Category: x.tech

The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.  These breaches occurred last month and impacted Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, both providers of relocation services to Canadian government employees.  Government-related information stored on compromised BGRS and SIRVA Canada systems dates back to 1999, and it belongs to a broad spectrum of affected individuals, including members of the Royal Canadian Mounted…

Malicious actors have been abusing Ethereum’s ‘Create2’ function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. This is reported by Web3 anti-scam specialists at ‘Scam Sniffer,’ who observed several cases of in-the-wild exploitation of the function, in some cases losses incurred by one individual reaching up to $1.6 million. Legitimate function Create2 is an opcode in Ethereum, introduced in the ‘Constantinople’ upgrade, that allows creating smart…

Boeing, a prominent aerospace manufacturer and defense contractor, found itself targeted by the Lockbit ransomware group at the end of October. This cybercriminal organization claimed responsibility for infiltrating Boeing’s systems and asserted that it had obtained a substantial amount of sensitive data. The group threatened to disclose this information unless Boeing engaged with them before the initial deadline, initially set for November 2, 2023, at 13:25:39 UTC but later extended to November 10, 2023. In early November 2023, Boeing officially…

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. Before the leak, LockBit hackers said that Boeing ignored warnings that data would become publicly available and threatened to publish a sample of about 4GB of the most recent files. Backup data published LockBit ransomware has leaked more than 43GB of files from Boeing after the company refused to pay a ransom. Most of the data listed on the hacker…

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals, including ransomware actors. Zhdanova used her expertise in cryptocurrency and blockchain networks to move money through various platforms such as Garantex (sanctioned in April 2022 for aiding the Hydra Market) to evade “Anti-Money Laundering/Combating the Financing of Terrorism” (AML/CFT) controls. A report from blockchain analysis firm Chainalisys provided additional information about Zhdanova’s public businesses, which may or may not be part of her…

The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library (TPL) is Canada’s largest public library system, giving access to 12 million books through 100 branch libraries across the city. The library system has 1,200,000 registered members and operates on a budget that surpasses $200M. Earlier this week, TPL warned that a cyberattack is causing technical outages on its websites and some online services. These outages include the tpl.ca site…

In a devastating cyberattack that unfolded over three days in May 2023, numerous victims fell prey to a large-scale intrusion. The attackers exploited a vulnerability in MOVEit, a managed file transfer software, sending shockwaves across various sectors. Government agencies, airlines, educational institutions, financial organizations, and healthcare providers found themselves in the crosshairs of this breach. The attackers absconded with sensitive data, including credit card information, personally identifiable information (PII), and social security numbers (SSNs). In a startling revelation, Bloomberg reported…

The Trump era was very, very good to the country’s giant telecom monopolies. Trump officials doled out billions in tax breaks (AT&T nabbed $42 billion alone) and billions more in poorly tracked subsidies. It also approved anticompetitive mergers without even reading the details, and handed out all manner of regulator favors like the dismantling of net neutrality or the elimination of media consolidation rules. In absolutely every instance telecoms like AT&T and Comcast claimed these efforts would boost broadband deployment…

The Intercept has an interesting article that reveals another reason why some newspaper publishers are not great fans of the site: The New York Times tried to block a web crawler that was affiliated with the famous Internet Archive, a project whose easy-to-use comparisons of article versions has sometimes led to embarrassment for the newspaper. As the article explains, one of the important uses of the Internet Archive’s Wayback Machine is to compare Web pages as they are updated over time. It allows the…

Facebook and Instagram are trying to educate users on copyright infringement by showing a ‘popup’ to those who search for potentially problematic terms such as IPTV. This is one of the many voluntary anti-piracy tools the Meta-owned social media platforms have implemented, in an effort to help combat online copyright infringement. Similar to any other online platforms that deal with user-generated content, Instagram and Facebook process thousands of copyright complaints daily. Simply responding to takedown notices isn’t sufficient for all…

Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platform. Casio detected the incident on Wednesday, October 11, following the failure of a ClassPad database within the company’s development environment. Evidence suggests that the attacker accessed customers’ personal information a day later, on October 12. The exposed data includes customer names, email addresses, countries of residence, service usage details, and purchase information such as payment methods,…

Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens’ personally identifiable information (PII) and selling it on the dark web. The man was indicted with his wife, Natasha Renee Chalk, in February 2021 and pleaded guilty to aggravated identity theft and conspiracy to commit wire fraud in March 2023. According to information contained in the indictment, Hooper opened an online account with a company maintaining a…

A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info and genetic predispositions. 23andMe told BleepingComputer that this data was obtained through credential stuffing attacks on accounts using weak passwords or credentials exposed in other data breaches. However, the company says there is no evidence of…

Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed to have impacted millions of its customers. Late last month, a threat actor leaked 23andMe customer data in a CSV file named ‘Ashkenazi DNA Data of Celebrities.csv’ on hacker forums. The file allegedly contained the data of nearly 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info, genetic predispositions, and more. Initial leak of 23andMe data on a…

Last Thursday, a Danish court sentenced a 24-year old programmer from Silkeborg to 60 days probation for his role in operating the torrent tracker ShareUniversity. The sentencing is the latest in Denmark following an unprecedented crackdown on local torrent trackers that has already resulted in more than a dozen prosecutions, with more yet to come. The National Unit for Special Crime (NSK) reports that it’s happy with the conviction. In addition to serving the suspended prison sentence, the man must…

Over the past two decades, online piracy has proven a massive challenge for the entertainment industries. It’s a global issue that’s hard to contain, but various anti-piracy group are doing their best to fight back. There’s a seemingly perpetual stream of takedowns, as evidenced by press releases that come out every week. However, some targets are particularly resistant to enforcement action and much harder to take offline. A few days ago, the Motion Picture Association (MPA) submitted an overview of…