Tag: hacking
-
Microsoft moves to disrupt hacking-as-a-service scheme that’s bypassing AI safety measures
The defendants used stolen API keys to gain access to devices and accounts with Microsoft’s Azure OpenAI service, which they then used to generate “thousands” of images that violated content restrictions. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-generative-ai-lawsuit-hacking/
-
Microsoft moves to disrupt hacking-as-a-service scheme that’s bypassing AI safety measures
The defendants used stolen API keys to gain access to devices and accounts with Microsoft’s Azure OpenAI service, which they then used to generate “thousands” of images that violated content restrictions. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-generative-ai-lawsuit-hacking/
-
Japan says Chinese hackers targeted its government and tech companies for years
The years-long hacking spree targeted government organizations as well as companies across Japan. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/08/japan-says-chinese-hackers-targeted-its-government-and-tech-companies-for-years/
-
Thousands of credit cards stolen in Green Bay Packers store breach
American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/thousands-of-credit-cards-stolen-in-green-bay-packers-store-breach/
-
UN aviation agency confirms recruitment database security breach
The United Nations’ International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/un-aviation-agency-confirms-recruitment-database-security-breach/
-
New Labels Will Help People Pick Devices Less at Risk of Hacking
The US government is rolling out a consumer labeling system designed to help Americans pick smart devices that are less vulnerable to hacking. The post New Labels Will Help People Pick Devices Less at Risk of Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-labels-will-help-people-pick-devices-less-at-risk-of-hacking/
-
China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks
China has slammed a decision by the US Treasury to sanction a Beijing-based cybersecurity company for its alleged role in multiple hacking incidents targeting critical infrastructure. The post China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/china-protests-us-sanctions-for-its-alleged-role-in-hacking-complains-of-foreign-hacker-attacks/
-
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-dayGenerative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
-
CISA Investigates Chinese Hacking of Treasury Department
US Cyber Defense Agency Confirms Role in Federal Probe Following ‘Major Incident’. The Cybersecurity and Infrastructure Security Agency is working closely with the Treasury Department in an ongoing investigation to determine the full scale and scope of a Chinese-linked hack targeting key offices tasked with sanctions enforcement, the agency confirmed Monday. First seen on govinfosecurity.com…
-
China’s Hacking of US Telecoms: Officials Name More Victims
Reportedly Hacked: Charter Communications, Consolidated Communications, Windstream. The nine known victims of a broad and significant cyberespionage campaign the White House has tied to China reportedly include Charter Communications, Consolidated Communications and Windstream, as officials said the hackers’ earliest known telecom network penetration began in mid-2023. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinas-hacking-us-telecoms-officials-name-more-victims-a-27222
-
Thousands of BeyondTrust Systems Remain Exposed
Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say — though it’s impossible to tell how many are still vulnerable. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/thousands-of-buggy-beyondtrust-systems-still-exposed
-
US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure
The US Treasury has sanctioned Chinese company Integrity Technology for supporting state-sponsored group Flax Typhoon in hacking US critical infrastructure. The post US Sanctions Chinese Firm Linked to Flax Typhoon Attacks on Critical Infrastructure appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-sanctions-chinese-firm-linked-to-flax-typhoon-attacks-on-critical-infrastructure/
-
U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims.These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or First seen on…
-
U.S. Treasury Sanctions Beijing Cybersecurity Firm for State-Backed Hacking Campaigns
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims.These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or First seen on…
-
US sanctions Chinese cyber firm linked to Flax Typhoon hacks
U.S. officials say the sanctioned Chinese firm provided botnet infrastructure for the China-backed hacking group Flax Typhoon First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/03/us-sanctions-chinese-cyber-firm-linked-to-flax-typhoon-hacks/
-
US Sanctions Beijing Company for Flax Typhoon Hacking
