New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to China
The hackers, who mostly targeted victims in Hong Kong, also hijacked Microsoft’s trust model to make their malware harder to detect.
Security / Cyberattacks and Hacks
HHS Launches ‘Digiheals’ Project to Better Protect US Hospitals From Ransomware
An innovation agency within the US Department of Health and Human Services will fund research into better defenses for the US health care system’s digital infrastructure.
A Huge Scam Targeting Kids With Roblox and Fortnite ‘Offers’ Has Been Hiding in Plain Sight
The wide-ranging scams, often disguised as game promotions, can all be linked back to one network.
An Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypass
The macOS Background Task Manager tool is supposed to spot potentially malicious software on your machine. But at Defcon, a researcher says it has troubling flaws.
GitHub’s Hardcore Plan to Roll Out Two-Factor Authentication (2FA)
GitHub has spent two years researching and slowly rolling out its multifactor authentication system. Soon it will be mandatory for all 100 million users—with no opt-out.
Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued
In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.
Panasonic Warns That IoT Malware Attack Cycles Are Accelerating
The legacy electronics manufacturer is creating IoT honeypots with its products to catch real-world threats and patch vulnerabilities in-house.
Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating
Security researchers accessed an internal camera inside the Deckmate 2 shuffler to learn the exact deck order—and the hand of every player at a poker table.
A Clever Honeypot Tricked Hackers Into Revealing Their Secrets
Security researchers set up a remote machine and recorded every move cybercriminals made—including their login details.
New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips
The vulnerability could allow attackers to take advantage of an information leak to steal sensitive details like private messages, passwords, and encryption keys.