Sitemap - 2023 - Metacurity
Best Infosec-Related Long Reads for the Week of 12/16/23
Autistic Teen Lapsus$ Member Sentenced to Indefinite Hospital Stay
Ukraine Hacking Groups Claim Attacks on Russian Water Company, CRM Systems
Hackers Compromised 36 Million US Xfinity Customers' Data Via Citrix Bleed
Justice Department Announces Take-Down of ALPHV, Victim Decryption Tool Distribution
China Issues New Data Security Incident Response Classifications
Best Infosec-Related Long Reads for the Week of 12/9/23
Phishing Attack Led to Supply Chain Compromise, $600K Theft at Ledger
Ukrainian Official Attributes Kyivstar Attack to Sandworm-Linked Group Solntsepek
Rhysida Gang Allegedly Hacked Sony's Insomniac Games Group
Section 702 Authorization Bill Would Greatly Expand Business Cooperation in Surveillance
Amazon Sues Theft Ring REKK That Hacked Internal Systems and Bribed Employees
Best Infosec-Related Long Reads for the Week of 12/2/23
US Treasury, Justice and State Departments Join the UK in Targeting FSB's Star Blizzard Group
UK Accuses FSB Group of Targeting Emails of Politicians, Others to Undermine Democracy
New Technique Can Fool iPhone Users About Lockdown Mode and Carry Out Covert Attacks
UK Government Denies Report of Russian and Chinese Hacks of Sellafield Nuclear Site
Feds Warn That Iranian Hackers Are Targeting Water Authorities Across Multiple States
Best Infosec-Related Long Reads for the Weeks of 11/20/23 and 11/27/23
Treasury Department Sanctions DPRK's Kimsuky for Stealing Intelligence
International Operation Shut Down the Sinbad Crypto Mixer Used by DPRK's Lazarus Group
Hackers Stole Information on All of Okta's Customers
International Operation Busts Up Ransomware Group Linked to Attacks in 71 Countries
Eighteen Countries Sign 'Secure by Design' AI Agreement
Best Infosec-Related Long Reads for the Week, 11/18/23
Winter Vivern Threat Group Has Targeted Zimbra Email Servers Worldwide
ALPHV/Black Cat Reported Victim MeridianLink to SEC for Failing to Disclose Data Breach
FBI Dismantles IPStorm Botnet Proxy Network After Leader Strikes Plea Deal
Lockbit Claims ICBC Paid the Ransom Following Last Week's Attack
Australian Port Operator Resumes Operations After Cyber Incident Shut It Down for Days
Best Infosec-Related Long Reads for the Week, 11/11/23
Ransomware Attack on ICBC Commercial Bank Disrupted Trades in US Treasury Market
Russia's Sandworm Attacked Ukrainian Power Utility During Missile Strikes
Microsoft Offers Politicians, Campaigns Tools to Combat Deepfakes
Ransomware Groups Are Exploiting Flaws in Atlassian Confluence, Apache ActiveMQ
Okta Says Hackers Gained Access to 134 Customers' Files
Best Infosec-Related Long Reads for the Week, 11/4/23
Microsoft Promises Better Cybersecurity With Its Secure Future Initiative
Boeing Admits Lockbit Attack Affected Parts of Its Business
Malicious Link-Shortening Service Hops Onto .US Top-Level Domain
SEC Charges SolarWinds and Its CISO With Fraud, Internal Control Failures
Cybersecurity Is a Central Pillar of Biden's AI Executive Order
Best Infosec-Related Long Reads for the Week, 10/28/23
Privacy-Enhancing Feature Apple Debuted Three Years Ago Never Worked
Sophisticated StripedFly Spying Platform Has Infected Over One Million Victims Since 2017
