Hacker publishes stolen email and mailing addresses of 270,000 Ledger cryptocurrency wallet users

Details of Ledger hardware wallet customers provides golden opportunity for scammers Scams include threats to break into homes of customers if ransom is not paid The phone numbers, email and postal addresses of over 270,000 owners of the Ledger cryptocurrency hardware wallet have been made freely available for download from a hacking forum. The information, … Continue reading Hacker publishes stolen email and mailing addresses of 270,000 Ledger cryptocurrency wallet users

Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments

CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques, including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices. In response, CISA has released Analysis Report AR21-013A: Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services … Continue reading Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments

Twitter hires veteran hacker Mudge as head of security

Twitter has appointed one of the world’s most respected hackers as its new head of security in the wake of a humiliating mass attack in July. The company has placed Peiter Zatko in charge of protecting its platform from threats of all varieties, poaching him from the payments startup Stripe. Zatko is better known as … Continue reading Twitter hires veteran hacker Mudge as head of security

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texas-based SolarWinds disclosed this week that a compromise … Continue reading Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ — Krebs on Security

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s customer base, experts say the incident may be just … Continue reading U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise