- Metacurity
- Archive
- Page 1
Archive
Best Infosec-Related Long Reads for the Week of 6/8/24
Immoral Pentagon disinformation campaign threatened Filipino lives, Volt Typhoon could lead to wartime disruption, Internet privacy's shifting baseline syndrome, LLM agent teams can exploit zero days more than half the time, LLM agents are capable of deception
Microsoft Postpones Widely Lambasted Recall Feature to Test Security Improvements
Microsoft CEO grilled by House Committee on security fails, More suspects arrested related to Desjardins breach, Republicans drum Stanford Internet Observatory out of existence, Nakasone to join OpenAI board, Snowflake ends internal investigation, UwU offers $5m bounty following second breach, DPRK is targeting Brazilian crypto exchanges, Clearview AI offers novel class action settlement, Wells Fargo fired employees for keyboard simulations, US federal agency attacks rose 10% in 2024, much more
To Protect Federal Contracts, Microsoft Ignored Security Expert's Warnings About Flaw That Led to Solar Winds Breach, Report
Hacker gained access to tracking company Tile's internal tools, Ukraine busts Conti and LockBit hacker as part of Operation Endgame, Canadian cops bust four men for Desjardins breach, Mozilla is blocking anti-censorship extensions, Google issues 50 patches including one for zero-day exploited in the wild, Toronto school system battles cyber incident, AWS debuts FIDO2 passkeys, Attorney accused of trying to hack judge's email and phone accounts, much more
London Hospitals and Surgeries to Face Disruption for 'Many Months' Due to Ransomware Attack
Coathanger Chinese cyberespionage campaign much larger than previously known, Pure Storage is latest Snowflake victim, Light set of fixes for Patch Tuesday, JetBrains warns of critical vulnerability, TellYouThePass gang exploits PHP RCE, Threat actors impersonate GitHub's teams, Adobe vows to never train on AI, much more
UK and Canada Launch Joint Probe Into 23andMe Breach While District Judge Says Bankruptcy Is Imminent
Mandiant confirms that lack of customer MFA caused Snowflake breaches, Apple introduces Private Cloud Compute and password app at WWDC 2024, Microsoft and Google will offer rural hospitals free or discounted cybersecurity services, Hackers steal $20m from UwU in ongoing exploit, ShinyHunters disappears sparking rumors of arrest, Japan's streaming website niconico halted by cyberattack, US and Poland join forces to fight Russian disinformation, Arm warns of vulnerability, Top law firm sued over MOVEit breach, Fortinet to buy Lacework, much more
It's Unclear How Many LockBit Victims Are Covered by the FBI's 7,000 Decryption Keys
Microsoft makes changes to Recall following searing criticism, Lending Tree latest victim of data theft from Snowflake service, NYT source code leaked on 4chan, Cleveland shutters City Hall following a cyber incident, 'Hacktivists' are DDoS'ing European political parties, NHS appeals for blood donors following Qilin hospital attacks, London police arrest two alleged smishing blasters, Researchers find millions of malicious VSCode extensions, CoinGecko suffers another breach, Norway recouped $6m from Axie Infinity breach, so much more
Best Infosec-Related Long Reads for the Week of 6/1/24
FBI-controlled encrypted phones took down drug kingpins, Open source investigator Bellingcat evolves as falsified information surges, Drone police pose a dilemma for poor residents, Twitter deplatforming reduced misinformation and disinformation, Fact-based inoculation needed to reduce misinformation, AI chop shop produced mounds of error-ridden 'news' articles
Fears Over Recall Feature Deepen After Researcher Knocks Down Microsoft's Last Remaining Defense
500 Snowflake credentials found linked to info-stealing malware, FCC launches BGP NPRM, Ukrainian man busted thanks to Operation Endgame, New campaign seeks to steal Ukrainian military info, Panasonic Australia hit by Akira ransomware attack, Daixin Team claims ransomware attack on city of Dubai, Third-party breach exposes 1.9m CoinGecko users, much more
Israel Launched Covert Gaza War Influence Campaign to Target US Lawmakers and Public
NoName targeted General Dynamics subsidiary supplying tanks to Ukraine, Alleged human smuggler stalked wife using AirTags, Club Penguin fans swiped Disney internal corporate data, Threat actors are allegedly selling Advanced Auto Parts data stolen during Snowflake breach, 22 Chinese nationals plead guilty to internet fraud, Chinese campaign targets SE Asian government, FBI has over 7,000 LockBit decryption keys, much more
London Hospitals Grind to a Halt After Qilin Ransomware Group Hits Pathology Provider Synnovis
TikTok fixes zero-day after two high-profile accounts targeted, MediSecure slides into bankruptcy following ransomware attack, Medibank faces theoretical trillions in fines for 2022 cyberattack, Important rare-earth mine hit by Bian Lian ransomware group, GhostR claims ransomware attack on Oz freight logistics firm, Judge orders Canadian insurance firm to pay $15,000 per customer for cyberattack, US seeks extradition of hack-for-hire private investigator, Four people busted for seeking to sabotage Interpol system, Russian supermarket chain hit by a cyberattack, Ethical hacker releases tool to extract data collected by Microsoft's Recall, so much more
Leaked Database Reveals Thousands of Google Privacy and Security Issues
Security firms join Snowflake in denying culpability in major breaches, Trader blames Binance for $1m loss in hacking scam, Cox fixes auth bypass flaw in modems, BC says foreign threat actor hit 22 government email inboxes, Russia uses AI and propaganda in Olympics disinformation campaign, DOJ charges two in elder fraud campaign, Over 350m stolen emails collected from Telegram added to HIBP, much more
Snowflake Cloud Provider is Ground Zero for Breach Blast That So Far Includes Ticketmaster, Santander and Ticketek
Germany's CDU party takes IT assets offline following cyberattack, Japanese crypto exchange lost $308m, Crypto hacking thefts reached $385m in May, Hugging Face's Spaces was hacked, Spanish cops break up illegal streaming network, Wyden urges regulators to hold UHG negligent for ransomware attack, much more