Sitemap - 2022 - Metacurity

Cybercriminals Stole LastPass Customers' Encrypted Password Vaults

North Korea Hackers Stole $625 Million in 2022

Congress Pushes TikTok Ban While TikTok Proposes to Sever U.S. Ops From ByteDance

Midterm Elections Targeting by Foreign Operatives Was Limited in Scope, Still Alarming

Fortnite Creator to Pay $520M for Violating Children's Privacy Law, Tricking Players

Best Infosec-Related Long Reads of the Week, 12/17/22

Meta Barred Seven Companies Involved in Surveillance-for-Hire Activities

'Operation Power Off' Took Down 50 DDoS Booter Services, Seven Admins Arrested

Suspected Chinese Hacking Group Exploited a Flaw in Citrix Gear to Spy on Targets

Fortinet Urges Customers to Patch Actively Exploited SSL-VPN Vulnerability

Oz's Telstra Apologizes for 'Misalignment' Exposing 130,000 Customers' Data

Best Infosec-Related Long Reads of the Week, 12/10/22

Capgemini to Pay Razer $6.5 Million for Configuration Error That Led to Data Leak

Apple Will Extend End-to-End Encryption to iCloud, Setting Up a Showdown with the FBI

Cybersurveillance Firm Altrnativ Supports Defense Giants, Human Rights Abusers

Hackers Linked to China's APT41 Stole $20 Million in COVID Relief Funds

Hospital Complex in France Cancels Operations, Transfers Patients Following a Cyberattack

Best Infosec-Related Long Reads of the Week, 11/26/22 and 12/3/22

Hive Shuts Down Servers Following Discovery of Security Concerns

U.S. Citizen, El Salvador Journalists Sue NSO Group in the U.S. for Pegasus Spyware Hacks

Globe-Trotting Intellexa Has Peddled Spyware to the World's Most Repressive Regimes

Irish Regulator Fined Meta $275 Million for Data Breach Exposing 533 Million Users' Data

FCC Bans Equipment From Huawei, ZTE, Hikvision and Dahua Citing Security Risks

U.S. Military Mounted Dozens of Phony Facebook Accounts to Little Avail

Corellium Offered Its Phone Virtualization Tools to Controversial Spyware Makers

Medibank Hackers Release 1,500 More Patient Records Including Mental Health Details

Best Infosec-Related Long Reads of the Week, 11/19/22

North Korean Internet Knocked Out by Likely DDoS Attacks Amid Increased Missile Activity

Iran's Nemesis Kitten Hacked U.S. Merit Systems Protection Board to Implant Crypto Miner

FBI Director Wray Says TikTok APIs Are a National Security Concern

Google Enters Into $391.5 Million Settlement for Deceptive Location Tracking Practices

The CDC and U.S. Army Removed Apps From Russian Company That Posed as U.S. Firm

Best Infosec-Related Long Reads of the Week, 11/12/22

Twitter Tailspins After Privacy and Security Executives Bolt, Fake Verified Accounts Soar

Egyptian Government's Climate Conference App Sparks Hacking Fears Among Westerners

Election Day 2022 Saw Only Minor DDoS Attacks That Did Not Affect Voting Integrity

DOJ Seizes Nearly $4 Billion in Bitcoin From Silk Road Thief

Security Fears Over Blue Check Purchases Intensify as Musk Flounders at Twitter

Best Infosec-Related Long Reads of the Week, 11/5/22

Microsoft Will Extend $100 Million More to Ukraine to Help With Cybersecurity, Technology

TikTok Tells EU Users That Staff in China, Other Countries Can Access User Data

Ransomware Payments Made Though U.S. Banks Doubled to $1.2 Billion in 2021

Experts Say That Chaos at Twitter Threatens the Security and Safety of Users

Suspected Kremlin Agents Hacked the Personal Mobile Phone of Former British PM Truss

Best Infosec-Related Long Reads of the Week, 10/29/22

Rogue Employee Posted Fake and Inflammatory New York Post Tweets and Articles

Notorious UK Hacker Arraigned in the U.S. for Connections to Dark Web Market The Real Deal

Chinese Group Dragonbridge Seeks to Fuel Division, Discord Ahead of Midterm Elections

