All posts tagged: hackers

Oracle warns of security bug that hackers abused to breach 100+ companies

Oracle warns of security bug that hackers abused to breach 100+ companies

Published by skeptic

Oracle warned its corporate customers that there is a critical-rated vulnerability in its PeopleSoft software, which is used by large companies to manage payroll and human resources, a day after a cybercrime group took credit for abusing the flaw as part of a mass-hacking campaign. The company published the security advisory on Thursday after the hacking group ShinyHunters claimed to have breached more than 100 organizations that use PeopleSoft servers. Mandiant, the Google-owned security unit that investigates cyberattacks, warned in a blog post that the new Oracle flaw is the same bug that the ShinyHunters group is abusing in its hacking campaign targeting PeopleSoft customers.  Oracle, which has not released a patch for the vulnerability at the time of writing, said in the advisory that the bug can be exploited over the internet without needing any authentication, such as a password.  The tech giant recommended that customers who use PeopleSoft software apply its mitigations to prevent exploitation. On Wednesday, a ShinyHunters member told TechCrunch that the gang compromised the companies by abusing an unpatched flaw …

Hackers Conned a Chatbot to Hijack 20,000 Instagram Accounts

Hackers Conned a Chatbot to Hijack 20,000 Instagram Accounts

Published by skeptic

Just over a week ago, Meta’s AI-powered chat assistant unwittingly gave hackers access to thousands of Instagram accounts, including high-profile ones such as makeup retailer Sephora and the top noncommissioned officer of the US Space Force, as well as Barack Obama’s White House account. The exact number was later revealed in a regulatory filing with the Maine attorney general’s office. The total stands at 20,225 compromised accounts (30 of whom were Maine residents). The hack, reported by 404 Media last week, was easy to pull off against account holders who had not enabled two-factor authentication. Hackers simply asked the AI-powered bot to change the email address for a targeted account to their own. Once that was granted, the hackers requested a password reset, prompting the AI to send a code to their personal email address. After hackers verified the password reset, they were able to take control of the account.  An edited step-by-step video of the process even appeared on X, showing how the hackers used a VPN to make it seem they were in the target’s …

Former cyber executive turned whistleblower accuses IBM of covering up several data breaches

Former cyber executive turned whistleblower accuses IBM of covering up several data breaches

Published by skeptic

A former IBM cybersecurity executive accused the company of getting hacked three times in the previous decade by foreign governments and then covering up the breaches.  In a lawsuit unsealed this week but filed in 2020, William Barlow, who was IBM’s vice president of threat intelligence until August 2019, said IBM concluded Chinese hackers breached its core network between 2013 and 2016 but that the company then covered up the breaches and never disclosed them. Barlow also said at least two IBM subsidiaries were also breached, and that IBM covered up those breaches as well. Barlow alleged in his complaint that IBM’s core network was “routinely hacked by foreign state actors and others,” adding that data was frequently stolen and government agencies were “never notified.”  While the alleged breaches date back more than a decade, the news shows that cyberattacks, even those affecting large public tech companies such as IBM, sometimes never get disclosed, either to the public or to relevant government authorities. IBM is a major cybersecurity vendor to the U.S. federal government, which …

Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person

Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person

Published by skeptic

A ransomware gang has escalated its attacks on law firms by sometimes sending fake IT workers in person to the victims’ offices, where the imposters steal data directly from the victims’ computers using USB drives or help other gang members connect to the computers remotely, according to Google and the FBI.  On Friday, Google’s cybersecurity teams Mandiant and Google Threat Intelligence Group published a new report accusing the cybercriminal gang known as Silent Ransom Group of attempting to steal victims’ information “using physical, in-person access” in attacks from January through May of this year that targeted “dozens” of victims.  “Mandiant has investigated various matters where adversaries planted insiders, bribed employees, or physically entered buildings to facilitate cyberattacks,” Mandiant chief technology officer Charles Carmakal told TechCrunch in a statement, adding that the company has seen this tactic used in other cases over the years as well.  Last month, the FBI published an alert warning that Silent Ransom Group had been targeting law firms with social engineering and phishing attacks pretending to be IT support employees. But …

