Cyber Attacks, Threats, and Vulnerabilities
South Korean industrial giants slammed in active info-stealing APT campaign (ZDNet) Over 200 companies are reported as victims of the covert cyberespionage effort.
Industrial Cyber-Espionage Campaign Targets Hundreds of Companies (BleepingComputer) Hundreds of industrial companies are currently the targets of cyber-espionage activity from an advanced threat actor. The adversary uses a new version of an older info-stealer to extract sensitive data and files.
'Gangnam Industrial Style' campaign targets industrial firms with phishing emails and Separ malware (Computing) New North Korea-linked campaign has already compromised at least 200 systems belonging to industrial companies across the world
Gangnam Industrial Style: APT Campaign Targets Korean Industrial Companies (CyberX) Section 52, CyberX’s threat intelligence team, has uncovered an ongoing industrial cyberespionage campaign targeting hundreds of manufacturing and other industrial firms primarily located in South Korea. The campaign steals passwords and documents which could be used in a number of ways, including stealing trade secrets and intellectual property, performing cyber reconnaissance for future attacks, and …
This China-linked espionage group keeps trying to hack the Cambodian government (CyberScoop) Rancor has tried to break into the network of an unnamed Cambodian government organization and deploy their custom malware, according to Palo Alto Networks.
ScreenConnect MSP Software Used to Install Zeppelin Ransomware (BleepingComputer) Threat actors are utilizing the ScreenConnect (now called ConnectWise Control) MSP remote management software to compromise a network, steal data, and install the Zeppelin Ransomware on compromised computers.
Sneaker Bots: a Deep Dive (PerimeterX) Explore how sneaker bots work, what methods they use, what a real attack looks like, the damage they cause and how to protect your e-commerce website from them.
Vulnerability Found in TP-Link’s Archer Routers, Now Fixed (CISO MAG) TP-Link’s Archer Router series which is capable of handling high-speed online traffic had a vulnerability that if exploited, could allow hackers to bypass the admin passwords and remotely take control of the devices over the LAN.
LifeLabs Data Breach Exposes Personal Info of 15 Million Customers (BleepingComputer) Canadian clinical laboratory services provider LifeLabs has announced a data breach that exposed the personal information for up to 15 million Canadians after an unauthorized user gained access to their systems.
Canadian lab test provider pays ransom to secure hacked data (Washington Post) The Canadian lab test provider LifeLabs says it paid a ransom to secure data for customers that was stolen in a data breach in late October
What cyberattacks on companies like LifeLabs can mean for you (British Columbia) It’s like an accident out of a blue. Through no fault of your own, you suddenly find you owe thousands of dollars – if not more.
Consulting Firm Accidentally Doxxed Thousands of Employees at America’s Top Defense Contractor (The Daily Beast) “If it’s available on the internet, the safe money is on the bad guys finding it,” said Andrew Grotto, a former senior cybersecurity official in the Obama White House.
RSA Keys Found in IoT Medical Devices, Implants Prone to Attack (HealthITSecurity) Keyfactor discovered a vulnerability in the RSA keys and certificates that puts the devices at risk of cyberattack or malfunctioning: one out of every 172 active certificate could be compromised.
FBI Warns of Risks Behind Using Free WiFi While Traveling (BleepingComputer) The U.S. Federal Bureau of Investigation recommends travelers to avoid connecting their phone, tablet, or computer to free wireless hotspots while traveling during the holiday season.
Hackers Could Use Smart Displays to Spy on Meetings (Wired) By exploiting flaws in popular video conferencing hardware from DTEN, attackers can monitor audio, capture slides—and take full control of devices.
Process Hollowing: Hacker's New Technique for Monero Mining (CISO MAG | Cyber Security Magazine) Since early November hackers have started using Process Hollowing, a new technique for Monero mining whose malicious intent goes undetected until triggered.
Cobots too easy a target for ransomware, alerts Alias Robotics (eeNews Europe) Urging industrial robots manufacturers to implement efficient cybersecurity measures, security researchers from Spanish startup Alias Robotics have demonstrated a Proof of Concept attack consisting in ransomware specifically aimed at industrial collaborative robots.
