Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 69

Aug 15, 2022

SpaceX says researchers are welcome to hack Starlink and can be paid up to $25,000 for finding bugs in the network

Posted by in categories: cybercrime/malcode, internet, satellites

SpaceX says responsible researchers are welcome to hack into its satellite internet network, Starlink. It added that it could pay them up to $25,000 for discovering certain bugs in the service.

The announcement came after security researcher Lennert Wouters said last week he was able to hack into Starlink using a $25 homemade device. He said he performed the test as part of SpaceX’s bug bounty program, where researchers submit findings of potential vulnerabilities in Starlink’s network.

In a six-page document entitled “Starlink welcomes security researchers (bring on the bugs),” SpaceX congratulated Wouters on his research.

Aug 14, 2022

A hacker used a $25 custom-built tool to hack into SpaceX’s Starlink satellite system

Posted by in categories: cybercrime/malcode, internet, satellites

Aug 14, 2022

Your secret Twitter account may no longer be secret

Posted by in category: cybercrime/malcode

Someone has gotten a hold of this data, and is selling it online.


If you have a secret Twitter account, we’ve got some bad news for you.

On Friday, Twitter disclosed information about a security vulnerability that allowed someone to find out whether a specific email address or phone number is tied to an existing Twitter accounts.

Continue reading “Your secret Twitter account may no longer be secret” »

Aug 14, 2022

Major Twitter flaw exposes millions of celebrity and company accounts

Posted by in category: cybercrime/malcode

A cybersecurity expert that goes by the name Zhirinovskiy took to the HackerOne forum in January to report a vulnerability within Twitter’s login pipeline. According to the report, the vulnerability was a gaping hole within the platform’s cybersecurity, and just within a few days, Zhirinovskiy was able to successfully infiltrate and discover Twitter accounts linked to specific numbers and email addresses. Zhirinovskiy explained that a malicious party could easily find an individual’s Twitter account with a phone number or email address.

Zhirinovskiy contacted Twitter support about the security flaw, which was found in Twitter’s Android app, and was rewarded a $5,040 bug bounty for the discovery. A patch was rolled out that fixed the major issue, but according to Restore Privacy, it was already too late as a malicious individual that uses the username “devil” had already exploited the flaw and scraped 5,485,636 Twitter accounts. The swath of data was then thrown onto the dark web hacking community forum ‘Breached Forums’, where the lister claimed that the data included users that “range from Celebrities to Companies, randoms, OGs, etc.

Furthermore, the authenticity of the data that was stolen was verified by Restore Privacy, as well as the hacker that stole it. Notably, Devil listed the data for sale with an asking price of $30,000. It’s not known if the stolen Twitter data was purchased by another party or is still available.

Aug 14, 2022

Elon Musk’s lawyers say Twitter is hiding the identities of key staff who calculate bot numbers, the main sticking point in the $44 billion deal, reports say

Posted by in categories: cybercrime/malcode, Elon Musk, finance, law, robotics/AI

The number of bots and spam accounts on the platform has been a sticking point for Musk throughout the deal. After months of back and forth, Musk’s issues with spam accounts eventually led him to publicly pull out of the $44 billion deal.

Last month, Musk accused Twitter of withholding information about the number of bots on the platform, later citing it as the reason for withdrawing his bid.

Musk’s lawyers claimed in a termination letter that his analysis indicated the percentage of false accounts on Twitter was “wildly higher than 5%” — the number Twitter disclosed in its financial reports.

Aug 13, 2022

Ransomware gangs move to ‘callback’ social engineering attacks

Posted by in category: cybercrime/malcode

At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim’s network.

This allows the threat actors to deploy highly-targeted attacks that are more difficult to detect and stop because of the social engineering component.

Aug 8, 2022

This security guru is banishing spammers to a hilarious ‘password purgatory’

Posted by in category: cybercrime/malcode

Get wrekt, spammers. Security researcher Troy Hunt has created a hilariously devious ‘password purgatory’ for people invading his inbox.


Whether it’s John Wick or The Count of Monte Cristo, we all love a good revenge story. Right now, my current favorite is a wholesome nerdy tale told by Troy Hunt.

You likely already know Hunt as the force behind Have I Been Pwned, an invaluable security resource for us normies on the internet. The website tells you if your email address or phone number has been found in data breaches, and if you’re so inclined, lets you register for notifications should your info become exposed later on.

Continue reading “This security guru is banishing spammers to a hilarious ‘password purgatory’” »

Aug 6, 2022

The Robocalls Problem Is So Bad That the FCC Actually Did Something

Posted by in categories: cybercrime/malcode, mobile phones, transportation

“Hello, we’ve been trying to reach you about your car’s extended warranty.” After years of seemingly unstoppable scam robocalls, this phrase is embedded into the minds of many of us. Last month the Federal Communications Commission (FCC) announced it was ordering phone providers to block any calls coming from a known car warranty robocall scam, offering hope that U.S. phone users may hear that all-too-familiar automated voice a little less often.

But there is more work required to crack down on these calls. After all, car warranty warnings are only one type of scam. To understand how robocallers reach us, and why it’s so hard to stop them, Scientific American spoke with Adam Doupé, a cybersecurity expert at Arizona State University.

[An edited transcript of the interview follows.].

Aug 6, 2022

North Korean Hackers Are Attacking Gmail Accounts, According To a Cybersecurity Firm

Posted by in category: cybercrime/malcode

North Korean hackers have been attacking individuals and organizations from the US, Europe, and South Korea to uphold Pyongyang’s interests.

Aug 6, 2022

Twitter confirms zero-day used to expose data of 5.4 million accounts

Posted by in category: cybercrime/malcode

Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users’ accounts, allowing a threat actor to compile a list of 5.4 million user account profiles.

Last month, BleepingComputer spoke to a threat actor who said that they were able to create a list of 5.4 million Twitter account profiles using a vulnerability on the social media site.

This vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. The threat actor then used this ID to scrape the public information for the account.

Page 69 of 212First6667686970717273Last