Category: x.tech

Boeing, a prominent aerospace manufacturer and defense contractor, found itself targeted by the Lockbit ransomware group at the end of October. This cybercriminal organization claimed responsibility for infiltrating Boeing’s systems and asserted that it had obtained a substantial amount of sensitive data. The group threatened to disclose this information unless Boeing engaged with them before the initial deadline, initially set for November 2, 2023, at 13:25:39 UTC but later extended to November 10, 2023. In early November 2023, Boeing officially…

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. Before the leak, LockBit hackers said that Boeing ignored warnings that data would become publicly available and threatened to publish a sample of about 4GB of the most recent files. Backup data published LockBit ransomware has leaked more than 43GB of files from Boeing after the company refused to pay a ransom. Most of the data listed on the hacker…

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals, including ransomware actors. Zhdanova used her expertise in cryptocurrency and blockchain networks to move money through various platforms such as Garantex (sanctioned in April 2022 for aiding the Hydra Market) to evade “Anti-Money Laundering/Combating the Financing of Terrorism” (AML/CFT) controls. A report from blockchain analysis firm Chainalisys provided additional information about Zhdanova’s public businesses, which may or may not be part of her…

The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library (TPL) is Canada’s largest public library system, giving access to 12 million books through 100 branch libraries across the city. The library system has 1,200,000 registered members and operates on a budget that surpasses $200M. Earlier this week, TPL warned that a cyberattack is causing technical outages on its websites and some online services. These outages include the tpl.ca site…

In a devastating cyberattack that unfolded over three days in May 2023, numerous victims fell prey to a large-scale intrusion. The attackers exploited a vulnerability in MOVEit, a managed file transfer software, sending shockwaves across various sectors. Government agencies, airlines, educational institutions, financial organizations, and healthcare providers found themselves in the crosshairs of this breach. The attackers absconded with sensitive data, including credit card information, personally identifiable information (PII), and social security numbers (SSNs). In a startling revelation, Bloomberg reported…

The Trump era was very, very good to the country’s giant telecom monopolies. Trump officials doled out billions in tax breaks (AT&T nabbed $42 billion alone) and billions more in poorly tracked subsidies. It also approved anticompetitive mergers without even reading the details, and handed out all manner of regulator favors like the dismantling of net neutrality or the elimination of media consolidation rules. In absolutely every instance telecoms like AT&T and Comcast claimed these efforts would boost broadband deployment…

The Intercept has an interesting article that reveals another reason why some newspaper publishers are not great fans of the site: The New York Times tried to block a web crawler that was affiliated with the famous Internet Archive, a project whose easy-to-use comparisons of article versions has sometimes led to embarrassment for the newspaper. As the article explains, one of the important uses of the Internet Archive’s Wayback Machine is to compare Web pages as they are updated over time. It allows the…

Facebook and Instagram are trying to educate users on copyright infringement by showing a ‘popup’ to those who search for potentially problematic terms such as IPTV. This is one of the many voluntary anti-piracy tools the Meta-owned social media platforms have implemented, in an effort to help combat online copyright infringement. Similar to any other online platforms that deal with user-generated content, Instagram and Facebook process thousands of copyright complaints daily. Simply responding to takedown notices isn’t sufficient for all…

Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. Casio detected the incident on Wednesday, October 11, following the failure of a ClassPad database within the company’s development environment. Evidence suggests that the attacker accessed customers’ personal information a day later, on October 12. The exposed data includes customer names, email addresses, countries of residence, service usage details, and purchase information such as payment methods,…

Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens’ personally identifiable information (PII) and selling it on the dark web. The man was indicted with his wife, Natasha Renee Chalk, in February 2021 and pleaded guilty to aggravated identity theft and conspiracy to commit wire fraud in March 2023. According to information contained in the indictment, Hooper opened an online account with a company maintaining a…

A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info and genetic predispositions. 23andMe told BleepingComputer that this data was obtained through credential stuffing attacks on accounts using weak passwords or credentials exposed in other data breaches. However, the company says there is no evidence of…

Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed to have impacted millions of its customers. Late last month, a threat actor leaked 23andMe customer data in a CSV file named ‘Ashkenazi DNA Data of Celebrities.csv’ on hacker forums. The file allegedly contained the data of nearly 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info, genetic predispositions, and more. Initial leak of 23andMe data on a…

Last Thursday, a Danish court sentenced a 24-year old programmer from Silkeborg to 60 days probation for his role in operating the torrent tracker ShareUniversity. The sentencing is the latest in Denmark following an unprecedented crackdown on local torrent trackers that has already resulted in more than a dozen prosecutions, with more yet to come. The National Unit for Special Crime (NSK) reports that it’s happy with the conviction. In addition to serving the suspended prison sentence, the man must…

Over the past two decades, online piracy has proven a massive challenge for the entertainment industries. It’s a global issue that’s hard to contain, but various anti-piracy group are doing their best to fight back. There’s a seemingly perpetual stream of takedowns, as evidenced by press releases that come out every week. However, some targets are particularly resistant to enforcement action and much harder to take offline. A few days ago, the Motion Picture Association (MPA) submitted an overview of…

  Microsoft says a Chinese-backed threat group tracked as ‘Storm-0062’ (aka DarkShadow or Oro0lxy) has been exploiting a critical privilege escalation zero-day in the Atlassian Confluence Data Center and Server since September 14, 2023. Atlassian had already notified customers about the active exploitation status of CVE-2023-22515 when it disclosed it on October 4, 2023. Still, the company withheld specific details on the threat groups leveraging the vulnerability in the wild. Today, Microsoft Threat Intelligence analysts shared more information about Storm-0062’s involvement in…

Over the past year, new artificial intelligence tools and services have been surfacing everywhere. This AI boom followed the success of ChatGPT and many people believe these recent developments are just the beginning. While entrepreneurs and the public at large are mostly focused on the new possibilities the technology offers, many copyright holders are focused on potential threats. This includes the music industry’s anti-piracy arm, the RIAA, which previously took action against a popular AI-related Discord server that was shut…