Posts


Jun. 30, 2026

Nearly a million passports and photo IDs were left unprotected on the public internet

Headline image

Cannabis Club Systems, also known as Nefos Solutions, left passports and photo IDs potentially exposed on the public web.Nearly a million passports and photo IDs were left unprotected on the public internetThis should be a wakeup call for data security.

Source: theverge.com

Jun. 29, 2026

US offers $10 million for info on group behind Signal and WhatsApp hacking spree

Headline image

Federal authorities are offering a reward of up to $10 million for information leading to the identification or location of a Russian state cyber group that has compromised thousands of Signal and WhatsApp accounts belonging to investigative reporters and US government employees.

Source: arstechnica.com

Jun. 26, 2026

Going Through Snowden Documents, Part 7

Headline image Photo by Lianhao Qu on Unsplash

In December 2014, Der Spiegel published one of the most significant articles in the Snowden archive, exposing the scale of NSA and GCHQ efforts to break encryption and compromise encrypted communications. The article was accompanied by 44 supporting documents. One of those documents contains a previously unreported redaction failure that we believe is the most significant in any Snowden publication to date.

Source: libroot.org

Dec. 10, 2020

Hackers steal Pfizer/BioNTech COVID-19 vaccine data in Europe, companies say

Hackers steal Pfizer/BioNTech COVID-19 vaccine data in Europe, companies say

U.S. drugmaker Pfizer and its German partner BioNTech said on Wednesday that documents related to development of their COVID-19 vaccine had been ‘unlawfully accessed’ in a cyberattack on Europe’s medicines regulator. The European Medicines Agency (EMA), which assesses medicines and vaccines for the European Union, said hours earlier it had been targeted in a cyberattack. It gave no further details.

Dec. 2, 2020

iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable—meaning radio-proximity exploits could spread from one nearby device to another, once again, with no user interaction needed. This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research arm.

Nov. 11, 2020

179 Arrested in Massive Global Dark Web Takedown

179 Arrested in Massive Global Dark Web Takedown

Operation Disruptor has led to a wave of arrests and seizures, but the dark web drug market has bounced back before. It’s one of the largest global dark web takedowns to date: 179 arrests spread across six countries; 500 kilograms of drugs seized; $6.5 million in cash and cryptocurrency confiscated. And while it was announced this morning, Operation Disruptor traces its roots back to May 3, 2019.

Nov. 8, 2020

FBI: Hackers stole source code from US government agencies and private companies

FBI: Hackers stole source code from US government agencies and private companies

The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. Intrusions have taken place since at least April 2020, the FBI said inan alertsent out last month and made public this week on its website.

Nov. 7, 2020

Company forced to change name that could be used to hack websites

Company forced to change name that could be used to hack websites

Companies House has forced a company to change its name after it belatedly realised it could pose a security risk. The company now legally known as “THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD” was set up by a British software engineer, who says he did it purely because he thought it would be “a fun playful name” for his consulting business.

Nov. 3, 2020

Fault in NHS Covid app meant thousands at risk did not quarantine

Fault in NHS Covid app meant thousands at risk did not quarantine

A code error in the NHS Covid-19 app meant users had to be next to a highly infectious patient for five times as long as the NHS had decided was risky before being instructed to self-isolate, the Guardian has learned.

Source: theguardian.com

Oct. 16, 2020

Hacked Billboards Can Make Teslas See ‘Phantom Objects,’ Causing Them to Swerve or Stop Abruptly

Hacked Billboards Can Make Teslas See ‘Phantom Objects,’ Causing Them to Swerve or Stop Abruptly

Tesla’s Autopilot system relies on vision rather than LIDAR, which means it can be tricked by messages on billboards and projections created by hackers. Security researchers have demonstrated how Tesla’s Autopilot driver-assistance systems can be tricked into changing speed, swerving or stopping abruptly, simply by projecting fake road signs or virtual objects in front of them. Their hacks worked on both a Tesla running HW3, which is the latest version of the company’s Autopilot driver-assistance system, and the previous generation, HW2.5.

Sep. 25, 2020

FritzFrog: A New Generation of Peer-to-Peer Botnets written in Go

FritzFrog: A New Generation of Peer-to-Peer Botnets written in Go

Guardicore has discovered FritzFrog, a sophisticated peer-to-peer (P2P) botnet which has been actively breaching SSH servers since January 2020. Golang-Based Malware: FritzFrog executes a worm malware which is written in Golang, and is modular, multi-threaded and fileless, leaving no trace on the infected machine’s disk. Actively Targeting Government, Education, Finance and more: FritzFrog has attempted to brute force and propagate to tens of millions of IP addresses of governmental offices, educational institutions, medical centers, banks and numerous telecom companies.

Sep. 25, 2020

Attack of the week: Voice calls in LTE

Attack of the week: Voice calls in LTE

I haven’t written an “attack of the week” post in a while, and it’s been bumming me out. This is not because there’s been a lack of attacks, but mostly because there hasn’t been an attack on something sufficiently widely-used that it can rouse me out of my blogging torpor. But today brings a beautiful attack called ReVoLTE, on a set of protocols that I particularly love to see get broken: namely, cellular protocols.

Sep. 25, 2020

UK Firms pay £200m in ransoms to hackers

UK Firms pay £200m in ransoms to hackers

Gangs of cybercriminals forced British companies to pay out more than £200 million in ransoms last year, experts have revealed. The extortionists, many from Russia or Eastern European countries, are targeting well-known businesses with malicious software and then charging them tens of millions of pounds to regain access to networks. Companies fearful of public embarrassment, lost data and fines from regulators are now showing “more willingness to pay the ransom”, experts said.

Sep. 25, 2020

CrimeOps: The Operational Art of Cyber Crime

CrimeOps: The Operational Art of Cyber Crime

Cybercrime rewards innovative organizations. These can innovate at the tactical level (e.g. new or updated tactics, techniques, and procedures (TTP)), the strategic level (e.g. new monetisation methods), or at the operational level—the management of resources and personnel to achieve strategic objectives. This is operational art.

Source: okta.com

Sep. 25, 2020

Spammers use hexadecimal IP addresses to evade detection

Spammers use hexadecimal IP addresses to evade detection

A spam group has picked up a pretty clever trick that has allowed it to bypass email filters and security systems and land in more inboxes than usual. The trick relies on a quirk inRFC791— a standard that describes the Internet Protocol (IP). Among the various technical details, RFC791 is also the standard that describes how IP addresses look.

We mostly know them in their most prevalent form of dotted-decimal address (for example, 192.168.0.1). However, IP addresses can also be written in three other formats: Octal – 0300.0250.0000.0001 (by converting each decimal number to the octal base)Hexadecimal – 0xc0a80001 (by convert each decimal number to hexadecimal)Integer/DWORD – 3232235521 (by converting the hexadecimal IP to integer)

Sep. 25, 2020

The iOS 14 Privacy and Security Features You Should Know

The iOS 14 Privacy and Security Features You Should Know

Below you can find the most important security and privacy features your iOS device now has that it didn’t have before. Make sure you check them as soon as you’ve got iOS 14 on your iPhone or iPad. Apps on iOS have to explicitly ask for your permission to use the camera and microphone, and from iOS 14 onwards, you’ll also see an indicator dot in the top right of the screen when these functions are being used.

Sep. 25, 2020

Consultants charged for bribing Amazon Marketplace employees to game the platform

Consultants charged for bribing Amazon Marketplace employees to game the platform

Prosecutors allege the group paid handsome bribes to give clients a competitive advantage. According to the indictment, issued by a Grand Jury in the Western District of Washington, the six conspired to pay Amazon employees over $100,000 to secure an ‘unfair competitive advantage’ on Amazon Marketplace. The bribery bill is steep, but in return, the fraud carried a commercial worth and sales revenue of up to $100 million, the DoJ claims.

Sep. 25, 2020

A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems

A Patient Dies After Ransomware Attack Paralyzes German Hospital Systems

The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months. The attack, which exploited a Citrix ADCCVE-2019-19781vulnerability to cripple the hospital systems on September 10, is said to have been ‘misdirected’ in that it was originally intended for Heinrich Heine University, according to an extortion note left by the perpetrators. After law enforcement contacted the threat actors and informed them that they had encrypted a hospital, the operators behind the attack withdrew the ransom demand and provided the decryption key.

Aug. 7, 2020

Intel NDA blueprints – 20GB of source code, schematics, specs, docs – spill onto web from partners-only vault

Intel NDA blueprints – 20GB of source code, schematics, specs, docs – spill onto web from partners-only vault

Updated Switzerland-based IT consultant Tillie Kottmann on Thursday published a trove of confidential Intel technical material, code, and documents related to various processors and chipsets. A spokesperson for Intel told us the information was likely taken from its Resource and Design Center, which is a private library of resources for computer manufacturers and the like to build systems using Intel’s silicon. Access to this center is not open to the public as its content is intended to be used, for instance, to craft firmware and design motherboards compatible with Chipzilla’s microprocessors.

Jul. 18, 2020

Hackers Tell the Story of the Twitter Attack From the Inside

Hackers Tell the Story of the Twitter Attack From the Inside

A Twitter hacking scheme that targeted political, corporate and cultural elites this week began with a teasing message between two hackers late Tuesday on the online messaging platform Discord. “yoo bro,” wrote a user named “Kirk,” according to a screenshot of the conversation shared with The New York Times. “i work at twitter / don’t show this to anyone / seriously.