Feds Level Charges Against Two Chinese Nationals for Obstructing Huawei Probe

'Black Reward' Hackers Reportedly Accessed the Iranian Atomic Energy Agency's Email System

Best Infosec-Related Long Reads of the Week, 10/15/22 and 10/22/22

CORRECTED HEADLINE: ByteDance Planned to Use TikTok to Monitor Specific U.S. Citizens' Locations, Report

ByteDance Planned to Use TikTok to Monitor Specific U.S. Citizens' Locations, Report

Misconfigured Server Exposed Some of Microsoft's Customers' Sensitive Information

Germany's Cybersecurity Chief Sacked for Alleged Ties to People Involved With Russian Intelligence

Venture Spending in Cybersecurity During Q3 2022 Dropped to Lowest Level Since Q4 2020

Venture Spending in Cybersecurity During Q3 2022 Dropped to Lowest Level Since Q4 2020

Domestic Threats to Midterm Elections Emerge as Bigger Concern Than Foreign Interference

FBI Warns U.S. Political Parties They Could Be Targets of Chinese Hackers Ahead of Midterms

Biden Plans New Security Rules for Hospitals, Water Sector, Medical Devices, Warning Systems

FCC Plans to Ban Sales of Huawei, ZTE Gear in the U.S. on Security Grounds, Sources

White House Begins Work on IoT Cybersecurity Labeling Program

Killnet Hackers Launched DDoS Attacks Against U.S. Airport Websites, Flights Not Affected

Protestors Hacked Iranian State TV Blaming Supreme Leader Khamenei for Women's Deaths

Best Infosec-Related Long Reads of the Week, 10/8/22

Binance Halts BNC Chain After a Hacker Stole Up to Possibly $600 Million

Former Uber CSO Found Guilty of Hiding Hack, Faces Up to Eight Years in Prison

Activision Blizzard Hit with DDoS Attack During Launch of Overwatch 2

Australian Telco Telstra and National Australia Bank Reveal Data Breach via Third-Party Platform

Despite President's Vow, Pegasus Spyware Targeted Mexican Journalists, Activist

Best Infosec-Related Long Reads of the Week, 10/1/22

CIA's Faulty Covert Communication System Exposed Iranian Informants to Arrest, Prison

Optus Breach Turmoil Continues, PM Demands Telco Foot the Bill for Replacing Passports

Meta Disrupted Chinese Network of Facebook Accounts Seeking to Influence U.S. Politics

Ukraine Warns That Russia Is Planning for 'Massive' Critical Infrastructure Cyberattacks

Biden Admin Reportedly Has a Deal with TikTok to Address Some of the App's Security Concerns

Cyberspace Solarium Commission Will Soon See 85% of Its Recommendations Completed

Uber Attributes Hack to Lapsus$ Group, Says No Sensitive User Information Accessed

Alleged Uber Hacker Leaked 90 Videos of Grand Theft Auto 6 Test Build

Best Infosec-Related Long Reads of the Week, 9/17/22

A Hacker Breached Uber's Internal Systems Forcing Company to Take Some Systems Offline

Feds Indict and Treasury Sanctions Iranian Hackers for Critical Infrastructure Attacks

White House Issues Cybersecurity Guidelines for Agencies, Contractors

Special Report: Mudge Says Weak Defenses, Privacy Risks, Foreign Agents Plague Twitter

Senate Committee Seeks Answers From Twitter as Former Security Chief Gets Ready to Testify

Albania Blames Iran for Another Cyberattack, Feds Sanction Iran for Cyberattacks on U.S., Allies

Best Infosec-Related Long Reads of the Week, 9/10/22

Feds Recovered More Than $30 Million Stolen from Axie Infinity by North Korean Hackers

More Iranian Threat Ops Uncovered After U.S. Condemns Albanian Hacking Incident

Albania Breaks Diplomatic Relations with Iran Over Cyberattack, White House Backs Albania

Los Angeles Unified School District Hit by Ransomware Attack, Site Knocked Offline

TikTok Users' Personal Data Purportedly Breached via Insecure Server Hosted on Alibaba Cloud

Best Infosec-Related Long Reads of the Week, 9/3/22

Cops Have Been Quietly Tracking People Using a Little-Known Tool Called Fog Reveal