Startup Unciphered Has Developed a Technique to Hack Encrypted IronKey Thumb Drive
Threat Actors Infiltrated 1Password's Okta Tenant Using Stolen IT Employee Session Cookie
Hackers Had Access to Okta Customer Files For At Least Two Weeks
Best Infosec-Related Long Reads for the Week, 10/21/23
International Law Enforcement Operation Shut Down RagnarLocker Group
State-Backed Cyber Actors from Russia and China Are Exploiting WinRAR Vulnerability
Five Eye Chiefs Band Together to Accuse China of Stealing, Hacking and Spying
Cisco Warns of Critical Zero-Day Flaw Targeting Internet-Connected Devices
Gaza War Digital Disruption, Disinformation Developments Continue to Mount
Best Infosec-Related Long Reads for the Week, 10/14/23
Hackers Who Stole $400 Million From FTX Have Ties to Russian Cybercrime, Elliptic
SEC Launches Probe into Progress Software's MOVEit Vulnerability, Issues Subpoena
Zero-Day Vulnerability in HTTP/2 Protocol Caused Unprecedented Surge in DDoS Attacks
Hacktivists Create Digital Chaos Following Hamas' Attacks on Israel
Hacker Claims Sale of Millions of 23andMe’s Customers' Genetic Profiles
Best Infosec-Related Long Reads for the Week, 10/7/23
MGM Resorts Suffers $100 Million Blow from Ransomware Attack
Belgium Fears China Is Spying Via Alibaba's Logistics Software at Liège Airport
NATO Is Addressing Document Thefts Claimed by SiegedSec Hacktivists
Arm Warns of Ongoing Attacks Targeting Flaw in Mali Line of GPUs
Critical Zero Day in Exim Mail Transfer Agent Enables Takeover of Exposed Servers
Best Infosec-Related Long Reads for the Week, 9/30/23
China Is Pouring Billions Into Global Disinformation Efforts, State Department
Hacking Group Linked to Chinese Government Caught Modifying Router Software
Sony Launches Probe Into Cybercrime Group's Claims of Massive Compromise
Hackers Stole $200 Million From Hong Kong's Mixin in Biggest Crypto Theft of the Year
Apple Pushed Out Security Update Due to Egyptian Politician's Predator Spyware Infection
Best Infosec-Related Long Reads for the Week, 9/23/23
Apple Issues Emergency Patches to Fix Three New Zero-Day Flaws
Air Canada and Ben-Gurion Airport Join List of Cybersecurity Victims in the Air Travel Industry
UK Finally Passes Its Online Safety Bill With Controversial Scanning Provisions Intact
Microsoft AI Researchers Accidentally Exposed Tens of Terabytes of Sensitive Data
North Korea's Lazarus Group Has Stolen $240 Million Since June
Best Infosec-Related Long Reads for the Week, 9/16/23
Hackers Claim Six Terabyte Data Theft From MGM-Caesars, Say They Still Have MGM Access
Hacking Group Scattered Spider Reportedly Targeted MGM Resorts, Caesars Entertainment
Offshoot of China's APT41 Breached Asian Country's National Power Grid
Widespread Cyber Incident Causes Outages Across MGM Resorts' Properties
Ethereum Co-Founder's Alleged Twitter Account Hack Cost Victims Nearly $700,000
Best Infosec-Related Long Reads for the Week, 9/9/23
US, UK Sanction Trickbot Members, DOJ Charges Trickbot Tech Leader and Others
Technical Blunders by Microsoft Gave Chinese Espionage Actors Access to Government Emails
Every Major Car Brand Failed Privacy and Security Tests, Mozilla
Stalker Website Kiwi Farms Still Survives Despite Efforts of Sleuths, Engineers, Activists