Industrial robot ransomware: Akerbeltz (eeNews Europe) Cybersecurity lessons have not been learnt from the dawn of other technological industries. In robotics, the existing insecurity landscape needs to be addressed immediately. Several manufacturers profiting from the lack of general awareness are systematically ignoring their responsibilities by claiming their insecure (open) systems facilitate system integration, disregarding the safety, privacy and ethical consequences that their (lack of) actions have. In an attempt to raise awareness and illustrate the ”insecurity by design in robotics” we have created Akerbeltz, the first known instance of industrial robot ransomware. Our malware is demonstrated using a leading brand for industrial collaborative robots, Universal Robots.
Siemens SPPA-T3000 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.8
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Siemens
Equipment: SPPA-T3000
Vulnerabilities: Improper Authentication, Cleartext Transmission of Sensitive Information, Unrestricted Upload of File with Dangerous Type, Heap-based Buffer Overflow, Integer Overflow or Wraparound, Out-of-bounds Read, Improper Access Control, Stack-based Buffer Overflow, SFP Secondary Cluster: Missing Authentication, Deserialization of Untrusted Data, Information Exposure, Cleartext Transmission of Sensitive Information
GE S2020/S2020G Fast Switch 61850 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 4.6
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: GE
Equipment: GE S2020/S2020G Fast Switch 61850
Vulnerability: Cross-site Scripting
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow an attacker to inject arbitrary code and allow disclosure of sensitive data.
We Tested Ring’s Security. It’s Awful (Vice) Ring lacks basic security features, making it easy for hackers to turn the company's cameras against its customers.
Consumer groups issue product warning for Amazon Ring after latest video hack (Vox) This is only the latest controversy for the video doorbell company.
Alexa, Google Home Eavesdropping Hack Still Exists (Threatpost) Researchers say that Amazon and Google need to focus on weeding out malicious skills from the getgo, rather than after they are already live.
Ransomware Hit Over 1,000 U.S. Schools in 2019 (BleepingComputer) Since January, 1,039 schools across the U.S. have been potentially hit by a ransomware attack after 72 school districts and/or educational institutions have publicly reported being a ransomware victim according to a report from security solutions provider Armor.
Cybercriminals Found a Scary New Way of Making Hacked Companies Pay Ransom (Vice) Ransomware is spreading like wildfire in the U.S., and one gang is threatening infected companies with mass data exposure if they don't pay up.
Name and claim: data exposure website used as threat tactic by ransomware gang (SC Magazine) Data ransomers have created a public website to expose data and named recent victim companies that chose to rebuild their operations instead of paying up
Four U.S. cities attacked by ransomware this month (CBS News) Florida, New Orleans and California faced cyberattacks that crippled some city government systems in December.
St. Lucie County Sheriff's Office hit by cyber attack (WPEC) The FBI is now working with the St. Lucie County Sheriff's Office to get its computer network back online. The sheriff's office said much of it has been disconnected due to a cyber attack that was discovered early Tuesday morning. 911, emergency services, and dispatch are still online and deputies are carrying out their duties, according to Sheriff Ken Mascara. But the sheriff's office is using paper for recording keeping and day-to-day business.
Cyber-sleuths: Ransomware used in New Orleans attack likely tied to organized crime (NOLA.com) While New Orleans officials remain tight-lipped about a cyber-attack that has hobbled city government since Friday, cyber-sleuths have homed in on the likely weapon: Ryuk, a menacing breed of “ransomware”
New Orleans cyberattack: Recovery process will last week or more, FBI aiding investigation (NOLA.com) New Orleans officials said Monday they are ready to begin scrubbing thousands of city computers as they continue probing whether confidential information was breached in a cyberattack Friday that forced
Update on New Orleans City Hall cyber-attack (WGNO) Update on New Orleans City Hall cyber-attack
Hackers hit Galt with ransomware attack, downing city employee phones and email, police say (Sacramento Bee) The city of Galt says it was hit by a “ransomware” cyberattack Monday morning, with hackers demanding an unknown ransom amount.
5 things you need to know about the cyberattack on the city of Galt (KCRA) A Sacramento County community is the victim of a cyberattack after hackers got into Galt's computer system, shutting down its network and phone lines.
Cool Ideas hit by big DDoS attack (My Broadband) Cool Ideas is currently experiencing another major DDoS attack which is affecting the connectivity of its customers across South Africa.