Cloudflare Signals That It Intends to Continue Protecting Transphobic Forum Kiwi Farms

Cuba Ransomware Group Takes Credit for Crippling Attack on Montenegro's Government

FTC Sues Kochava for Allegedly Selling Data That Can Track Reproductive Health Clinic Visits

Italian Mobile Spyware Outfit Tykelab Exploits Mobile Spec Flaw to Target Victims Worldwide

Best Infosec Long-Reads of the Week, 8/27/22

Hackers Stole Source Code and Proprietary Information From LastPass

Hackers Stole Source Code and Proprietary Information From LastPass

Twitter's Summer of Discontent Continues With Impending Senate Hearing, Employee Attrition

Skeptics Push Back Against Some of Twitter Whistleblower's Allegations

Cellebrite Leaked Confidential Information on Intel, Defense and Law Enforcement Agencies

Special Report: Former Security Chief Alleges Massive Security Failures and Fraud at Twitter

NSO Group CEO Steps Down, Company Lays Off One Hundred Employees

Best Infosec Long-Reads of the Week, 8/20/22

Apple Urges Immediate Updates for iPhones, iPads and Macs to Prevent Device Takeovers

Russian Accused of Cybercrime Gang Money Laundering Extradited to the U.S.

Mozilla Study Finds Most Reproductive Health Apps Are 'Creepy' and Not Private

Signal Says 1,900 Accounts Were Compromised in Twilio Breach, Attackers Searched for Numbers

A Hacker Stole $1.2 Billion From Acala's Liquidity Pool Crashing the Dollar-Pegged Protocol to $.01

FTC Eyes Sweeping New Regulations to Govern 'Commercial Surveillance' and Lax Data Security

Yanluowang Ransomware Group Breached Cisco by Hijacking Employee's Google Account

Facebook Provided Text Messages That Led to Abortion-Related Charges

Treasury Department Sanctions Tornado Cash Mixing Service After North Korean Laundering

North Korea's Lazarus Group Targeted DeBridge Finance in Likely Widespread Phishing Campaign

Best Infosec Long-Reads of the Week, 8/6/22

Iran-Friendly Hackers Carried Out Disruptive Attacks on Albanian Government Websites

Team of 'White Hat' Hackers Sought to Slow Down Solana Attack

Taiwanese Websites Hit by Annoying DDoS Attacks Ahead of Pelosi's Visit

Hackers Systematically Drained $191 Million From Nomad Token Bridge

Senate Finance Committee Warned DHS of Poor Security of Organ Transplant Sharing Network

Best Infosec Long-Reads of the Week, 7/30/22

Foreign Actors Attacked U.S. Courts' Document System in 2020 Causing Security Failure

Knotweed Group Is Linked to Spyware Vendor Targeting Law Firms, Banks and Consultancies

Average Data Breach Cost Reaches $4.35 Million, Up 13% Over the Past Two Years

LockBit Ransomware Group Claims Attack on Italy's Tax Agency, Small Canadian Town

CORRECTED HEADLINE: FBI's Discovery of Huawei Gear's Military Eavesdropping Capabilities Led to FCC Ban

FBI's Discovery of Huawei Gear's Military Eavesdropping Capabilities Led to FCC Ban

Best Infosec Long-Reads of the Week, 7/23/22

Candiru Spyware Targeted Journalists in the Middle East by Exploiting Chrome Zero Day

Cyber Command Shares Technical Details of Malware Targeting Ukrainian Organizations

DOJ Seized $500,000 That North Korean Hackers Stole From U.S. Health Care Organizations

DHS Harvested Data From Hundreds of Apps on Millions of Phone to Track People's Location Data

Cybersecurity Venture Capital Investments Took a Stiff Dip in Q2 22

Cybersecurity Venture Capital Investments Took a Stiff Dip in Q2 22

Thai Pro-Democracy Protesters and Activists Were Targeted With NSO's Pegasus Spyware

Best Infosec Long-Reads of the Week, 7/16/22

North Korean Hacking Group H0lyGh0st Has Been Targeting Small Businesses for Nearly a Year

Vault 7 Leaker Joshua Schulte Convicted of Nine Counts Related to Largest Theft in CIA History