Best Infosec-Related Long Reads for the Weeks of 8/21/23 and 8/28/23
Russia's Sandworm Hackers Have Been Targeting Ukrainian Military Android Devices
Chinese Spy Operation Placed Fake Signal Apps on Google Play Store, Samsung Galaxy Store
FBI, International Partners Infiltrated Qakbot and Uninstalled Infected Systems
ChatGPT Offers 'Enterprise-Grade' Privacy, Data Analysis
Radio Signal Interference Halted Train Stations in Poland
Brazilian Hacker Says Bolsonaro Asked Him to Tamper With Voting Machine
White House Orders Civilian Agency Laggards to Fully Comply With Biden Cybersecurity EO
Two UK Police Forces Admit Mishandling Sensitive Victims' Data
IBM MOVEit Breach Affects Millions of Americans' Healthcare Data
Europol and DOJ Busted Five Administrators in Lolek Bulletproof Hosting Take-Down
Best Infosec-Related Long Reads of the Week, 8/12/23
Cyber Safety Review Board to Probe Cloud Computing Risks Following Microsoft Incident
DARPA to Oversee $20 Million AI Challenge to Find Flaws in US Government Infrastructure
Cyberattacker Accessed Data for 40 Million UK Voters
North Korean Hackers Breached Russian Missile Developer Networks
Cyberattack Disrupted Medical Services Across a Wide Swath of the US
Best Infosec-Related Long Reads of the Week, 8/5/23
Husband in Bitfinex Money Laundering Duo Cops to Hacking the Exchange
Tenable CEO Fires Broadside Against Microsoft for 'Grossly Irresponsible' Security Approach
Noname Hit Italian Banks in DDoS Spree
White House Panel Calls for Curtailing FBI Access to Sec. 702 Database
Air Force Engineer Allegedly Breached DoD Comms, Stole $90K in Radio Tech
Best Infosec-Related Long Reads of the Week, 7/29/23
Senator Calls for Probes Into Microsoft's Handling of Chinese Spy Campaign
SEC Adopts Cyber Incident and Risk Management Reporting Rules
White House Taps Coker for National Cyber Director Role
Law Firm Must Turn Over Some Client Names to SEC That Were Compromised in Cyber Incident
Chinese Espionage Campaign Could Extend to Other Microsoft Cloud Offerings
Best Infosec-Related Long Reads of the Week, 7/22/23
Chinese Hackers Accessed Email Accounts of US Ambassador to China, Assistant Secretary
Microsoft to Offer Pricier Tiers of Audit Logging for Free Following Chinese Spy Campaign
Commerce Department Adds Surveillance Firms Cytrox, Intellexa to Export Prohibition List
White House, FCC Announce New Cybersecurity Labeling Program for Smart Devices
Microsoft Is Coy About Whether Zero Day Flaw Led to Chinese Espionage Campaign
Best Infosec-Related Long Reads of the Week, 7/15/23
FTC Launches Probe Into the Safety and Security of ChatGPT
White House Releases National Cybersecurity Strategy Implementation Plan
Chinese Hackers Breached Organizations, US Government Via Microsoft Cloud Security Hole
Q2 2023 Sees Surge in Cybersecurity Deal Volume as Total Venture Spending Declines
Data for Potentially Tens of Millions of HCA Healthcare Patients for Sale on Breach Forum
CISA Warns of Three New, Now-Patched Vulnerabilities in MOVEit Transfer
Best Infosec-Related Long Reads of the Week, 7/8/23
FBI Searched the Home of Kraken Founder Amid Hacking, Cyber-Stalking Allegations
Why are there so many Romanian cybersecurity journalists?
