt for Child Sexual Abuse Material

CISA Launches Joint Cyber Defense Collaborative to Improve Planning, Information-Sharing

Cybersecurity Pros Question White House Adviser's Reliance on Ransomware Gang's Promise to Not Attack Critical Infrastructure

NYU Researchers Decry Facebook's Decision to Disable Their Accounts, Cut Them Off From Essential Tools

Three Chinese Groups Hacked At Least Five Telecom Providers Since 2017

Zoom to Pay $85 Millon in Zoombombing Settlement

NSO Group Reportedly Blocks Government Clients While It Investigates Misuse

South African Ports Restored After Ransomware Attack, 'Hello Kitty' Malware Blamed

Biden Warns That Cyberattacks Could Lead to Kinetic Warfare

Purported Files from Iran's Offensive Cyber Unit Point to Future Cyberattacks

WhatsApp CEO Says Government Officials Were Targeted by NSO Group

Kaseya Got Decryption Key From 'Trusted Third-Party'

Suspect in Major Twitter Hacker Arrested in Spain

Chinese Hackers Compromised Thirteen U.S. Pipeline Operators Nearly a Decade Ago

TSA Releases Second Cybersecurity Directive for Pipeline Companies

U.S., EU, and NATO Condemn China's Cyber Aggression While the U.S Indicts Chinese Officials and Releases Advisories

Special Report: NSO's Group Pegasus Spyware Widely Used Against Journalists, Activists, and Others Around the Globe

Secretive Israeli Spyware Company Masquerades as Advocacy Groups, Media Companies

State Department to Pay $10 Million for State-Sanctioned Malicious Cyber Actor Identification

Three Theories Explain Why the REvil Gang Went Dark

Jen Easterly Confirmed as Head of CISA

Biden Says U.S. Will Take 'Any Necessary Action' to Defend U.S. Against Ransomware Attacks

Morgan Stanley Was Compromised in Accellion Breach

Microsoft's PrintNightmare Patch Fails to Fully Fix the Problem

Russia's Cozy Bear Threat Group Reportedly Accessed RNC Data Through Third Party Breach

Kaseya Says That Fewer Than 1,500 Businesses Impacted by Ransomware Attack

Special Report on Kaseya Incident: REvil Gang Asks for $70 Million to Publish Universal Decryptor, White House Reaches Out to Victims

Special Report: Coordinated REvil Ransomware Supply Chain Attack Affects Potentially Thousands of Organizations Globally

Russia's GRU Is Trying to Launch Brute-Force Attacks Around the World in Ongoing Campaign

PoC for PrintNightmare RCE Bug Published on Github, No Effective Patch Available

A Second, Zero-Day Bug Allowed Hackers to Wipe Out Western Digital My Books

Top Pentagon Cybersecurity Official Placed on Leave Due to Unauthorized Disclosure

Microsoft Discovers New Attacks by SolarWinds Group, Including One Against Its Own Agent

Mysterious Threat Actor Wipes Files From Western Digital's MyBook NAS Devices

Controversial Antivirus Pioneer John McAfee Commits Suicide in Spanish Prison

French Surveillance Firm Executives Charged with Aiding Torture by Selling to Oppressive Regimes

CISA Says Victims of SolarWinds Hack Could Have Configured Firewalls to 'Neutralize' Malware

38,000 Fertility Clinic Patients' Data Stolen in Ransomware Attack

Draft Bill Would Mandate Breach Notifications Within 24 Hours of Incident

Biden Told Putin That 16 Critical Infrastructure Sectors Are Off-Limits to Cyber Intrusions

Cl0p Ransomware Gang Busted Up in Ukraine

Former NSA Contractor Reality Winner Released From Prison

Power Provider in Puerto Rico Hit With DDoS Attack Right Before Unexplained Fire

Hackers Stole Source Code, Wealth of Internal Tools from Gaming Giant Electronics Arts

