Risky Bulletin
Risky Biz News: FBI links Harmony's $100 million hack to the Lazarus Group
In other news: Apple patches iOS zero-day; Mango Markets hacker detained and charged; Security Keys for Apple ID goes live.
Catalin Cimpanu
Risky Bulletin
Risky Biz News: Crypto-crime volumes went down in 2022, ransomware payments too
In other news: Riot Games cancels game updates after hack; T-Mobile discloses eighth breach since 2018; APT group deploys DNS changer on victims' routers.
Risky Bulletin
Risky Biz News: Dark web mega-hack as Kraken takes over Solaris
In other news: Chinese hackers breach Iranian government; Mailchimp hacked again; Bitzlato CEO arrested for laundering ransomware funds.
Risky Bulletin
Risky Biz News: Google Search and Ads have a major malware problem
In other news: LockBit gang leader is a big drama queen; Magento store owners f*** around and find out; AMD security patch disables CPU cores.
Risky Bulletin
Risky Biz News: Secure Boot not working on recent MSI motherboards
In other news: Norton Password Manager hit by credential-stuffing attack; hacktivists leak Cellebrite tools; Lexmark printer zero-day disclosed.
Risky Bulletin
Risky Biz News: Pro-Russian hacktivists offer cryptocurrency for DDOS attacks on Ukraine and western targets
In other news: Bangladesh government bought loads of Israeli surveillance tools; npm libraries delete user files; malware found preinstalled on T95 Android TV boxes.
Risky Bulletin
Risky Biz News: SugarCRM zero-day used to compromise roughly 10% of all internet-accessible servers
In other news: Windows 7 reaches end-of-support; smart ship management platform taken down after hack; Raspberry Robin botnet loses 30% of C2 servers in partial takedown.
Risky Bulletin
Risky Biz News: Ukraine jams Russian satellite TV stations in occupied territories
In other news: AWS now encrypts S3 data by default; FCC working on new data breach disclosure rules; Turla hijacks old Andromeda botnet to go after Ukrainian targets.
Risky Bulletin
Risky Biz News: Slack discloses security breach, access to code repositories
In other news: ENLBufferPwn vulnerability impacts Nintendo consoles; 3Commas eats its words after disclosing security breach; PyTorch discloses supply chain attack.
Risky Bulletin
Risky Biz News: Santa's here with a bunch of bad news for LastPass and Twitter users
In other news: AT&T exonerates itself from any responsibility in SIM-swapping attacks; BitKeep wallets drained in supply chain attack; TikTok banned on federal networks and lawmakers' devices.
Risky Bulletin
Risky Biz News: Recent Okta source code theft part of a larger incident
In other news: Smart home wall pad hacker detained in South Korea; The Guardian newspaper hit by ransomware; E2EE coming to enterprise Gmail.
Risky Bulletin
Risky Biz News: A third of the world now runs social media influence operations
In other news: FBI's InfraGard hacked; GitHub to roll out mandatory 2FA; 50 DDoS service providers taken down before Christmas.