Spyware Maker NSO Group Found Liable for Hacking WhatsApp

A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper on the case...

Exploit for CVE-2024-9290

CVE-2024-9290 Exploit Tool | Super Backup & Clone Vulnerabilit...

CVE-2024-12373

creationtimestamp| type| source ---|---|--- 2024-12-17 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-352-03 2024-12-18 17:52:43+00:00| seen| https://t.me/cvedetector/13210 2024-12-20 14:17:25+00:00| seen| https://bsky.app/profile/hackingne.ws/post/3ldqlb62lf62g...

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets

Digital license plates sold by Reviver, already legal to buy in some states and drive with nationwide, can be hacked by their owners to evade traffic regulations or even law enforcement surveillance...

ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket

Summary Cybersecurity researchers have identified a large-scale hacking operation linked to notorious ShinyHunters and Nemesis hacking groups. In…...

US Officials Recommend Encryption Apps Amid Chinese Telecom Hacking

Plus: Russian spies keep hijacking other hackers’ infrastructure, Hydra dark web market admin gets life sentence in Russia, and more of the week’s top security news...

Exploit for Cross-site Scripting in Heateor Sassy_Social_Share

CVE-2023-XXXX: Sassy Social Share Plugin XSS Vulnerability...

NSO Group Spies on People on Behalf of Governments

The Israeli company NSO Group sells Pegasus spyware to countries around the world including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda. We assumed that those countries use the spyware themselves. Now we've learned that that's not true: that NSO Group employees operate the...

Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack

In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street...

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. A visu...

US Charges 5 Suspected MGM Hackers from Scattered Spider Gang

Five alleged members of the notorious Scattered Spider hacking group have been charged with executing a sophisticated phishing…...

Russian Man Extradited to US, Face Charges in Phobos Ransomware Operation

Russian national Evgenii Ptitsyn, linked to Phobos ransomware, faces U.S. charges for extortion and hacking, with over $16M…...

Why Italy Sells So Much Spyware

Interesting analysis: Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware marketplace has been able to operate relatively under the radar by specializing in cheaper tools. According to an Italian Ministry of...

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice DoJ announced Thursday. Lichtenstein was charged for his involvement in a money laundering scheme that led to the theft of...

Did security gaps at Antwerp port enable drug smuggling operations?

TL;DR Why hack shipping? For profit. Criminals have been proven to have hacked port systems to bypass security and facilitate drug smuggling. Evidence of hacking? Rarely reported, but cases like MSC and Glencore’s cobalt theft and the incidents at the Port of Antwerp below provide real examples...

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car's tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn't fiction; it's the new cyber reality...

Inside the Massive Crime Industry That’s Hacking Billion-Dollar Companies

When you download a piece of pirated software, you might also be getting a piece of infostealer malware, and entering a highly complex hacking ecosystem that’s fueling some of the biggest breaches on the planet...

Florida Man Accused of Hacking Disney World Menus, Changing Font to Wingdings

Plus: Cops take down a notorious infostealer, Strava leaks world leaders’ locations, and a hacking scandal is causing chaos in Italy...

Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported th...

Robot vacuum cleaners hacked to spy on, insult owners

Multiple robot vacuum cleaners in the US were hacked to yell obscenities and insults through the onboard speakers. ABC news was able to confirm reports of this hack in robot vacuum cleaners of the type Ecovacs Deebot X2, which are manufactured in China. Ecovacs is considered the leading service...