JBS Admits Paying $11 Million to REvil Ransomware Attackers

U.S. Charges Workers at Fake Comms Network That Was Created by FBI for Sting Operation

Operation Trojan Shield Ensnared Cybercrime Rings Across 16 Countries

Special Report: Feds Step Up Ransomware Fight by Seizing DarkSide Hackers' Bitcoin

Compromised Password, Lack of Two Factor Authentication Led to Colonial Pipeline Attack, Mandiant

U.S. Elevates Ransomware Attacks to Priority Level on Par With Terrorism

White House Urges Business Leaders to Lower Ransomware Risks

JBS Says Most Meat Processing Will Resume Today Following Ransomware Attack

World's Largest Meat Processor Hit with Apparent Ransomware Attack

SolarWinds Actors Are Back With New Hack Affecting 3,000 Email Accounts and 150 Agencies

TSA's New Pipeline Cybersecurity Directive Mandates Hack Incident Reports

TSA to Issue Cybersecurity Rules for Pipeline Companies

macOS Update Fixes Flaw That Threat Actors Can Exploit to Record Video or Access Files

Air India Data Breach Exposes 4.5 Million Customers' Data

CNA Financial Paid $40 Million in Ransom to Group It Calls Phoenix

Colonial Pipeline CEO Admits Paying $4.4 Million to Darkside Ransomware Attackers

Darkside Ransomware Operators Made Estimated $90 Million Over Past Nine Months

Apple Cedes Control Over Chinese Customers' Data to Beijing, Supports Large-Scale Government Censorship, Report

Darkside Gang Goes Dark While Other Gangs Retrench; Hacking Forums Ban Ransomware Ads

Ireland's Healthcare System Hit by a 'Significant' Ransomware Attack

Special Report: Biden Won't Rule Out Retaliatory Strike Against Colonial Pipeline Attackers

Colonial Pipeline Reportedly Paid DarkSide Attackers $5 Million to Decrypt Files

Special Report: Colonial Pipeline Crisis Winds Down as White House Releases Comprehensive Executive Order

Babuk Gang Starts Releasing Sensitive DC Police Files After Ransom Demand Not Met

Colonial Pipeline Special Report Number Three: FireEye Releases Report as Gas Hoarding Escalates

US, Australian Authorities Warn of Avaddon Ransomware Wave of Attacks

Colonial Pipeline Special Report Day Two: FBI Confirms DarkSide as Attackers, Biden Says Russia Has Some Responsibility to 'Deal With This'

Security Researcher Successfully Hacked Apple's Just-Released AirTag

Special Report: Colonial Pipeline Ransomware Attack Prompts Emergency Waiver

Ethical Hackers Find Many Unsecured Entry Points at U.S. Particle Physics and Accelerator Lab

iPhone Exploits Developed at Chinese Hacking Competition Used Against Uyghur People

Belgium Government's IT Network Knocked Offline by DDoS Attack

Iran's IRGC Linked to State-Sponsored Ransomware Campaign

Purported State-Backed Iranian Ransomware Attack Strikes H&M Israel

Feds Dig Into Third Supply Chain Hack of the Year With Pulse Connect Secure VPN's Flaws

Task Force Proposes 48 Recommendations to Eliminate Ransomware

FBI Shares 4.3 Million EMail Addresses Obtained During Emotet Takedown With HaveIBeenPwned

DC Police Department Becomes Latest Law Enforcement Arm Struck by Ransomware Attack

Australian Firm Behind Passwordstate Compromised in Supply Chain Attack

Metacurity Special Edition: Renowned Hacker Dan Kaminsky Dies at 42

A New Threat Actor is Exploiting Pulse Secure VPN and SolarWinds Orion Vulnerabilities to Install Credential-Stealing Malware

Signal Founder Delivers Dirt on Dodgy Phone Hacking Company Cellebrite's Security Flaws