'Shocking': Parents and MSP angry at 'humiliating' pupil data breach (The National) PARENTS and their MSP have condemned the exposure of the sensitive personal details of more than 50 pupils to more than 200 others.
Problems continue for Tidelands Health after ‘malware incident’ (WBTW) Some patients who use Tidelands Health services are still experiencing issues following last week’s network virus. Tidelands Health posted an update on social me…
Within two hours someone (or something) tried to make a purchase on stolen credit card data (SC Magazine) Security researcher finds that financial data doesn't get left alone too long on the darkweb. Hackers test out credit card data found on the dark web in a little over two hours, according to a security researcher.
The hacker behind your company's data breach may be sitting right in the next cubicle (CNBC) Companies hacked in the last 18 months say half these incidents were an inside job, according to the 2019 Global Data Exposure Report. Despite this alarming trend, even tech companies are ill-prepared, reveals the Q4 CNBC Technology Executive Council Survey released Tuesday.
Venmo Glitch Opens Window on War Between Banks, Fintech Firms (Wall Street Journal) Fintech companies say they need access to customer account information held by banks and other traditional financial companies. To protect their own turf, banks and brokerage firms have resisted.
Deepfake Bot Submissions to Federal Public Comment Websites Cannot Be Distinguished from Human Submissions (Technology Science) Federal public comment websites currently are unable to detect Deepfake Text once submitted. I created a computer program (a bot) that generated and submitted 1,001 deepfake comments regarding a Medicaid reform waiver to a federal public comment website, stopping submission when these comments comprised more than half of all submitted comments. I then formally withdrew the bot comments.
Hackers Are Breaking Into People's Websites And Injecting Garbage Links To Juice Search Results (BuzzFeed News) Google made the link a valuable commodity, so hackers are compromising sites and then getting paid to inject links.
Putin’s ‘Vulnerable’ Computer: Does The Russian President Really Use Windows XP? (Forbes) Vlad The Updater? Photographs released by Putin's press office suggest that he's still using a Windows XP computer, but military intelligence experts aren't convinced.
Security Patches, Mitigations, and Software Updates
This WhatsApp bug could allow hackers to crash the app and delete group chats forever (ZDNet) Researchers detail security flaw that allowed hackers to crash WhatsApp and permanently delete contents of group chats - and urge users to update the app to protect against attacks.
Google to Restrict App Access to G Suite Accounts (Decipher) Google will limit the ability of LSA to access G Suite accounts starting in June, to protect users from account hijacking attempts. The change is to encourage using apps that rely on OAuth 2.0.
Google removes Avast and AVG extensions from Chrome web store over 'unnecessary' data collection (Computing) Google follows Opera and Firefox in removing Avast and AVG security extensions used by up to 400 million users
Cyber Trends
Kaspersky founder says cyberspace is "not at peace" (ITProPortal) Cyberspace is a mess, and only by joining forces, can we ensure a better future for everyone, Eugene Kaspersky says.
SANS 2019 Threat Hunting Survey: The Differing Needs of New and Experienced Hunters (SANS Institute) The 2019 SANS Threat Hunting Survey gathered current industry data from 575 respondents predominantly from small/medium to medium/large organizations that are working in the field of threat hunting or working alongside threat hunters.
Synack: DevSecOps Being Accelerated by Cultural Shifts (DevOps.com) A recent Synack report shows that some of the world's largest organizations are encountering a significant cultural shift within their development teams.
NetMotion 2020 Predictions (NetMotion Software) With the new year quickly approaching, NetMotion experts outline 2020 predictions within mobility, computing and modern working.
Meet the Mad Scientist Who Wrote the Book on How to Hunt Hackers (Wired) Thirty years ago, Cliff Stoll published The Cuckoo's Egg, a book about his cat-and-mouse game with a KGB-sponsored hacker. Today, the internet is a far darker place—and Stoll has become a cybersecurity icon.
Marketplace
2020 Cybersecurity Survey Salary Results (Cynet) Salary Cybersecurity 2020 the of results the summarizes document following the Survey Salary Cybersecurity conducted on December 2019.
Log us out: Private equity snaffles Lastpass owner LogMeIn (Register) World+dog hunts for new password manager
The Air Force invites the cyber industry to speed date (Fifth Domain) The Air Force wants to hear from small companies about what cyber solutions they might be able to bring to protect data.
