Computerworld
BlackCat group releases screenshots of stolen Western Digital data
The screenshots included an image of a meeting that was held by the company to discuss the response to the recent cybersecurity incident.
Bleeping Computer
Leaked Windows 11 screenshots show new File Explorer, Settings app
Leaked screenshots of an internal Microsoft build of Windows 11 have given us a glimpse of the upcoming changes coming to File Explorer and the Settings app.
%20(1).webp)
Cyber Security News
Spyware Website Leaking People's Phones Real-Time Screenshots Online
A stalkerware company with poor security practices is exposing victims' data as the software, designed for unauthorized device monitoring,
Infosecurity News
New Threat Group Reviews Screenshots Before Striking
Threat actor has been dubbed TA866 by Proofpoint
Infosecurity News
Microsoft Fixes Security Flaw in Windows Screenshot Tools
Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots
SC Magazine
RansomHub says Change Healthcare data now up for sale
The ransomware group posted screenshots of alleged insurer and patient information Monday.
DarkReading
Stalkerware App With Security Bug Infests Hotel Systems
The spyware is able to capture screenshots of a user device every few seconds from any location globally.
DarkReading
Ransomware Group Claims Major Okta Breach
Screenshots that ransomware gang Lapsus$ released this week suggest the threat actor also stole Microsoft source code.
CyberScoop
Cyber company Okta is latest potential victim cited by Lapsus$ hackers
The financially motivated group of malicious hackers posted screenshots that Okta said could be related to "activity" detected in January.
CyberNews
Hackers breach Rosatom, Russia’s state nuclear energy corporation | CyberNews
The screenshots ATW has posted on Twitter indicate that the group has accessed Rosatom’s Allure Reports.
CyberSecurity Dive
Okta says 2.5% of customers breached, as Lapsus$ sows disorder
Threat researchers say Lapsus$, active on social media, revels in the spotlight. Okta's CSO called the breach screenshots "embarrassing."
Bleeping Computer
Windows 11 Snipping Tool gets OCR support to copy text from images
Microsoft has added text recognition support to the latest Snipping Tool build, allowing users to select and copy text from screenshots.
Bleeping Computer
DC Police confirms cyberattack after ransomware gang leaks data
The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data.
CyberSecurity Dive
Okta denies security incident as Lapsus$ group goes on a spree
The identity and access management firm believes screenshots connected with the breach are related to a January security incident that was contained.
ThreatPost
Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
Lapsus$ shared screenshots of internal Okta systems and 40Gb of purportedly stolen Microsoft data on Bing, Bing Maps and Cortana.
Bleeping Computer
Microsoft tests instant access to Android photos in Windows 11
Microsoft plans to provide Windows 11 users with almost instant access to photos and screenshots they've taken on their Android smartphones.
DataBreaches
Leaked image shows ransomware attack hit Linn-Mar School District
Adam Carros and Ethan Stein report: Leaked screenshots show the Linn-Mar School District is dealing with a ransomware attack much more severe than the...
The Hacker News
SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls
Discover the dangerous capabilities of SpyNote, an Android banking trojan. It records audio, logs keystrokes, SMS messages, and captures screenshots.
Cyber Security News
Snake Keylogger Steals victim Logins, Keystrokes, & Capture Screen
Snake Keylogger, a .NET infostealer malware, also known as 404 Keylogger, steals credentials, keystrokes, and screenshots, collects system info
SC Magazine
Odd NuGet package for industrial equipment raises espionage concerns
The open-source .NET package stealthily exfiltrates screenshots from BOZHON equipment.
CyberSecurity Dive
LA schools system downplays impact of leaked data
Screenshots of files stolen and leaked by Vice Society paint a worrying scenario, contradicting some of the district’s assertions.