White House Unveils 100-Day Sprint to Better Power Grid Security

Codecov Supply Chain Hack Worse Than Initially Estimated

Code Testing Firm Codecov Suffered Major Data Breach

Cryptocurrency Platform Celsius Breached, Customers Hit With Phishing Attacks

Special Edition: Summary of Biden Administration's Actions Related to SolarWinds

Corrected: Admin Aims Series of Punitive Acts Against Russia for SolarWinds, Officially Attributes Hack to SVR

Microsoft, Feds Urge Admins to Implement Patches, Including Four for More Exchange Flaws Discovered by NSA

Former NSA Officials Round Out White House Cybersecurity Leadership Roster

Cyberattack Attributed to Israel's Mossad Took Down Power Grid at Iran's Natanz Nuclear Facility

Nation-State Cybersecurity Incidents Doubled Between 2017 and 2020

New Ransomware Strain Exploiting Fortinet VPN Flaw Shut Down Two Factories in Europe

Facebook Says Previously Undisclosed Theft of 533 Million Users' Data Was Scraping, Not Breach

Apple Readies Its App Tracking Transparency Pop-Up

Over 500 Million Facebook Users' Personal Data Dumped on Hacker Forum

Ubiquiti Cops To Extortion Attempt but Is Mum on Other Whistleblower Claims

Draft Biden Executive Order Requires Fed Contractors to Issue Swift Breach Notifications, Sources

Russian Hackers Stole Thousands of Emails From the State Department

Indian Digital Payments Company MobiKwik Sharply Denies Data Breach

SolarWinds Hackers Gained Access to Emails of DHS Chief, Cybersecurity Staff: Report

White House Order Mandating Software Breach Notifications Could Come Next Week

Facebook Took Down Chinese Group Accounts Used to Hack, Spy on Uyghurs

Black Kingdom Ransomware Is Attacking Vulnerable Microsoft Exchange Servers

Around 92% of Exchange Servers Have Been Patched for ProxyLogon Vulns in Record Time

REvil Ransomware Attackers Demand $50 Million from Acer

Newly Discovered XcodeSpy Malware Targets iOS Devs

Mimecast Confirms SolarWinds Hackers Stole Code

More Adversaries Targeted 2020 Elections But Hacking Took a Backseat to Other Interference Methods

Microsoft Release One-Click Mitigation Tool for ProxyLogon Vulnerabilities

Biden Administration Seeks to Overhaul Nation's Cyberdefenses in Light of Recent Failures

GitHub Slammed by Researchers for Yanking PoC on Exchange ProxyLogon Vulnerabilities

At Least Ten Hacking Groups Have Exploited Exchange Vulnerabilities

Collective Hacked Into Live Feeds of 150,000 Surveillance Cameras

Microsoft Delayed Patches for Exchange Flaws by Two Months

McAfee Indicted on Cryptocurrency Fraud Charges

Special Report: Administration Reportedly Plans Retaliatory Cyber Strike Against Russia While Grappling With China's Microsoft Exchange Hack

Special Report: Microsoft Exchange Breach Is a 'Crazy Huge Hack' Reaching Into 30,000-Plus Organizations

Microsoft and FireEye Spell Out New Malware Strains Tied to SolarWinds Actor

CISA Issues Emergency Directive on Actively Exploited Microsoft Exchange Vulnerabilities

Chinese State-Sponsored Hacking Group Used Four Zero-Days to Hack Exchange Servers

Myanmar's Military Regime Uses Banned Spyware Against Citizens

Chinese Hacking Group Might Have Shut Down Power Grid in Mumbai

Lawmakers Grow Frustrated With Amazon's Silence on SolarWinds Hack

Biden Orders Supply Chain Risk Reviews

Senate SolarWinds Hearing: Software Updates Should Be Off the Table for Adversary Hacks