Honeywell Buys Rebellion, Boosts Gas Monitoring Portfolio (Nasdaq) In a bid to strengthen its foothold in safety and environmental monitoring solutions, Honeywell International Inc. HON recently announced the buyout of Rebellion Photonics. The terms of the deal were kept under wraps.
Good Cyber Companies Make Money, Says FireGlass Founder (CTECH) Dan Amiga, the co-founder and chief technology officer of cybersecurity startup Fireglass and Yair Cassuto, partner at Pitango Venture Capital spoke Monday at Calcalist’s Cyber 2020 conference
Venafi Adds Three Developers to Machine Identity Protection Development Fund (BusinessWire) Device Authority, The Information Lab & Jamf latest developers to receive fund sponsorship from Venafi's Machine Identity Protection Development Fund
WSJ News Exclusive | Peter Thiel at Center of Facebook’s Internal Divisions on Politics (Wall Street Journal) Facebook’s senior leadership is increasingly divided over how to address criticism of the company’s effect on U.S. politics, with board member and billionaire investor Peter Thiel serving as an influential voice advising CEO Mark Zuckerberg not to bow to public pressure.
IronNet Continues Growth with the Announcement of a Team in Asia/Pacific and Japan (Herald-Mail Media) IronNet Cybersecurity, a leader in collective defense and network traffic analysis, today announced that it has appointed Gaurav Chhiber as Vice President of
Elaine Beitler Joins the ProcessUnity Board of Directors (West) New Appointment Amplifies Vendor Risk Management Momentum
BAE Systems, Inc. Names Tom Arseneault to Become President & CEO (BusinessWire) BAE Systems, Inc. today announced that Tom Arseneault will become president and chief executive officer of BAE Systems, Inc., effective April 1, 2020.
Balbix Appoints Ramki Ramakrishnan as Vice President of Operations to Globalize Distribution and Customer Support (BusinessWire) Balbix appoints Ramki Ramakrishnan as vice president of operations to globalize distribution and customer support.
PeerStream, Inc. Announces Leadership Transition with Appointment of Jason Katz as Chief Executive Officer (West) Alex Harrington, Outgoing CEO, Separates from PeerStream and Steps Down from Board Director Role
Tenable hires former Homeland Security official to push cyber growth (Baltimore Business Journal) Tenable is looking to get a leg up on the competition in a key part of the cybersecurity market.
Defense Industry Executive Boyd Brown Joins TrapX Security as DSO (EnterpriseTalk) TrapX Security, the global leader in cyber deception technology, announced that Defense Industry Executive Boyd Brown has joined as its Deception Strategy Officer
Products, Services, and Solutions
Checkmarx Recognized as AWS Provider of Application Security Testing Solutions for Public Sector (BusinessWire) Checkmarx, a global leader in software security solutions for DevOps, today announced that it has been accepted into the Amazon Web Services (AWS) Pub
IGEL and Ericom Software Expand Partnership to Modernize the Endpoint in Terminal Emulation for Legacy Applications (PR Newswire) IGEL, provider of the next-gen edge OS for cloud workspaces, and Ericom Software, a leader in secure web and application access solutions,...
Remediant’s SecureONE Now Allows Secure Just-In-Time Privileged Access to Offline Systems and Enhanced Protection of Administrative Account Access (West) The company continues to evolve Privileged Access Management with new SecureONE headline features
Netography Introduces OpsChannel a New Collaborative Command Line Interface Technology for Collaboration Software (BusinessWire) Netography introduces Netography® OpsChannel, a Collaborative Command Line Interface and new patent-pending technology.
FileCloud Unveils Complete California Consumer Privacy Act Compliance Support for Organizations (BusinessWire) FileCloud, a cloud-agnostic enterprise file sync and sharing platform, today announced complete California Consumer Privacy Act (CCPA) compliance supp
The Ministry of Education and Culture and the SisuID pilot − Improving International Student Application Process with Digital Identities (Cision) The Ministry of Education and Culture in Finland participated in the SisuID pilot in order to improve the application and immigration processes of international students. With the SisuID, international students can use a strong authentication before they even arrive in Finland.
Google unveils BeyondProd framework for implementing cloud-native security (SiliconANGLE) Following the success of its BeyondCorp framework for network access, Google LLC is pitching another model its adopted for securing its cloud-native information technology architecture.
