An Israeli cybersecurity firm made the discovery just days before Tuesday’s vote, when millions of Americans go to the polls to elect House and Senate lawmakers, as well as a host of state and local representatives and officials.
Israeli cybersecurity company ClearSky Cyber Security has found a Darknet Dream Market data pool containing detailed information on 62 million registered American voters from 17 states, the company’s CEO has told Haaretz.
The malicious chips, which were not part of the original server motherboards designed by the U.S-based company Super Micro, had been inserted during the manufacturing process in China
While it’s unclear how Cosko is interning for multiple senators simultaneously, Fox News reported that Cosko’s attorney said that he was working as a fellow in Lee’s office but is paid by an outside institution.
Weak passwords such as ‘admin’ and ‘1234’ will be banned in California from 2020 as part of a crackdown on cyber attacks.
A Canadian company that owns many popular restaurant chains has been told to pay ransom in bitcoin to retrieve data that hackers claim to have stolen.
Sensitive military documents have been put up for sale in online hacking forums after someone forgot to change a default password, according to a security firm that discovered the breach.
Documents for sale include maintenance manuals for servicing MQ-9 Reaper drones, training manuals describing deployment tactics for improvised explosive devices (IEDs), documents detailing tank platoon tactics and an M1 ABRAMS tank operation manual, Bleeping Computer reported.
Security firm Recorded Future discovered the documents for sale online and said the hacker who stole them was selling the information for the surprisingly low bargain price of between $150 and $200.
Security fears rise as South Korea’s Coincheck loses about £28m of virtual currency
There has been a sharp drop in the price of bitcoin and other virtual currencies after South Korean cryptocurrency exchange Coinrail was hacked over the weekend.
A tweet confirming the cyber-attack sent the price of bitcoin tumbling 10% on Sunday to two-month lows.
The world’s best-known cryptocurrency lost $500 (£372) in an hour, dropping to $6,627 on the Luxembourg exchange Bitstamp, while most other digital currencies also recorded large losses.
It is “only a matter of time” until a commercial aircraft is hacked, the Department of Homeland Security and other US government agencies have warned. Most planes lack cybersecurity protections to prevent such a hack.
Motherboard obtained internal DHS documents through a Freedom of Information Act request which detail vulnerabilities with commercial aircraft and risk assessments. A number of the documents are still being “withheld pursuant to exemption” of the FOIA.
The release includes a January presentation from Pacific Northwest National Laboratory (PNNL), part of the Department of Energy, outlining the group’s efforts to hack an aircraft via its wifi service as a security test.
The FBI issued a warning Friday to Americans with internet routers in their homes or offices to reboot their routers immediately after the agency discover hundreds of thousands of routers had been compromised by foreign actors.
Wait, do we trust the FBI? What if rebooting loads FBI spyware?
Hudson’s Bay Co. says customer payment card information was involved in a “data security issue” at certain Saks Fifth Avenue, Saks OFF 5th and Lord & Taylor stores in North America.
The company didn’t say whether any Canadian locations were affected.
It says the investigation is ongoing, but there’s no indication that the breach affects the company’s digital platforms or Hudson’s Bay and Home Outfitters stores.
HBC says there could be fraudulent charges to customers’ accounts because of the breach, but adds that those customers won’t be liable to pay them.
Glad I can’t afford to shop at Saks.
North Korea is stepping up its cyber capabilities to target international aerospace and defence industries through a shadowy and sophisticated hackers group called Reaper, a new report revealed on Tuesday.
The group, also known as APT37, was identified in research by American private security company FireEye, which tracks cyber-attackers around the world.
They reported that it is using malware to infiltrate computer networks and now represents “an advanced persistent threat” that has dramatically increased the reach of North Korea’s already formidable cyber operations
A secret part of Apple’s iPhone software has been posted online in a leak that could potentially allow hackers to find security holes in the smartphone.
Although the release does not immediately put iPhone owners at risk, security experts said the leak enables hackers to analyse Apple’s code, replicate and manipulate it for malicious purposes and that users could be vulnerable in the future.
On Wednesday night, an anonymous user published part of the “source code” – the computing instructions that underpin the iOS software – on GitHub, a website for computer programmers to share code.
New cryptocurrency mining viruses have lately spread to infect Windows computers as virtual currency-related malware becomes popular and profitable among cyber criminals.
The viruses are being spread using same EternalBlue exploit, which has been developed by the US National Security Agency (NSA). The exploit was recently used as part of the worldwide WannaCry ransomware attack.
According to researchers from Proofpoint, a massive global botnet dubbed ‘Smominru’ is using EternalBlue SMB exploit to infect PCs and secretly mine monero cryptocurrency (valued at $245.47) for its master.
Hackers able to make ATMs spit cash like winning slot machines are now operating inside the United States, marking the arrival of “jackpotting” attacks after widespread heists in Europe and Asia, according to the world’s largest ATM makers and security news website, Krebs on Security.
Thieves have used skimming devices on ATM machines to steal debit card information, but “jackpotting” augurs more sophisticated technological challenges that American financial firms will face in coming years.
One of Japan’s largest digital currency exchanges says it has lost some $534m (£380m) worth of virtual assets in a hacking attack on its network.
Coincheck froze deposits and withdrawals for all crypto-currencies except Bitcoin as it assessed its losses in NEM, a lesser-known currency.
It may be unable to reimburse the funds lost on Friday, a representative told Japanese media.
If the theft is confirmed, it will be the largest involving digital currency.