Security Affairs
Recall feature in Microsoft Copilot+ PCs raises privacy concerns
UK data watchdog investigates Microsoft regarding a new feature in Copilot+ PCs that captures screenshots of user's laptop every few seconds
SecurityWeek
Wiper Used in Attack on Iran National Media Network
A cyberattack targeting the Iranian state-run broadcasting network employed a wiper, custom-made backdoors, and malware to take screenshots.
The Cyber Express
Researcher Indicates PCTattletale Stalkerware Found on US Hotels, Corporate and Law Firm Computers Leaks Recordings
An independent researcher claims that commercial grade spyware tool PCTattletale was found to leak live-screen recordings/screenshots to the internet, making
DataBreaches
Ransomware group leaks data allegedly from Granger Medical Clinic
On November 24, the NoEscape ransomware group added Granger Medical Clinic in Utah to their leak site. As proof, NoEscape provided a filetree and screenshots...
Naked Security
Google wins court order to force ISPs to filter botnet traffic
CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.
SecurityWeek
Uber Investigating Data Breach After Hacker Claims Extensive Compromise
Uber is investigating a data breach after a hacker claimed to have breached many of the ride sharing giant’s systems and posted screenshots as evidence
Bleeping Computer
HTC Global Services confirms cyberattack after data leaked online
IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware gang began leaking screenshots of stolen data.
Bleeping Computer
Uber hacked, internal systems breached and vulnerability reports stolen
Uber suffered a cyberattack Thursday afternoon with a hacker gaining access to vulnerability reports and sharing screenshots of the company's internal systems, email dashboard, and Slack server.
PCMag
Sony Investigates Alleged Hack of Spider-Man Developer Insomniac Games
To prove the hack is legit, ransomware group Rhysida posts some of the stolen data, which appears to include screenshots of the upcoming Marvel's Wolverine game.
CyberSecurity Dive
UnitedHealth admits it paid a ransom in Change Healthcare attack
The insurer also confirmed Monday that more than 20 screenshots of potentially stolen patient data were posted on the dark web for about a week.
PCMag
Scammers Target Helldivers 2 Buyers With Fake Games on Steam
Bogus versions of Helldivers 2 popped up on Steam, complete with info, screenshots, and logos ripped from the real game. One suspicious detail gave it away, though.
ThreatPost
MacOS Bug Could Let Creeps Snoop On You
The flaw could allow attackers to bypass Privacy preferences, giving apps with no right to access files, microphones or cameras the ability to record you or grab screenshots.
Bleeping Computer
Hackers leak images to taunt Western Digital's cyberattack response
The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach.
Latest Hacking News
New Screenshotter Malware Campaign Targets Victims After Profiling
Researchers have warned users about a new malicious campaign that scans and profiles potential victims before targeting. Identified as “Screenshotter,” the malware takes screenshots on the victim's machines to share with the attackers. Screenshotter Malware Campaign
CyberScoop
Microsoft investigating hacking group's claims of successful breach
Cybercrime organization Lapsus$ posted suspicious screenshots. Microsoft officials said they are "aware of the claims and are investigating."
Bleeping Computer
Hackers use Rilide browser extension to bypass 2FA, steal crypto
A new malware strain called Rilide has been targeting Chromium-based web browsers like Google Chrome, Brave, Opera, and Microsoft Edge, to monitor user browsing history, snap screenshots, and inject scripts that can steal cryptocurrency.
Computerworld
Start-up emerges with an ‘enterprise browser'
The Island browser is based on Chrome and can limit site access and stop employees from uploading and downloading data, copying and pasting information, and even taking screenshots.
Bleeping Computer
Google Pixel flaw allowed recovery of redacted, cropped images
An 'Acropalypse' flaw in Google Pixel's Markup tool made it possible to partially recover edited or redacted screenshots and images, including those that have been cropped or had their contents masked, for the past five years.
Bleeping Computer
Google Pixel phones unusable after January 2024 system update
Google Pixel smartphone owners report problems after installing the January 2024 Google Play system update, being unable to access their devices internal storage, open the camera, take screenshots, or even open apps.