Newest Release of Thycotic Secret Server Addresses Scalability and Performance Needs of Large Enterprises (PR Newswire) Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100, today...
Deloitte's Resilient Podcast Introduces Cyber Series (PR Newswire) Since its launch in 2016, Deloitte's "Resilient" podcast series sets out to tell real stories about challenges, triumphs and resilience of...
Cyware Labs Achieves ISO 27001 Certification for Information Security Management Controls (BusinessWire) Cyware Labs today announced that it has achieved International Standards Organization (ISO) 27001 certification upon their first attempt.
OpenText and Lastline Enhance Analysis of Advanced Malware. (PR Newswire) Lastline®, the leader in AI-powered network detection and response, today announced a Technology Alliance Partnership with OpenText™, a global...
Telenet Selects Infradata and BroadForward to Enable Converged Signaling Firewall Solution (PR Newswire) Infradata and BroadForward are proud to announce to have been selected by Telenet to implement a converged signaling firewall solution. The...
Technologies, Techniques, and Standards
Incident Response lessons from recent Maze ransomware attacks (Talos Blog) This year, we have been flooded with reports of targeted ransomware attacks. Whether it's a city, hospital, large- or medium-sized enterprise — they are all being targeted.
Where is Your Threat Perimeter? (Silicon UK) As de-perimeterisation continues apace, CIOs, CTOs and CISOs must all radically alter how they approach their threat perimeter security.
Cybersecurity: Chernobyl and its Cyber Lessons (Security Boulevard) Looking at cybersecurity through the lens of a nuclear disaster can help your organization be more prepared when emergencies arise.
OTRS Group gives six tips for safe on-line purchasing (OTRS Group) As is well known, online shops are booming at Christmastime. Instead of waiting in long queues forever, gifts are quickly bought online with a click of the mouse.
The Evolution of “Next-Generation” Manufacturing and the Need for Network Security (MixMode) The new MixMode & RAVENii whitepaper, “The Evolution of ‘Next-Generation’ Manufacturing and the Need for Network Security,” is a comprehensive look at how third-wave AI is improving modern network security across connected manufacturing networks and beyond.
Battalion helping shape Army tactical capabilities in the information environment (DVIDS) The U.S. Army activated the 915th Cyberspace Warfare Battalion (CWB) in May 2019 to help meet the Army’s current and projected tactical Cyberspace Electromagnetic Activities (CEMA) requirements.
IDF holds surprise cyber defense drill simulating critical systems shutdown (Times of Israel) Wednesday's exercise is the third unannounced inspection of the military's readiness under army chief Aviv Kohavi
Design and Innovation
Exclusive: Facebook adding part-time fact-checkers to root out misinformation (Axios) Facebook will hire the "community reviewers" through a third-party contractor called Appen.
Exclusive: Facebook funding Reuters deepfakes course for newsrooms (Axios) Facebook is spending six figures to fund a course on manipulated media and deepfakes for newsrooms,
Academia
AF Academy cadet wins big at cyber competition (United States Air Force Academy) Cadet Sears Schulz says academic foundation at AF Academy helped him grab top prize
Legislation, Policy, and Regulation
Trump administration puts final touches to rules limiting sensitive tech exports to rivals (Computing) First batch of rules expected to touch involve just a few technologies, such as quantum computing and AI
US introduces further rules to damage Huawei reputation (Telecoms.com) The US Energy and Commerce Committee has almost introduced rules to reinforce the ban on Huawei contributing components, products or services to communications infrastructure.
With or without Huawei? German coalition delays decision on 5G rollout (Reuters) Chancellor Angela Merkel's conservatives and their Social Democrat partners...
Analysis | Can Germany Really Afford to Ban Huawei? (Washington Post) Even without the threat of retaliation, the country’s 5G roll-out depends intimately on the Chinese company’s technology.
Czech cybersecurity chief fired amid Huawei security dispute (South China Morning Post) Sacking of Dusan Navratil adds to European controversies over Chinese technology giant.
Czech security chief's sacking had nothing to do with Huawei (Axios) The Czech cybersecurity agency likely to stay hawkish on China tech
Analysis | The Cybersecurity 202: Congress peels back secrecy to review Trump hacking policy (Washington Post) Lawmakers battled to see the policy for over nine months.