Cops Detain Member of OPERA1ER Cybercrime Group That Stole Millions in Thirty-Plus Attacks
Japan's Port of Nagoya Grinds to a Halt After LockBit Ransomware Attack
Best Infosec-Related Long Reads of the Week, 7/1/23
Two Hacking Groups Claim Take-Down of Russian Satellite Communications Provider
HHS Is the Latest US Government Agency Hit by Clop in MOVEit Attack
Backdoor Access Under UK Bill Meets With Growing Resistance, Apple Joins the Fray
Encrochat Take-Down Led to 6,500 Arrests, Nearly $100 Million in Seized Assets
Cops Seize Domains of Breach Forums, Add Handcuffs to Owner's Avatar in Seizure Notice
Best Infosec-Related Long Reads of the Week, 6/24/23
FBI NDAs Routinely Force Cops to Hide Use of Cell Site Simulators
Biden Administration Explores Actions to Address Chinese Cloud Computing Security
DOJ Prioritizes Cyber Threats as Key National Security Concerns
Hackers Launch DDoS Attacks on the European Investment Bank Over Ukraine Support
Timeline of Top US Government Data Breaches, 1996 to June 2023
Possible USDA Clop Attack Emerges Alongside $10 Million Reward, Third MOVEit Flaw
Best Infosec-Related Long Reads of the Week, 6/17/23
US Government Agencies and Other New Victims Hit as Clop Attack Spree Continues
Novel Russian Threat Group Cadet Blizzard Is Behind Recent Wave of Attacks, Microsoft
US Government Says Section 702 Helped Solve Colonial Pipeline, Other Cyber Incidents
US Government Has Secretly Used Data Brokers to Amass Information on Citizens
DOJ Unveils Charges Against Two Russians for Mt. Gox Hack
Best Infosec-Related Long Reads of the Week, 6/10/23
The FCC's data breach reporting requirements are broken
State Department Offers $5 Million Reward for Anom Service Administrator
Clop Gang Says MOVEit Victims Have Until June 14 Before They Spill Stolen Data
North Korean Hackers Were Likely Behind $35 Million Atomic Wallet Heist
Clop Hits British Airways, BBC and Boots as Organizations Brace for More Attacks
Chinese Police Start Cracking Down on Hyper-Realistic AI Fraud
Best Infosec-Related Long Reads of the Week, 6/3/23
Russia's FSB Claims US Targeted iPhones in Spy Campaign, Kaspersky Claims Zero-Click Attacks
FTC Smacks Amazon for Alexa and Ring Privacy, Security Failures
Asian Threat Group Dark Pink Keeps Expanding Footprint, Adds Five New Victims
Tesla Failed to Protect Customer, Employee and Partner Data, Report
Best Infosec-Related Long Reads of the Week, 5/20/23
Anti-Choice Groups Used Geolocation Data to Target Planned Parenthood Visitors
Montana Becomes the First State to Ban TikTok
Alleged Russian Hacker Charged and Sanctioned for Role in $200 Million Ransomware Rampage
Pharmacy Services Provider Attack Exposed Medical Data on Nearly Six Million Patients
US DoT Suspends Commuting Cost Benefits Following Data Breach
Best Infosec-Related Long Reads of the Week, 5/13/23
UK Cops Win Ruling to Gain Warrantless Access to Stored Encrypted Phone Chats
US Probes Possible Exposure of Sensitive Critical Infrastructure Data at Rockwell China Facility
Operation Medusa Took Down Russia's Snake Cyber Espionage Network
Operation PowerOFF Seizes Thirteen More DDoS-For-Hire Domains
CORRECTED Police Probe in Allen, TX Shooting Marred by Dallas Ransomware Attack Fallout
Police Probe in Allen, TX Shooting Marred by Dallas Ransomware Attack Fallout
Best Infosec-Related Long Reads of the Week, 5/6/23
Uber's Ex-CSO Dodges Prison Time, Receives Three-Year Probation
Threat Actors Are Spreading ChatGPT-Themed Lures Across Facebook, Instagram, WhatsApp
Authorities Bust Up Online Drug Marketplace and Arrest 300 After an 18-Month Operation
Samsung Bans ChatGPT to Protect Sensitive Data
DOJ, Companies Spotted SolarWinds Breach Six Months Earlier Than Reported
Best Infosec-Related Long Reads of the Week, 4/29/23