Integrity Technology Group Built Botnet for Chinese Hackers, US Treasury Says. The Department of Treasury blacklisted Integrity Technology Group, declaring transactions with the company to be off-limits for U.S. financial institutions and persons. The effect will likely have more symbolic than actual disruptive effect. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/us-sanctions-beijing-company-for-flax-typhoon-hacking-a-27209
-
US sanctions Chinese company linked to Flax Typhoon hackers
The U.S. Treasury Department has sanctioned Beijing-based cybersecurity company Integrity Tech (also known as Yongxin Zhicheng) for its involvement in cyberattacks attributed to the Chinese state-sponsored Flax Typhoon hacking group. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-sanctions-chinese-company-linked-to-flax-typhoon-hackers/
-
In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury
Noteworthy stories that might have slipped under the radar: location data of 800,000 electric Volkswagen cars leaked, DoubleClickjacking attack, China denies hacking US Treasury. The post In Other News: Volkswagen Data Leak, DoubleClickjacking, China Denies Hacking US Treasury appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-volkswagen-data-leak-doubleclickjacking-china-denies-hacking-us-treasury/
-
US Soldier Arrested in Verizon, AT&T Hacks
Wagenius posted about hacking more than 15 telecom providers on the Telegram messaging service. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/us-soldier-arrested-in-verizon-at-t-hack
-
Volkswagen Breach Exposes Data of 800K EV Customers
Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company’s VW, Audi, Seat, and Skoda brands. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/volkswagen-breach-exposes-data-of-800k-customers
-
US soldier linked to Trump call log hack arrested in Texas
Court documents unsealed Monday show that US authorities have arrested a 20-year-old soldier, Cameron John Wagenius, charged with two counts of selling or attempting to sell confidential phone records without the customer’s authorization.But behind the scant details provided in the charge sheet submitted to the US District Court for the Western District of Washington at…
-
US Treasury Department workstations breached in attack attributed to China
Tags: access, advisory, apt, attack, banking, ceo, china, cloud, cybersecurity, government, hacking, infrastructure, intelligence, microsoft, russia, saas, service, supply-chain, threat, update, vulnerabilityThe US Department of the Treasury revealed on Monday that an attacker was able to bypass security, access an undisclosed number of Treasury workstations, and steal “certain unclassified documents,” in what it called a “major cybersecurity incident”.In a letter to the US Senate’s Committee on Banking, Housing and Urban Affairs, the Treasury Department said that…
-
Hacking campaign compromised at least 16 Chrome browser extensions
Threat actors compromised at least 16 Chrome browser extensions leading to the exposure of data from over 600,000 users. A supply chain attack compromised 16 Chrome browser extensions, exposing over 600,000 users. Threat actors targeted the publishers of the extensions on the Chrome Web Store via phishing messages, then once obtained access to their account…
-
China-linked actors hacked US Treasury Department
China-linked threat actors breached the U.S. Treasury Department by hacking a remote support platform used by the agency. China-linked threat actors breached the U.S. Treasury Department via a compromised remote support platform. The Treasury Department discovered the security breach on December 8th from its vendor BeyondTrust, according to a letter to lawmakers. BeyondTrust provides Privileged…
-
LLMs Crack the Code: 95% Success Rate in Hacking Challenge
A recent study demonstrates the transformative potential of large language models (LLMs) in offensive cybersecurity tasks. Researchers Rustem Turtayev, Artem Petrov, Dmitrii Volkov, and Denis Volk have achieved a record-breaking... First seen on securityonline.info Jump to article: securityonline.info/llms-crack-the-code-95-success-rate-in-hacking-challenge/
-
ATT and Verizon Hacked Salt Typhoon Compromised The Network For High Profiles
AT&T and Verizon Communications, two of America’s largest telecommunications providers, have confirmed they were targeted by the China-linked Salt Typhoon hacking operation, though both companies now report their networks are clear of the intrusion. In a statement released Saturday, Dallas-based AT&T revealed that hackers attempted to gather foreign intelligence information. The company emphasized that >>a…
-
A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says
A top White House official said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign. The post A 9th Telecoms Firm Has Been Hit by a Massive Chinese Espionage Campaign, the White House Says appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/a-9th-telecoms-firm-has-been-hit-by-a-massive-chinese-espionage-campaign-the-white-house-says/
-
White House links ninth telecom breach to Chinese hackers
A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/white-house-links-ninth-telecom-breach-to-chinese-hackers/