China's APT 31 Repurposed NSA Hacking Tool Before Shadow Brokers Leak

Clubhouse Security Woes Mount Following New Data Breaches

Microsoft Says SolarWinds Hackers Downloaded 'Small Subset' of Azure, Intune, and Exchange Source Code

DOJ Charges North Korean Hackers for $1.3 Billion Conspiracy to Steal and Extortion Schemes

LastPass Limits Functionality of Its Free Tier

Sandworm-Linked Hackers Have Targeted French Firms via Centreon IT Monitoring Tool

President Day's Special Issue: Egregor Members Busted in Ukraine

Swift, Strong Denials Dog Second Bloomberg Story on China's Exploitation of Supermicro

Oldsmar Water Treatment Facility Used Windows 7, Had No Firewall and Shared Single TeamViewer Password Among Employees

North Korea's Lazarus Group Was Responsible for Half of Cryptocurrency Thefts in 2020

Cops in Ukraine Carry Out Raids, Arrest Suspect Connected to One of 'World's Largest Phishing Services'

Special Report: Hacker Intrusion of Florida Treatment Facility Attempted to Raise Levels of Caustic Lye in Water Supply

Third Chrome Security Problem Revealed in a Week

Facebook, Instagram, TikTok, and Twitter Disable Hundreds of Prized User Accounts That Were Stolen

SolarWinds Hackers May Have Been Lurking in Company's Office 365 Systems for Months

Here Are the Top Ten Most Active Venture Capitalists in the Cybersecurity Sector

Chinese Threat Actors Also Exploited a SolarWinds Software Flaw to Spy on Government Payroll Agency, Report

Special Report for Premium Subscribers: Cybersecurity Venture Capital Investments Soared to Nearly $3 Billion in 2020

Zero-Day Flaw in SonicWall Networking Devices Actively Exploited

SolarWinds Breach Likely Gave Hackers Access to Vast Trove of Confidential Federal Court Documents

Hacker Group Purportedly Tied to Hezbollah Has Been Targeting Companies in the U.S., UK, Israel, and Other Countries

Law Enforcement Brings Down Emotet, Disrupts Netwalker, and Busts Social Media Troll for Spreading Misinformation

Apple Issues iOS Patches for Three Zero-Days Exploited in the Wild

North Korean Hackers Posed as Would-Be Collaborators to Target Security Researchers

ADT CCTV Tech Spied on People Having Sex and Other Top Infosec Developments for 1/25/21

Biden Launches Sweeping Review of Intel Regarding SolarWinds Hack and Other Top Infosec News for 1/22/21

Krebs: Enterprises Should Master Basic Cybersecurity Techniques in the Wake of the SolarWinds Hack and Other Top Infosec News for 1/21/21

Malwarebytes Hacked by the Same Group That Hit SolarWinds and Eleven Other Top Infosec Developments - 1/20/21

Parler Finds Rescuer in Russia and Other Top Infosec Stories of 1/19/21

Special Holiday Edition: Woman Arrested for Stealing Pelosi's Laptop and Allegedly Trying to Sell It to Russia, Other Top Infosec News

Biden Puts $10 Billion for Cybersecurity, IT in Rescue Package

Threat Actors Are Bypassing MFA and Other Major Cybersecurity Developments You Should Know

Shadow Brokers-Like Site Called SolarLeaks Sells Data Purportedly Stolen During SolarWinds Hack, Other Top Infosec Developments for 1/13/21

Hacker Gained Access to Parler's Content Before AWS Shut-Down, More Top Infosec News for 1/11/21

Hill Attackers Might Have Obtained Sensitive Data During Siege and Other Top Infosec News Stories for 1/8/21

Capitol Hill Computer Systems Exposed During Insurgency and Other Top Cybersecurity News You Need to Know Today

Feds Finally Fess Up to Russia's Role in SolarWinds and More Infosec Developments You Should Know Today

© 2025 DCT Associates
PrivacyTermsCollection notice
Start WritingGet the app
Substack is the home for great culture