A Hacker Stole OpenAI Design Technologies

Operation Morpheus took down nearly 600 Cobalt Strike servers, Threat actors released 166K Taylor Swift Eras Tour ticket bar codes, Brain Cipher apologized to Indonesia, Threat actors ID'ed Authy phone numbers, Nearly 10 billion plaintext passwords compiled, Slew of state agencies hacked, much more

Metacurity Has Switched Platforms (Again)

Last February, I switched Metacurity from Substack to Beehiiv because of Substack's willingness to give speakers with odious views a platform. Since then, I've heard from subscribers - ranging from tech companies to the US Department of Defense – that their organizations automatically filter out emails from

More Downstream Victims of the LockBit Attack on Evolve Bank & Trust Emerge

Severe regreSSHion Vulnerability Could Lead to System Takeover on Some Linux Servers

Data breach of Evolve Bank and Trust hits money transfer service Wise, CocoaPods flaws left macOS and iOS apps vulnerable to supply chain attacks for a decade, Zero day flaw affects popular Cisco devices, Top credit union Patelco suffered serious security incident, much more

NHS Failed to Act on Reports of Crumbling IT Infrastructure, Database Weaknesses Months Before Damaging Cyberattack, Reports

New Brain Cipher ransomware was behind Indonesian government attack, Indonesia busted 100 foreign nationals suspected of cybercrime, A dozen-plus Texas state agencies and universities were hit by Midnight Blizzard attack, Skeleton Key bypasses AI guardrails, much more

Best Infosec-Related Long Reads for the Week of 6/22/24

An indicted hacker ran a major cybercrime operation after becoming a DOJ cooperating witness, Crypto scammers who engaged in a real-world violent crime spree, Detroit reforms its facial recognition system after string of false arrests, more

Remote Access Software Company TeamViewer Hit by Russia's Cozy Bear

Microsoft reveals more customers hacked by Midnight Blizzard, Operation First Light busted 3,950 online scammers, More than half of top open source projects contain memory-unsafe code, BlackSuit launched ransomware attack on Elden Ring parent company, Indonesian government lacks backup, much more

Hacker Who Targeted Ukraine Systems With WisperGate Malware Indicted, $10 Million Reward Offered

Polyfill.io service claims it was defamed after researchers point to massive supply chain attack, US offers $5m reward for "crypto queen," much more

Lockbit Leaks Files for Evolve Bank & Trust in Its Alleged ‘Federal Reserve’ Data Dump, Company Tells Customers It Is Investigating the Matter With Law Enforcement

US Commerce Department Probes China Mobile, China Telecom and China Unicom for Security Risks

CISA confirms hackers exploited Ivanti flaw to access its chemical security tool, LockBit 3.0 claims attack on US Federal Reserve, EU adds six Russian hackers to sanctions list, Hackers infiltrated Ethereum's email to send malicious messages. much more

Auto Software Maker CDK Global Agreed to Pay Tens of Millions to Ransomware Attackers, BlackSuit Gang Is Responsible, Sources

CISA confirms hackers exploited Ivanti flaw to access its chemical security tool, LockBit 3.0 claims attack on US Federal Reserve, EU adds six Russian hackers to sanctions list, Hackers infiltrated Ethereum's email to send malicious messages, much more

Best Infosec-Related Long Reads for the Week of 6/15/24

The world of people who take spreadsheets seriously, The distortions of a leading disinformation researcher, How the EU leads the way in securing software, Protecting prompt privacy in LLM models