Pentagon Leaker's Troubled History Raises Questions About His Top-Secret Clearance
Hackers Circulate Highly Sensitive Files on Minneapolis School Children
Iranian Hacking Group Hacked Local Government Election Reporting Site in 2020
Feds Indict, Sanction Alleged Lazarus Group Money Launderers
Pentagon Files Leaker Posted Sensitive Information Months Earlier Than Known
Best Infosec-Related Long Reads of the Week, 4/22/23
North Korean Attack on 3CX Involved a Rare Double Supply Chain Compromise
Twitter Banned Wired Reporter for Article About a Right-Wing Provocateur's Hack
Minister Warns That Russian Group Seeks to Destroy UK Critical Infrastructure
Iranian Threat Group Could Be Eyeing Attacks on US Critical Infrastructure
Spyware Maker QuaDream Is Shutting Down, Seeks to Sell Intellectual Property
Best Infosec-Related Long Reads of the Week, 4/15/23
Massachusetts Air National Guard Member Arrested for Massive Leak of Classified Files
Young Charismatic Gun Enthusiast Is Claimed to Be Behind Massive Leak of Government Secrets
Zero-Click Spyware From Little-Known Israeli Company Targeted iPhones in Ten Countries
Now-Bankrupt FTX Suffered Cybersecurity Deficiencies on an Unimaginable Scale
Leaked US Documents Show Russian Hackers Claim Canadian Gas Pipeline Company Breach
Best Infosec-Related Long Reads of the Week, 4/8/23
Court Sanctions Disruption of Hackers Who Abuse Cobalt Strike, Microsoft Software
Almost 120 Arrested in Genesis Market Take-Down But Some Accounts Are Still Operating
Law Enforcement Authorities Shut Down Cybercrime Store Genesis Market Sites
Cybersecurity Venture Spending in Q1 23 Dipped to Lowest Level Since Q3 20
Cybersecurity Venture Spending in Q1 23 Dipped to Lowest Level Since Q3 20
Western Digital Confirms Hackers Stole Data During 'Network Security Incident'
US Government Purchased NSO Group's Landmark Geolocation Tracking Tool
Best Infosec-Related Long Reads of the Week, 4/1/23
Massive Trove of Documents From Kremlin Contractor Exposes Cyber Capabilities
Google Reveals Two Spyware Campaigns Involving Zero Day Flaws
Microsoft Unveils Security Copilot, an AI-Powered Tool to Speed Incident Response
Biden Administration Releases EO to Restrict Use of Commercial Spyware Tools by Agencies
Twitter Source Code Leaked Online, Company Demands GitHub Reveal Leaker's Name
Best Infosec-Related Long Reads of the Week, 3/25/23
TikTok CEO Fails to Assuage Congressional Concerns Over Chinese Ownership
Investissement Québec Hit by Clop Gang as Reports of GoAnywhere Bug Exploits Grow
TikTok CEO to Testify That Beijing Has No Authority Over Its Data
US Citizen and Meta Employee Targeted With Predator Spyware in Greece
Feds Claim Bust of BreachForums Operator Pompompurin
Best Infosec-Related Long (and Longish) Reads of the Week, 3/18/23
Chinese State-Sponsored Hackers Evade Common Cybersecurity Tools
US Demands TikTok Owners Sell Stakes in TikTok or Face Possible Ban, Sources
Prosecutors Charge Two Men for Roles in Criminal Doxing Group ViLE
ALPHV Hackers Claim Breach of Amazon-Owned Ring, Threaten to Release Data
Hacker Drained $195 Million From Ethereum Lending Protocol Euler Finance
Best Infosec-Related Long Reads of the Week, 3/11/23
Croatian Authorities Arrest Alleged NetWire RAT Operator, FBI Seizes Site
Data for US House Members, Staffs and Families Exposed in Breach of DC Health Link
ALPHV Gang Posts Photos of Lehigh Valley Health Network Cancer Patients
Israel Says Iran Was Behind DarkBit Ransomware Attack on The Technion
International Operation Hits Major DoppelPaymer Ransomware Gang Figures
Best Infosec-Related Long Reads of the Week, 3/4/23
Hackers Have Access to More Than 550,000 Gun Owners' Data From Firearm Auction Site
White House Issues Cyber Strategy to Bolster Software Security, Offensive Operations
