New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to China
The hackers, who mostly targeted victims in Hong Kong, also hijacked Microsoft’s trust model to make their malware harder to detect.
Security / Security News
Security News This Week: US Energy Firm Targeted With Malicious QR Codes in Mass Phishing Attack
New research reveals the strategies hackers use to hide their malware distribution system, and companies are rushing to release mitigations for the “Downfall” processor vulnerability on Intel chips.
A Huge Scam Targeting Kids With Roblox and Fortnite ‘Offers’ Has Been Hiding in Plain Sight
The wide-ranging scams, often disguised as game promotions, can all be linked back to one network.
An Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypass
The macOS Background Task Manager tool is supposed to spot potentially malicious software on your machine. But at Defcon, a researcher says it has troubling flaws.
A New Attack Reveals Everything You Type With 95 Percent Accuracy
A pair of major data breaches rock the UK, North Korea hacks a Russian missile maker, and Microsoft’s Chinese Outlook breach sparks new problems.
GitHub’s Hardcore Plan to Roll Out Two-Factor Authentication (2FA)
GitHub has spent two years researching and slowly rolling out its multifactor authentication system. Soon it will be mandatory for all 100 million users—with no opt-out.
Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued
In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.
Panasonic Warns That IoT Malware Attack Cycles Are Accelerating
The legacy electronics manufacturer is creating IoT honeypots with its products to catch real-world threats and patch vulnerabilities in-house.
Security News This Week: The Cloud Company at the Center of a Global Hacking Spree
Plus: A framework for encrypting social media, Russia-backed hacking through Microsoft Teams, and the Bitfinex Crypto Couple pleads guilty.
Free Airline Miles, Hotel Points, and User Data Put at Risk by Flaws in Points Platform
Flaws in the Points.com platform, which is used to manage dozens of major travel rewards programs, exposed user data—and could have let an attacker snag some extra perks.