Large-Scale Phishing Campaign Can Hijack Accounts Even When They're Protected by MFA

Microsoft Says Its Plan to Stop Blocking Macros by Default Is Only Temporary

U.S. Intel Community Reportedly Supported Defense Contractor's Plan to Buy NSO Group

Best Infosec Long-Reads of the Week, 7/9/22

Microsoft Will Once Again Allow VBA Macros on Downloaded Documents by Default

Apple's New iPhone Lockdown Mode Will Give Targets Protection From Nation-State Spying

NIST Unveils Four New Algorithms to Protect Quantum Computing Systems From Threats

Hackers Claim Massive Theft of Chinese Citizens' Personal Data From Shanghai Police Database

Best Long-Reads of the Week, 7/2/22

Half of Recent Zero Day Bugs Could Have Been Prevented with Patching, Regression Tests

North Korea's Lazarus Group Is Likely Behind Blockchain Firm Harmony's $100 Million Theft

Pro-Russian Hacktivist Group XakNet Has Ties to Kremlin, Coordinates Efforts With Killnet

Three Iranian Steel Companies Targeted in Cyberattack by Likely State-Backed Hacktivists

Tech Companies, Individuals and Lawmakers Tackle Data Privacy Issues After Roe's Overturn

Best Long-Reads of the Week, 6/25/22

Italian Company Developed Tools to Spy on Smartphones in Italy and Kazakhstan

Russia Has Stepped Up Cyberattacks Against Nations Providing Aid to Ukraine

ToddyCat Threat Group Is Targeting Microsoft Exchange Servers in Asia and Europe

Unidentified Operatives Have Been Tracking Israeli Military Personnel Using Strava Fitness App

Suspected Iranian Hackers May Have Caused Rocket Sirens to Blare in Two Israeli Cities

Best Long-Reads of the Week, 6/18/22

Police in India Planted False and Incriminating Files on Activists' Computers to Arrest Them

U.S. Has Stepped Up Funding for VPN Companies to Help Russians Evade Censorship

Controversy Erupts Over U.S. Defense Contractor's Talks to Buy NSO Group's Spyware

Iranian Hackers Are Targeting Israeli Officials, Military Officers, Others Using Spearphishing

Novel PACMAN Side-Channel Attack Can Defeat Apple's M1 Chip Defense Against Vulnerabilities

Best Infosec Long-Reads of the Week, 6/11/22

Invasive Linux Malware Symbiote Stealthily Steals Credentials and Enables Backdoor Access

Hackers Targeted Russian Radio Station to Protest Moscow's Invasion of Ukraine

Feds Say Chinese Hacking Groups Compromised Significant Telecom and Network Providers

LockBit Gang Claims Attack on Mandiant in Likely Gambit to Shed Sanctioned Evil Corp Connection

Hackers Reportedly Demand Ransom Following Russian Ministry Website Hack

Best Long-Reads of the Week, 6/4/22

Hackers Are Exploiting Atlassian Confluence Zero Day to Install Shells With No Fix Available

Iranian State Hackers Targeted Boston Children's Hospital in 'Despicable' Cyberattack

A Chinese APT Group is Exploiting the Microsoft Follina Flaw for Remote Code Execution

Malicious Actors Use 'Follina' Zero Day Flaw in Microsoft Office for Remote Code Execution

Hacker Gained Access to Verizon Employee Database by Tricking a Company Worker

Russia-Based Hacking Group Released Pro-Brexit Leaders' Emails on Leak Site

Democratic Lawmakers to Google: Stop Collecting Location Data That Imperils Abortion Seekers

Verizon DBIR Report: Majority of Ransomware Attacks Include Data Theft

UK Watchdog Fines Clearview AI $9.4 Million, Orders Deletion of UK Residents' Images

DOJ Won't Pursue Criminal Penalties for Security Researchers Seeking to Improve Technology

CISA Gives Civilian Agencies Five Days to Fix VMware Flaws Under Emergency Directive

'We Are At War' Costa Rica's President Says While Ransomware Gang Gains Help From Collaborators

Venezuelan Cardiologist Charged With Selling Ransomware Used by Iranian Hacking Group

