A Hacker Got All My Texts for $16

A gaping flaw in SMS lets hackers take over phone numbers in minutes by simply paying a company to reroute text messages. Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. I didn't expect it to be that quick.

Vice

White Supremacists, Conspiracy Theorists Are Targeting Cell Towers, Police Warn

As the Biden administration turns its attention to an infrastructure system beset with problems, a strange new issue has emerged: conspiracy theorists. That's according to a detailed intelligence report, produced by the New York Police Department and obtained by The Intercept, which finds that cellphone towers and other critical infrastructure have become an attractive target for conspiracy theorists, especially in the weeks and months following the presidential election.

The Intercept

Researcher Publishes Code to Exploit Microsoft Exchange Vulnerabilities on Github

Do you have information about the breach of Microsoft Exchange servers or other data breaches? We'd love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzofb@vice.com

Vice

There's a vexing mystery surrounding the 0-day attacks on Exchange servers

The Microsoft Exchange vulnerabilities that allow hackers to take over Microsoft Exchange servers are under attack by no fewer than 10 advanced hacking groups, six of which began exploiting them before Microsoft released a patch, researchers reported Wednesday. That raises a vexing mystery: how did so many separate threat actors have working exploits before the security flaws became publicly known?

Ars Technica

Netflix is testing a way to secure accounts from hidden hackers | The Record by Recorded Future

Netflix is currently testing a security feature that will block users who don't live in the same home as the account owner from accessing a shared account, a spokesperson told The Record today. According to screenshots shared online today, some users who were sharing accounts with family but not living in the same home were prompted to register their own accounts.

The Record by Recorded Future

Microsoft Probing Whether Leak Played Role in Suspected Chinese Hack

Microsoft Corp. is investigating whether a world-wide cyberattack on tens of thousands of its corporate customers may be linked to a leak of information by the company or its partners, according to people familiar with the matter.

WSJ

How Should the U.S. Respond to the SolarWinds and Microsoft Exchange Hacks?

Over the last two months, news has broken that Russia and China, the United States's two primary geopolitical adversaries, have both executed major cyber operations against the networks of American companies and government agencies. On their face, the two attacks share much in common.

Lawfare

New DEARCRY Ransomware is targeting Microsoft Exchange Servers

A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware.

BleepingComputer