The DHS cyber agency gets massive funding boost (Fifth Domain) Take a look at what Congress wants the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency to do as it looks to consolidate its clout as the federal cybersecurity leader.
Bipartisan Portman-Hassan Legislation to Strengthen Public and Private Sector Cybersecurity Efforts Included in Government Funding Agreement (Office of Senator Rob Portman) Bipartisan legislation introduced by U.S. Senators Rob Portman (R-OH) and Maggie Hassan (D-NH) to bolster cybersecurity in the public and private sector is expected to be signed into law as part of the final bipartisan budget agreement to fund the government for the next fiscal year.
Bill Spells Outs Steps to Help Schools With Cybersecurity (BankInfo Security) Following a series of high-profile ransomware attacks and other cyber incidents over the last year, two U.S. senators have introduced a bill designed to help
DHS Was Finally Getting Serious About Cybersecurity. Then Came Trump. (POLITICO) Secretary Kirstjen Nielsen came in with the potential to be the most effective cyber leader in agency history—only to be sideswiped by the president’s fixation on the Mexican border.
Give DoD a little credit for its cyber certification program | Federal News Network (Federal News Network) The Cybersecurity Maturity Model Certification program is moving fast but in a transparent manner.
Lawmakers skeptical of Army’s plan for tactical servers (C4ISRNET) A final bill from both houses of Congress only cuts $10 million to Army server technologies after an earlier draft cut nearly $46 million.
NYC Mayor’s Aides Communicate in Encrypted Messages (Wall Street Journal) Aides to New York City Mayor Bill de Blasio have exchanged messages via Signal, an encrypted-messaging app. Good-government advocates warn such apps can be used to hide records and communications from the public.
Litigation, Investigation, and Law Enforcement
In Re Accuracy Concerns Regarding FBI Matters Submitted to the FISC (US Foreign Intelligence Surveillance Court) This order responds to reports that personnel of the Federal Bureau of Investigation(FBI) provided false information to the National Security Division (NSD) of the Department of Justice, and withheld material information from NSD which was detrimental to the FBI' s case, in connection with four applications to the Foreign Intelligence Surveillance Court (FISC) for authority to conduct electronic surveillance of a U. S. citizen named Carter W. Page. When FBI personnel mislead NSD in the ways described above, they equally mislead the FISC.
Court Orders F.B.I. to Fix National Security Wiretaps After Damning Report (New York Times) In a rare public order, the secretive Foreign Intelligence Surveillance Court responded to problems with the eavesdropping on a former Trump campaign aide uncovered by an inspector general.
Surveillance court demands answers from FBI for errors, omissions in Trump campaign investigation (Washington Post) The court says the FBI conduct is ‘antithetical’ to how the foreign intelligence surveillance program is supposed to work.
FISA Court Issues Rare Public Order Condemning FBI for Russia Probe Abuses and Demanding Reforms (National Review) The Foreign Intelligence Surveillance Court condemned the FBI for the errors and omissions in its application to surveil Trump-campaign adviser Carter Page.
Judge Rules in Favor of US Effort to Take Snowden Book Money (New York Times) Former National Security Agency contractor Edward Snowden violated secrecy agreements with the U.S. government that allow it to claim proceeds from a memoir he published earlier this year, a judge ruled Tuesday.
Judge grants government proceeds from Edward Snowden’s book (Washington Post) Snowden, who leaked details of government surveillance programs, is charged with espionage but has remained exiled in Russia since 2013.
Google accused of firing another worker in union-busting drive (Engadget) Google's war against its employees continues.
FTC settles with Unroll.me over allegedly duping users over email data collection, sale (ZDNet) The agency claimed that users were falsely told Unroll.me would not “touch” personal information contained in emails.
U.S. SEC charges former Palo Alto Networks IT administrator, others with insider trading (Reuters) U.S. authorities on Tuesday said they have charged a former IT administrator and...
A tweet gave a journalist a seizure. His case brings new meaning to the idea of ‘online assault.’ (Washington Post) The Epilepsy Foundation announced that it filed criminal complaints against a legion of copycats who targeted people with epilepsy and sent them an onslaught of strobe GIFs.
The Story of a Teenage Hacker Who Made More Than Your Annual Salary Every Month (Vice) Maxime took an interest in hacking when he was six. At 16, he'd raked in nearly £1 million via credit card fraud.