Twitter says it will turn off SMS second-factor authentication for all but paying customers starting March 20 in a decision provoking concerns that many customers will be less secure than before. Twitter says 2.6% of active Twitter accounts have activated second-factor authentication.
Nearly a year after Russia's invasion began, Ukraine's top cybersecurity response center says the number of registered cyber incidents has increased threefold and malware attacks have been the predominant force in the increase. Overall, Ukraine identified 181 million "suspicious" events in 2022.
Hyundai and Kia are rolling out a software update aimed at stopping an outbreak of car thefts caused by a trend on social media app TikTok. The "Kia Challenge" went viral in mid-2022 after users discovered how to steal certain cars using a screwdriver and a male USB Type A connector.
A cryptocurrency service that North Korean hackers used to launder stolen funds and that was sanctioned by the U.S. Department of the Treasury appears to have resumed as "Sinbad." It has laundered almost $100 million in bitcoin from hacks by Lazarus Group, says blockchain analysis firm Elliptic.
A previously unknown, self-proclaimed politically-motivated hacking group disrupted Israel's Technion University following a Sunday ransomware attack. Attackers, going under the name "DarkBit," took credit for the attack in a Telegram post accusing Technion of serving "an apartheid regime."
Revenue at dark web illicit marketplaces plummeted in 2022 following seizure by U.S. and German police last spring of what was then the world's largest online bazaar for illegal goods and services. Three markets have jockeyed for dominance following Hydra's collapse: OMG!OMG!, Blacksprut and Mega.
U.S. wireless telecom UScellular, a regional carrier serving roughly 5 million customers, says a data breach at a third-party vendor resulted in a leak of 52,000 names and email addresses. The company confirmed that data from the leak is available for download on a criminal data breach forum.
Ukrainian and Polish cyber defenders are warning against a slew of phishing websites that mimic official sites, in particular a page that mimics the Ministry of Foreign Affairs of Ukraine. A hacking group likely comprised of Russian speakers uses the pages to lure users into downloading software.
While malicious wipers have stolen most of the headlines in the Russia-Ukraine cyberwar, investigators say Russians are now using modified GammaLoad and GammaSteel info stealer malware to spy on compromised government employee accounts and avoid detection. The attack begins with a phishing email.
Security researchers say they found the Russian intelligence-linked Sandworm threat actor deploying a novel disk wiper against an energy sector company located in Ukraine. Data wipers have played a key role in Russia's hacking campaign against Ukraine.
Ukraine traced a cyberattack that delayed a press briefing by the nation's information protection agency Tuesday to Russian Sandworm hackers. The group, which is accused of using wiper malware to disrupt the Ukrainian national Media Center, has close ties to the Russian GRU, investigators say.
A pro-Kremlin hacking group with a history of launching distributed denial-of-service attacks took its annoyance tactics to Germany following Berlin's announcement that it will ship Leopard 2 battle tanks to Ukraine's front lines. A German government spokesperson said the attacks had minimal effect.
A North Korean hacking group tracked by cybersecurity firm Proofpoint as TA444 in December unleashed a torrent of spam in a bid to harvest credentials - evidence of a hacking group that mirrors "startup culture in its devotion to the dollar and to the grind."
Android malware highlighted by Dutch cybersecurity firm ThreatFabric shows the line between a banking Trojan and advanced spyware. The Trojan, dubbed Hook, can take a screenshot, simulate clicks and input swipe gesture commands. It can also take control of WhatsApp.
Australia started operating an international ransomware task force to facilitate information sharing and best practices worldwide. “Recent cyber incidents in Australia and around the globe are a stark reminder of the insidious nature of ransomware," said Minister for Home Affairs Clare O'Neil.