Conti Gang Is 'Determined to Overthrow' Costa Rica's Government to Get Ransom Payment

EU Lawmakers Pass Sweeping New Cybersecurity Rules

Russian Killnet Hacking Group Attacked Italian Government and Other Institutions' Sites

European Commission Proposes Law Requiring Tech Companies to Scan for Child Abuse Images

US, UK and EU Attribute Attacks on Viasat's KA-SAT Network to Russia

Sponsored post: Save 30% off the book that "should be part of every cybersecurity college curriculum"

Costa Rican Government Declares State of Emergency Following Conti Ransomware Attacks

Apple, Google and Microsoft Commit to Passwordless Authentication Across Platforms

Location Data Broker Placer.ai Follows SafeGraph in Removing Sale of Abortion Clinic Visitor Data

Location Data Firm SafeGraph Is Selling Data on Abortion Clinic Visits

Russian Forces Routed Internet Traffic Through Russia After Blackout in Kherson

Spain's Prime Minister and Defense Minister Were Compromised by NSO Group's Pegasus Spyware

Special Report: Four-Day Crypto Hacking, Phishing Spree Nets Bad Actors $106.5 Million

How Well Have Cybersecurity Stocks Performed?

Massive Venture Capital Spending on Cybersecurity Continues Into 2022

Metacurity is on hiatus through April 29

MetaMask Warns of Storing Wallet Seeds in iCloud if Backup is Active Following $655K Theft

An Attacker is Using Stolen OAuth Tokens to Steal Data From Private GitHub Repositories

Feds Link Axie Infinity's $625 Million Hack to North Korea's Lazarus Group

New, Dangerous Toolset from APT Threat Actor Can Seriously Disrupt Industrial Control Systems

International Law Enforcement Operation Seized Control of Stolen Data Website RaidForums

Russia's Sandworm Group Tried to Take Down Ukrainian Energy Facilities Last Week

Senior EU Officials Were Targeted by NSO Group Spyware

Meta Countered Tactics by Russia and Belarus to Target Ukrainian Soldiers

U.S. Disrupted Kremlin's Cyclops Blink Botnet Before It Could Be Weaponized

Treasury Department Sanctions Dark Web Market Hydra and 100s of Its Cryptocurrency Addresses

Cops in Germany Bust Up Hydra Darknet Marketplace

State Department Launches Bureau of Cyberspace and Digital Policy

New Data Wiper Discovered That Was Used in Viasat Cyberattack

U.S. Officials Warn That Moscow Could Manipulate Kaspersky Software to Cause Harm

Hackers Who Crippled Viasat Modems Are Still Launching Attacks at the Company

Powerful Cyberattack Knocked Out Ukraine's Top Terrestrial Telco for Fifteen Hours

Ukraine's Military Agency Leaks List of 620 Alleged Russian FSB Employees

Four Russian Officials Charged With Hacking Critical Infrastructure

Mastermind of Lapsus$ Is Likely a Teen Living With His Mother in Oxford, England

Confusion Reigns Following Lapsus$ Hack of Okta, Up to 366 Customers' Data Accessed by Contractor

LAPSUS$ Claims Breach of Okta, Company Says It Found No Evidence of Ongoing Malicious Activity

Officials Warn Hackers Away From Ukraine's IT Army

New Threat Actor Exotic Lily Is an Access Broker for Russian Hackers, Including the Conti Gang

Zelenskyy Deep Fake Video Posted Following Hack of Ukraine 24

Russian State-Backed Hackers Gained Access to NGO Cloud After Exploiting DUO MFA Protocols

Israeli Government Websites Taken Down in DDoS Attack as State of Emergency Declared

Intel Agencies Probe Possible Russian Sabotage of Viasat's Communication Satellite

China Says U.S. Internet Addresses Have Been Used to Seize Its Computers to Target Computers in Belarus, Russia, and Ukraine

Many Russian Federal Agencies' Websites Were Compromised Using Stats Widget

China-Linked Threat Actors Accessed Six U.S. States' Computer Systems in Campaign That Leveraged Log4j Flaw

American 'Cyber Mission' Teams Might Be Slowing Down Russia's Cyber Warfare Advances

More Than 400,000 People Have Volunteered to Help Ukraine Hack and Disrupt Russian Targets

