Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency - sources

WASHINGTON (Reuters) - Suspected Chinese hackers exploited a flaw in software made by SolarWinds Corp to help break into U.S. government computers last year, five people familiar with the matter told Reuters, marking a new twist in a sprawling cybersecurity breach that U.S. lawmakers have labeled a national security emergency.


A Spyware Vendor Seemingly Made a Fake WhatsApp to Hack Targets

Image: Jakub Porzycki/NurPhoto via Getty Images Do you have information about similar attacks? We'd love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382 , Wire/Wickr @lorenzofb, or email lorenzofb@vice.com .


Suspected Russian Hack Extends Far Beyond SolarWinds Software, Investigators Say

Investigators probing a massive hack of the U.S. government and businesses say they have found concrete evidence the suspected Russian espionage operation went far beyond the compromise of the small software vendor publicly linked to the attack. Close to a third of the victims didn't run the SolarWinds Corp.


Ransomware gangs made at least $350 million in 2020 | ZDNet

Ransomware gangs made at least $350 million in ransom payments last year, in 2020, blockchain analysis firm Chainalysis said in a report last week. The figure was compiled by tracking transactions to blockchain addresses linked to ransomware attacks.


Google to pay $2.5M to 5,500+ female engineers as well as female and Asian job applicants to settle pay and hiring discrimination allegations

Zoe Schiffer / The Verge: Google to pay $2.5M to 5,500+ female engineers as well as female and Asian job applicants to settle pay and hiring discrimination allegations


Perl.com domain stolen, now using IP address tied to malware

The domain name perl.comwas stolen and now points to an IP address associated with malware campaigns. Perl.com is a site owned by Tom Christiansen and has been used since 1997 to post news and articles about the Perl programming language.


Mensa Website Hacked After Britain's Smartest Folk Failed To Secure Passwords

This story has been updated British Mensa, the society for people with high IQs, failed to properly secure the passwords on its website, prompting a hack on its website that has resulted in the theft of members' personal data.


What tracking an attacker email infrastructure tells us about persistent cybercriminal operations - Microsoft Security

Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing us to build or improve protections that block malware campaigns and other email threats, both current and future, as well as provide enterprises with the tools for investigating and responding to email campaigns in real-time.

Microsoft Security

Inside the Brutal Power Struggle at Homeland Security

Tensions ran so high at the Department of Homeland Security's oversight wing that one senior official fantasized about Arya Stark, the fictional assassin in "Game of Thrones," "taking care of" the agency chief, according to an investigation obtained by The Intercept under the Freedom of Information Act.

The Intercept

Bonobos clothing store suffers a data breach, hacker leaks 70GB database

Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup of their database was downloaded by a threat actor. Bonobos states that the corporate systems were not breached during the attack.


Trickbot is back again - with fresh phishing and malware attacks | ZDNet

The Trickbot botnet was disrupted by a coalition of cybersecurity companies late last year - but researchers have detailed what appears to be a new Trickbot campaign.