The Hacker News
Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group
Microsoft and Okta confirm the breach after LAPSUS$ hackers posted stolen source code and screenshots showing access to its internal systems.
The Hacker News
Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Cybercriminals are using Parallax RAT to target cryptocurrency companies, giving them the ability to record keystrokes, take screenshots, and upload a
The Hacker News
Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This
Uber claims to have found no evidence that users' private data was compromised in latest breach, but screenshots and information from various sources
The Record
DOJ shuts down ‘Warzone’ malware vendor and charges two in connection
The U.S. Justice Department said it shut down a website and several other domains that sold the Warzone RAT malware — a tool cybercriminals used to access victims' devices, take screenshots, record keystrokes, steal data and watch victims through device cameras.
Bleeping Computer
TELUS investigating leak of stolen source code, employee data
Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to be employee data. The threat actor subsequently shared screenshots apparently showing private source code repositories and payroll records held by the company.
Computerworld
Windows Recall — a ‘privacy nightmare’?
The Windows AI feature announced by Microsoft this week quickly drew criticism for recording regular screenshots of a user’s screen; one security expert compared it to keylogging software.
Security Affairs
Acropalypse flaw in Google Pixel’s Markup tool allowed the recovery of edited images
The Acropalypse flaw in the Markup tool of Google Pixel allowed the partial recovery of edited or redacted screenshots and images. Security researchers Simon Aarons and David Buchanan have discovered a vulnerability, named ‘Acropalypse,’ in the Markup tool of Google Pixel. The Markup tool is a built-in Markup utility, released with Android 9 Pie that […]
Security Affairs
TikTok denies data breach following leak of user data
Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking collective AgainstTheWest recently published a post on Breach Forums message board claiming to have hacked TikTok and stolen source code and user data. The group published screenshots of an alleged stolen data, it claims to […]
Security Affairs
Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying
The provider of access management systems Okta confirmed the data breach and revealed that 2.5% of its customers were impacted. This week Lapsus$ extortion group claimed to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots […]
Security Affairs
Lapsus$ extortion gang claims to have stolen sensitive data from Okta
The Lapsus$ extortion group claims to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Some of the images published by the threat actors appear to be related to the company’s […]
Security Affairs
Experts spotted five malicious Google Chrome extensions used by 1.4M users
Researchers spotted 5 malicious Google Chrome extensions used to track users’ browsing activity and profit of retail affiliate programs. McAfee researchers discovered five malicious Google Chrome extensions with a total install base of over 1,400,000. The malicious Google Chrome extensions were masquerading as Netflix viewers, website coupons, and apps for taking screenshots of a website. […]
CyberNews
Lapsus$ claims to have breached authentication firm Okta | CyberNews
Okta, a San Francisco-based identity and access management company, is investigating a report of a breach.
CyberNews
Lapsus$ has exaggerated the scale of the access to Okta | CyberNews
Authentication firm Okta has reached out to all 366 customers potentially affected by the recent breach. Lapsus$ extortion group had access to the support engineer’s computer for five days in January.
Security Affairs
A consumer-grade spyware app found in check-in systems of 3 US hotels
A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US.
SecurityWeek
Suspicious NuGet Package Harvesting Information From Industrial Systems
Suspicious NuGet package targets developers working with technology from Chinese firm Bozhon in possible industrial espionage campaign.
Bleeping Computer
CloudSEK claims it was hacked by another cybersecurity firm
Indian cybersecurity firm CloudSEK says a threat actor gained access to its Confluence server using stolen credentials for one of its employees' Jira accounts.
Bleeping Computer
Okta confirms support engineer's laptop was hacked in January
Okta, a major provider of access management systems, has completed its investigation into a breach incident claimed by the Lapsus$ data extortion group.
