Collaborate Disseminate
$2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’ 2025 Crypto Crime Report has revealed. Of that sum, $1.34 billion was stolen by North Korea-affiliated hackers, across 47 hacking incidents (out of 303)…. Continue reading Cryptocurrency hackers stole $2.2 billion from platforms in 2024
Not everything needs to be digital and “smart.” License plates, for example:
Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to “jailbreak” digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold. By removing a sticker on the back of the plate and attaching a cable to its internal connectors, he’s able to rewrite a Reviver plate’s firmware in a matter of minutes. Then, with that custom firmware installed, the jailbroken license plate can receive commands via Bluetooth from a smartphone app to instantly change its display to show any characters or image…
Chinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S. Continue reading US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack
Surprising no one, it’s easy to trick an LLM-controlled robot into ignoring its safety instructions.
Continue reading Jailbreaking LLM-Controlled Robots
Hackers stole $1.48 billion from the crypto industry in 2024. A new report highlights trends in blockchain security, including shifts in target networks. Continue reading Hackers Drain $1.48 Billion from Crypto in 2024, Led by DeFi Exploits
The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve learned that that’s not true: that NSO Group employees operate the spyware on behalf of their customers.
Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software…
Continue reading NSO Group Spies on People on Behalf of Governments
This is from 404 Media:
The Graykey, a phone unlocking and forensics tool that is used by law enforcement around the world, is only able to retrieve partial data from all modern iPhones that run iOS 18 or iOS 18.0.1, which are two recently released versions of Apple’s mobile operating system, according to documents describing the tool’s capabilities in granular detail obtained by 404 Media. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28.
More …
How plug-and-play hacking tools and lax configs helped a Russian script kiddie start a scheme.
The post Here’s how simple it is for script kiddies to stand up DDoS services appeared first on CyberScoop.
Continue reading Here’s how simple it is for script kiddies to stand up DDoS services
In this Help Net Security interview, Balázs Pózner, CEO at Hackrate, discusses the essential technical skills for ethical hackers and how they vary across different security domains. He explains how AI and machine learning enhance ethical hacking by st… Continue reading Overcoming legal and organizational challenges in ethical hacking
Arion Kurtaj, a teenager from the UK, amassed a fortune through audacious cybercrimes. From stealing Grand Theft Auto 6 secrets to erasing Brazil’s COVID vaccination data, his exploits were legendary. But his hacking spree took a bizarre turn when he w… Continue reading Smashing Security podcast #393: Who needs a laptop to hack when you have a Firestick?