Hacktivists Compromised a Website Connected to Russia’s Space Research Institute

Ukrainian Security Researcher Leaked a Treasure Trove of Information on Conti Cybercrime Gang

Ukrainian Cyber Group Plans to Launch Digital Attacks Against Russian Critical Infrastructure

Daxin is the 'Most Advanced Piece of Malware' Ever Seen From China-Linked Spies, Symantec

Chaotic Hacktivist Attacks Take Place in Response to Russia's Invasion of Ukraine

Ukraine Government Seeks Help From the Country's Hacker Underground

Ukraine Hit by Wiper, DDoS Attacks

FBI Warns of Ransomware Attacks as Ukraine Crisis Deepens

UK Ready to Launch Cyberattacks If Moscow Targets Britain Following the Ukraine Invasion

U.S. Attributes Ukraine DDoS Attacks to Russia's GRU as Part of Unprecedented Declassification Campaign

Hackers for Dangerous Hacking Group Snake Have Been Linked to Russia's FSB

Feds Say Russian State-Sponsored Threat Actors Targeted, Breached Multiple Defense Contractors

DDoS Attack Hits Websites of Ukraine's Defense Ministry, Armed Forces and Two Banks

EU Calls for Ban on NSO Group's Pegasus Spyware

San Francisco 49ers Confirms Security Incident After BlackByte Gang Claims Ransomware Attack

White Hat Hacker Snags $2 Million Bounty for Finding a Bug in an Ethereum Project

Joint Advisory Warns of Ransomware Attack Proliferation

Authorities Seized More Than $3.6 Billion From Couple Who Allegedly Laundered Stolen Bitfinex Currency

Vodafone Portugal Networks Are Down Following 'Deliberate and Malicious Cyberattack'

Israeli Police Targeted Dozens of Citizens Without Warrants Using NSO's Pegasus Spyware

Low Profile NSO Group Rival QuaDream Sells Pegasus-Like Spyware to Break Into iPhones

More Than $320 Million in Ethereum Was Stolen in Wormhole Token Bridge Hack

NSO Group Offered Mobile Firm 'Bags of Cash' to Track People Through Their Cell Phones, Report

German Oil Storage and Supply Firms Shuttered by Cyber Incident

A Hacker Stole $80 Million From DeFi Platform Qubit, $2 Million Bounty Offered

FBI Purchased NSO Group's Pegasus Spyware While CIA Helped Djibouti Government Obtain It

Wiper Malware Used in Recent Attacks May Be a False Flag to Pin the Blame in Ukraine

White House Releases Strategy to Move Federal Government to Zero Trust Architecture

DHS Warns That Russia Would Consider a Cyberattack on the U.S.

Biden Administration Threatens to Block Russian Access to Semiconductor Technology

Twitter Shakes Up Top Security Team

Red Cross Pleads With Hackers to Not Release Stolen Data on 515,000 Vulnerable People

Ukraine Agencies' Data Were Wiped in Suspected Russian Cyberattack

Authorities Dismantled Cybercrime-Affiliated VPN Provider VPNLab

Destructive Malware Hit Ukraine Government and Related Systems

Russia's FSB Arrests REvil Group Members at U.S. Request

Special Report: Hackers Brought Down Ukraine Government's Public-Facing Digital Infrastructure

White House to Meet With Tech Leaders to Discuss Open Source Software Security

Feds Warn Cybersecurity Community to Be Aware of Russian State-Sponsored Threat Actor Tactics

Ransomware Gang Is Exploiting Log4Shell Flaw on Vulnerable VMWare Horizon Machines

Threat Actor Is Using Log4Shell Vulnerability to Plant Web Shells on VMWare Horizon Servers

Cyber Ninjas Is Shutting Down in the Face of $50,000 Daily Fines

NY AG Discovered Credential Stuffing Attacks Targeting Top Online Retailers, 1.1 Million Accounts

FTC Warns That Failure to Fix Log4j Flaw Could Trigger Legal Repercussions

Poland Bought NSO Group's Spyware in 2017 Following Prime Ministers' Meeting

Kremlin Insider Extradited to U.S. Reportedly Has Documents on Democratic Party Hack, Other GDR Operations