The Cyber Express
Copilot+ Recall is ‘Dumbest Cybersecurity Move in a Decade’: Researcher
A new Microsoft Windows feature dubbed Recall planned for Copilot+ PCs has been called a security and privacy nightmare by
SecurityWeek
CloudSEK Blames Hack on Another Cybersecurity Company
CloudSEK claims a cybersecurity firm is behind a data breach resulting from the compromise of an employee’s Jira account.
DataBreaches
Ransomware attack targets global Lutheran group
YLE reports: The Lutheran World Federation (LWF) has fallen victim to cyber extortion, Finnish news agency STT reports on Sunday. The Finnish Evangelical...
HACKRead
"Get Paid to Like Videos"? This YouTube Scam Leads to Empty Wallets
Beware! YouTube “Social Media Marketing” Scam Snatches Cash After Luring Users with Likes & Subscriptions.
HACKRead
China-Linked Blackwood APT Deploys Advanced NSPX30 Backdoor in Cyberespionage
The NSPX30 backdoor, initially uncovered in 2005 as a simple form of malware, has evolved over time into an advanced threat.
SecurityWeek
Microsoft, Okta Investigating Data Theft Claims
The Lapsus$ hacker group claims to have stolen information, including source code and customer data, from Microsoft, LGE and Okta.
CyberNews
Oxford police arrest seven teenagers linked to Lapsus$ - BBC | CyberNews
The BBC said that the City of London Police has arrested seven teenagers in relation to the Lapsus$ extortion group.
ZDNet
Okta says breach evidence posted by Lapsus$ hackers linked to January 'security incident' | ZDNet
Okta claims there is no proof of current malicious activity on its networks.
Bleeping Computer
Okta confirms 2.5% customers impacted by hack in January
Okta, a major provider of access management systems, says that 2.5%, or approximately 375 customers, were impacted by a cyberattack claimed by the Lapsus$ data extortion group.
DarkReading
Okta Says 366 Customers Impacted via Third-Party Breach
Microsoft meanwhile confirms Lapsus$ group compromised it as well and issues warning on threat actor.
ZDNet
Okta: We made a mistake over Lapsus$ breach notification | ZDNet
Okta says it wrong to not tell customers about the January breach sooner, but it said it did not know the extent of the issue.
The Hacker News
New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack
Mandiant incident report for Okta's Lapsus$ breach details the entire timeline of events.
DataBreaches
Hacker Sentenced to 51 Months in Prison for Stealing Customer Credit Card Numbers
PHOENIX, Ariz. – Chirag Patel, 38, most recently of Norfolk, Virginia, was sentenced on May 8, 2023, by United States District Judge G. Murray Snow to 51...
DarkReading
Microsoft's 'Recall' Feature Draws Criticism From Privacy Advocates
Despite Microsoft's reassurances, multiple security researchers describe the technology as problematic for users and their organizations.
The Cyber Express
Amazon Secures pcTattletale Spyware AWS Infrastructure After Hack Reveals 17TB of Data
Soon after an independent researcher exposed a vulnerability in the commercial-grade pcTattletale spyware tool that could compromise recordings, the tool’s
Security Affairs
Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel
The hacktivist collective GhostSec claimed to have compromised 55 Berghof PLCs used by Israeli organizations. Pro-Palestinian Hacking Group GhostSec claimed to have compromised 55 Berghof programmable logic controllers (PLCs) used by Israeli organizations as part of a Free Palestine campaign. On September, 4th, 2022, GhostSec announced on social media and its Telegram channel that it has compromised […]
The Cyber Express
Malaysian Telecom Provider, Aminia Hit by Pro-Israeli Cyberattack, Website Inaccessible
The pro-Israeli hacktivist group, R00TK1T ISC Cyber Team, has allegedly targeted Malaysian entities, marking their first cyberattack on Aminia. The
The Record
Lapsus$: The script kiddies are alright
A new cyber extortion team has burst on the scene turning low-tech operations into high impact heists. But they have a weakness – we explain. Plus, a hacking story from a different era.
CyberNews
Midjourney AI developers caught copying artists to train generator
Midjourney AI, a popular generative AI tool for creating art, has used a database of 16,000 artists to train its model and discussed ways to avoid legal problems online.
