Written by Dan Kaminsky Oct 3, 2016 | CYBERSCOOP We could lose this internet. Or we could save it. I prefer the latter. And speaking to you as somewhat of an outsider - a hacker for decades, based in San Francisco - I need your help.
A hacker group called REvil is currently in the process of blackmailing Apple supplier Quanta for about $50 million. The group claims to have thousands of leaked files that include information about upcoming Apple products. 9to5Mac has had a look at some of the files already released.
Dozens of former post office workers have had their convictions for theft, fraud and false accounting quashed by the court of appeal after judges ruled the convictions were due to "corrupt data" from the Post Office's IT system.
Application Security Training, for IT Professionals Learn how to create secure software, from industry experts. Our online courses teach application security theory and hands-on technical lessons. Whether you are a CISO that needs to get a better picture of your application security posture, a software developer that is concerned about creating secure software, or a person who wants to become an AppSec professional, we have something for you.
How I hacked Clubhouse (and made it safer for all) w/ Katie Moussouris - https://www.wired.com/story/clubhouse-bug-lurkers-ghost/ Technical details & cat videos: https://www.lutasecurity.com/post/new-clubhouse-security-vulnerabilities-could-happen-to-any-growing-unicorn
A secretive federal court approved the FBI's use of a powerful warrantless surveillance authority in November despite finding that the bureau had repeatedly violated rules meant to protect Americans' privacy. Between mid-2019 and early 2020, FBI personnel conducted queries of data troves containing Americans' emails and other communications, seeking information without proper justification, according to a redacted ruling by the Foreign Intelligence Surveillance Court made public Monday.
The operators of the Darkside ransomware are expanding their extortion tactics with a new technique aimed at companies that are listed on NASDAQ or other stock markets. In a message posted on their dark web portal, the Darkside crew said it is willing to notify crooked market traders in advance so they can short a company's stock price before they list its name on their website as a victim.
In July 2020, Mandiant Threat Intelligence released a public report detailing an ongoing influence campaign we named "Ghostwriter." Ghostwriter is a cyber-enabled influence campaign which primarily targets audiences in Lithuania, Latvia and Poland and promotes narratives critical of the North Atlantic Treaty Organization's (NATO) presence in Eastern Europe.
Current and aspiring cybersecurity professionals named cloud security, data analysis and coding/programming as the top three most important skills to possess if you're looking to join the cyber workforce today. Those findings came from a new survey-based research report from the International Information System Security Certification Consortium, or (ISC)².
Executive Summary Mandiant recently responded to multiple security incidents involving compromises of Pulse Secure VPN appliances. This blog post examines multiple, related techniques for bypassing single and multifactor authentication on Pulse Secure VPN devices, persisting across upgrades, and maintaining access through webshells.