Dish Network Confirms Ransomware Attack, Says Threat Actors Stole Data
US Marshals Service Suffered a Significant Ransomware and Data Exfiltration Incident
Dish Network Still Offline Following an Apparent Cyberattack
Best Infosec-Related Long Reads of the Week, 2/25/23
Dark Web Seller Claims to Sell Telus Employee Email Lists, Code Repositories
'Nevada' Hacking Group Has Targeted 5,000 Victims in Widespread Ransomware Campaign
Activision's Data Breach Contains Employee Information, Call of Duty and More, Report
Hackers Accessed Asian Data Center Login Credentials for Top Corporations
Security Experts Baffled by Twitter's Decision to Limit SMS-Based 2FA to Paid Subscribers
Best Infosec-Related Long Reads of the Week, 2/18/23
Updated: Atlassian Hackers Stole Employee Records, Floor Plans, More Via Third-Party App
Ukraine Targets Inundated with 'Near-Constant' Cyberattacks Since War's Onset, Google
Investigation Uncovers Israeli Team's Decades-Long Effort to Manipulate Elections Globally
Apple Fixes a Zero Day Flaw in iOS 16.3.1 and iPadOS 16.3.1 Exploited in the Wild
New Ransomware Threat Actor DarkBit Attacked Israel's Technion Research Institute
Best Infosec-Related Long Reads of the Week, 2/11/23
Hackers Accessed Reddit's Business Systems, Stole Documents and Source Code
US and UK Sanction Seven Members of Russia's Trickbot Ransomware Gang
VMware Issues Warning While CISA Releases Script to Recover Encrypted ESXi Servers
LockBit Gang Officially Claims Ransomware Attack on Royal Mail
Thousands of VMware ESXi Servers Targeted in Global Ransomware Attacks
Best Infosec-Related Long Reads of the Week, 2/4/23
China's 'Aggressive' Balloon Reconnaissance Poses No Threat on the Ground
LockBit Gang Tied to Cyber Incident That Hit Derivatives Trading Platform ION Trading
Videos Show Easy Hacks of Electrify America Fast Charger's Internal Computer System
The U.S. Will No Longer Grant Any American Tech Export Licenses to Huawei, Report
New Data-Wiping Malware Called SwiftSlicer Used in Attacks Against Ukrainian Targets
Best Infosec-Related Long and Long(ish) Reads of the Week, 1/28/23
Feds Bust Up Hive Gang, $10 Million Reward Offered for Links With Foreign Governments
Malicious Actors Targeted U.S. Agencies in Phishing Campaigns Using Legit RMM Software
Hackers Stole LastPass Parent Company's Encrypted Customer Back Ups, Encryption Key
FBI Confirms North Korea's Lazarus Group Pulled Off $100M Horizon Bridge Heist
Senator Jerry Moran's Campaign Was Scammed Out of Nearly $700,000 in BEC Scheme
Best Infosec-Related Long Reads of the Week, 1/21/23
Latest T-Mobile Breach Impacting 37 Million Customers Prompts FCC Probe
Feds Bust Russian Who Ran Bitzlato Crypto Exchange Which Aided Ransomware Attacks
Biden's Cybersecurity Strategy Includes Regulation, Hostile Network Disruption, Report
Hackers Stole CircleCi Databases Using an Engineer's Stolen Privileges
Best Infosec-Related Long Reads of the Week, 1/14/23
LockBit Linked to Royal Mail Attack but Gang's Spokesperson Blames Other Threat Actors
UK's Royal Mail Can't Send Mail Overseas Due to Severe Cyber Incident
New APT Group Dark Pink Steals Confidential Data From APAC Government, Military Bodies
Supreme Court Lets WhatsApp Lawsuit Against Spyware Maker NSO Group Move Forward
Russian Cold River Hacking Team Targeted Three U.S. Nuclear Research Labs
Best Infosec-Related Long Reads: Holiday Wrap-Up Edition
Vice Society Released Confidential Documents From Fourteen UK Schools
European Regulators Strike Blows Against the Ad Personalization Practices of Meta, Apple
Database of 235,000,000 Twitter Users Has Leaked for Free
Bitcoin Core Developer Lost 'Basically All' His BTC During Hack, PGP Key Theft Suspected
High-Profile Twitter Accounts Hacked After Forum Poster Peddles 400 Million Users' Data