Bleeping Computer
Hacker develops new 'Screenshotter' malware to find high-value targets
A new threat actor tracked as TA886 targets organizations in the United States and Germany with new custom malware to perform surveillance and data theft on infected systems.
.webp)
Cyber Security News
Ukrainian Hackers Hijacked 87,000 Sensors to Shut down Sewage System
Ukrainian hackers have successfully infiltrated and disabled a vast network of industrial sensors and monitoring infrastructure in Russia.
The Hacker News
Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools
Microsoft releases out-of-band update for privacy-defeating flaw in Windows 10 & 11 screenshot editing tools!
Infosecurity News
Okta Investigates Possible Lapsus Breach
Concerns rise that ransomware group used access to target customers
Infosecurity News
Musk Losing Battle of Bad Bots as Rate Limits Begin
Growing number of Twitter users voice disquiet
Bleeping Computer
Ubisoft says it's investigating reports of a new security breach
Ubisoft is investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online.
SecurityWeek
AP News Site Hit by Apparent Denial-of-Service Attack
The Associated Press news website experienced an outage that appeared to be consistent with a denial-of-service attack
Bleeping Computer
Ukraine claims it hacked Russian Ministry of Defense servers
The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents.
Infosecurity News
General Electric Investigates Alleged DARPA Breach
IntelBroker claims to be selling sensitive military data
SecurityWeek
Serious Breach at Uber Spotlights Hacker Social Deception
A hacker apparently gained access to theUber's cloud-based systems where it stores sensitive customer and financial data.
SecurityWeek
Microsoft, Okta Confirm Data Breaches Involving Compromised Accounts
Microsoft and Okta have confirmed suffering data breaches, but they claim impact is limited.
Bleeping Computer
US farmer cooperative hit by $5.9M BlackMatter ransomware attack
U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor.
Bleeping Computer
New SteganoAmor attacks use steganography to target 320 orgs globally
A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems.
DataBreaches
Activision did not notify employees of data breach for months
Lorenzo Franceschi-Bicchierai reports: On December 4, hackers successfully phished an employee at the games giant Activision, gaining access to some internal...
DarkReading
Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber
Alleged teen hacker claims he found an admin password in a network share inside Uber that allowed complete access to ride-sharing giant's AWS, Windows, Google Cloud, VMware, and other environments.
The Hacker News
Russian Hackers Using Graphiron Malware to Steal Data from Ukraine
Russia-linked threat actor has been spotted targeting Ukraine with a new information-stealing malware called Graphiron.
Bleeping Computer
Okta investigating claims of customer data breach from Lapsus$ group
Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach.
Infosecurity News
Nvidia Appears to Brush Off Ransomware Attack
Online chatter suggests chip giant “hacked back” at its attacker
Infosecurity News
Uber Hacker May Have Compromised Secret Bug Reports
Attacker looks to have admin access to cloud accounts
DataBreaches
TELUS investigating leak of stolen source code, employee data
Ax Sharma reports: Canada’s second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what...
DataBreaches
NHS Staff Reprimanded For WhatsApp Data Sharing
Phil Muncaster reports: An NHS trust has been reprimanded by the UK’s data protection regulator after it was discovered that staff had been sharing patient...
Ars Technica
Security firm Rubrik is latest to be felled by GoAnywhere vulnerability
GoAnywhere customers are dropping like flies, courtesy of code execution bug.
CyberNews
Iran’s missile strikes against Israel bolstered by cyberattacks, multiple gangs involved
Prior to Iran’s missile attack on Israel, the pro-Iranian cyber gang named Handala claimed to have breached radar systems and sent 500,000 text messages.
Bleeping Computer
MoustachedBouncer hackers use AiTM attacks to spy on diplomats
A cyberespionage group named 'MoustachedBouncer' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies in Belarus.
Loading more articles....