Attack

Microsoft has linked a USB-based worm malware, referred to as Raspberry Robin, to attacks executed by Russian hacking group EvilCorp. Microsoft explained in a recent report that on July 26, 2022, its researchers discovered “FakeUpdates malware being delivered via existing Raspberry Robin infections”. The FakeUpdates malware associated with DEV-0206 is a malvertising access broker that poses as a software or browser update and tricks victims into clicking on it. This then allows the bad actors to gain access to profile networks via a JavaScript file stored inside a Zip file, which downloads when the false update is clicked. As JavaScript…

In July of this year, three prominent gaming sites – Roblox, Neopets and Bandai Namco – were hit by data breaches within three weeks of each other. Roblox had 4GB of player data stolen, the data of up 69 million players was exposed in the Neopets leak and Bandai Namco, which publishes titles such as Elden Ring, Tekken and Dark Souls, confirmed that a bad actor had gained unauthorized access to sever group companies’ internal systems. Here, CS Hub explores why gaming sites are such a target for hacks and data breaches. Hackers target gamers to gain login credentials Electronic Sports…

A ransomware attack on a medical billing vendor has affected patients from 27 healthcare organizations Add bookmark A ransomware attack on New York-based healthcare billing company, Practice Resources (PRL), has exposed the data of more than 942,000 patients from 27 hospitals and physician's offices. The breach was confirmed via a submission to the US Department of Health and Human Services Office for Civil Rights (HHS), which detailed that PRL had suffered a “hacking/IT incident” involving the network server that affected 942,138 individuals. According to a notice posted online by the California Attorney General’s office, the breach was due to a…

GitHub, a code repository which is used by more than 83 million developers across the globe, has been the victim of a supply chain attack. I am uncovering what seems to be a massive widespread malware attack on @GitHub.- Currently over 35k repositories are infected- So far found in projects including: crypto, golang, python, js, bash, docker, k8s- It is added to npm scripts, docker images and install docs pic.twitter.com/rq3CBDw3r9 — Stephen Lacy (@stephenlacy) August 3, 2022 The attack was discovered on the morning of 3 August by software developer Stephen Lacy and involved a bad actor cloning and adding…

Phishing attack on Twilio targets almost 2,000 Signal users Add bookmark Instant messaging service Signal has announced that around 1,900 users may have had their phone numbers revealed to hackers due to a phishing attack on communications API developer Twilio. Twilio provides Signal with phone number verification services. During the attack, a hacker gained unauthorized access to Twilio’s customer support console, allowing them to view phone numbers that were registered to a Signal account and the SMS verification code used to register it. The bad actor then may have attempted to re-register their number to a different device or linked…

Cryptocurrency firm Nomad has reported a loss of $190m following a bridge hack and has offered a bounty to ‘white hat’ hackers who can return it Add bookmark US-based cryptocurrency firm Nomad has confirmed that US$190m worth of cryptocurrency has been stolen via a hack of the Nomad token bridge.  The theft was confirmed in a tweet by Nomad on 1 August. In a tweet on 2 August, Nomad said it was “working around the clock to address the situation” and has “notified law enforcement and retained leading firms for blockchain intelligence and forensics”. It added its goal was to…

Communications API developer Twilio has been the victim of a data breach following an SMS-based phishing attack. The attack took place on 4 August,  when a bad actor gained unauthorized access to information regarding a number of Twilio customer accounts via an SMS-based social engineering attack. The attack was designed to trick employees into providing their employee credentials. The stolen information was then used to gain access to Twilio’s internal systems, allowing them to access customer data. The text messages sent to employees appeared to be from the company’s IT department, and told victims that their passwords had expired, or…

Following a database breach that affected up to 400 customers, Marriott International announced that it had been the result of a hacking technique called social engineering.   In this article, CS Hub explains what social engineering is and how companies can guard against this manipulative threat? What is social engineering? Social engineering is an attack vector that uses psychological manipulation in order to convince a human agent to either divulge classified information or perform actions on the hacker’s behalf. It relies on human error rather than software vulnerabilities.  While social engineering can encompass a range of tactics, they all include…

Update, July 28th 2022: this article has been edited to reflect the fact the US Attorney’s office filed a notice of dismissal for the three wire fraud charges against Joe Sullivan on July 27th. Uber has formally admitted to covering up a major data breach which exposed the personal information of 57 million users in November 2016 as part of a non-prosecution agreement with the US Department of Justice (DOJ). According to federal prosecutors in the US, between 2015 to 2017, the Federal Trade Commission (FTC) investigated Uber regarding its data practices, and during this investigation required disclosure of any…

Social media site Twitter has allegedly suffered a data breach of over 5.4 million accounts that are now for sale on a hacking forum. The hacker, who goes by the alias ‘devil’, claimed in a post on Breach Forums that the data stolen includes email addresses and phone numbers from “celebrities, companies, randoms, OGs, etc.” ‘OGs’ refers to Twitter handles that are either short, comprising of one or two letters, or a desirable word, like a first name.  Devil is reportedly will not be accepting offers “lower than [$30,000]” for the database. The hacker also shared a sample of the…