Instagram is alerting users who were targeted by hackers during AI chatbot attacks

Instagram is alerting users who were targeted by hackers during AI chatbot attacks

Published by skeptic

The widespread hacking campaign that relied on simply asking Meta AI’s chatbot to take over a victim’s Instagram account appears to have continued even after the company said the issue had been resolved. Meanwhile, the company has been scrambling to secure the targeted accounts and alert victims.  Over the weekend, hackers claimed to be exploiting Meta’s AI support chatbot to take over several high-profile Instagram accounts. At the same time, a large number of people complained on social media that their Instagram accounts had been hacked, some of them with unique short user profile handles.  TechCrunch has seen examples of allegedly hacked handles featuring common forenames or names of countries, which can be then re-sold almost as collectibles in a gray market for so-called “OG handles.” Other victims of the hacking spree appeared to be the dormant Obama White House account (which Meta disputed), and the account of the U.S. Space Force’s chief master sergeant John Bentivegna. These attacks were so simple that calling them hacks may be giving the people behind them too much …

Meta AI Support Bot Helped Hackers Hijack Instagram Accounts

Meta AI Support Bot Helped Hackers Hijack Instagram Accounts

Published by skeptic

Meta’s AI support assistant has been helping hackers get access to high-profile Instagram accounts, according to reports on social media. With no verification check, Meta AI would change the email address associated with an Instagram account, allowing the password to be updated. Meta introduced its AI support assistant back in December with the aim of making it easier for customers to access 24/7 account support. It can be used for reporting scams, getting information on content removal, and resetting passwords. The latter option is what bad actors were able to exploit. The Instagram vulnerability showed up on social media over the weekend, with demonstrations of the simple steps taken to get access to an account. In one demo, a hacker asks Meta’s support bot to change the email address linked to a target Instagram account, and the AI does it without question. Meta’s support did not do robust identity verification, and in some cases, it appears it bypassed two-factor authentication. All that was required was a VPN connection set to a location near the target …

Meta AI reportedly let hackers access big Instagram accounts

Meta AI reportedly let hackers access big Instagram accounts

Published by skeptic

Meta — the parent company of Facebook, Instagram, and WhatsApp — continues to integrate AI across its platform. Unfortunately, it appears the company overlooked a major flaw: Meta’s AI support chatbot could apparently be tricked into providing unauthorized users with login access to any Instagram account. Over the past few days, a number of highly followed Instagram accounts were hacked. The Obama White House Instagram account, with 2.4 million followers, was compromised and posted a caption on Sunday that stated: “The White House is under Shiites’ control.” Other accounts, such as the official Instagram account belonging to the Chief Master Sergeant of Space Force, were also hacked. This Tweet is currently unavailable. It might be loading or has been removed. This Tweet is currently unavailable. It might be loading or has been removed. Soon after, sleuths on social media began sharing the news of these hacked accounts along with screen captures showcasing the alleged method used to take them over.  The hackers say they weaponized an exploit that tricked Meta’s AI support chatbot into simply handing …

Chrome now protects you from hackers who steal browser cookies – how it works

Chrome now protects you from hackers who steal browser cookies – how it works

Published by skeptic

Lance Whitney/ZDNET Follow ZDNET: Add us as a preferred source on Google. ZDNET’s key takeaways Hackers can steal your browser cookies to impersonate you. A security feature in Chrome aims to prevent such attacks. The feature ties your cookies to your device’s own security chip. Browser cookies store your login sessions and website preferences so that you can use your favorite sites more easily and seamlessly. But cookies can also be turned against you by savvy hackers who hijack them and use them to impersonate you on their own devices. A new security feature now rolling out in Chrome aims to prevent this type of threat. Also: Half of all cyberattacks start in your browser: 10 essential tips for staying safe As described in a new blog post from Google, the anti-theft feature Device Bound Session Credentials (DBSC) is now available in Chrome for Windows. Enabled by default for all Google Workspace and personal Google accounts, this one is geared for both consumer and enterprise Chrome users. How does this work? How this security feature …

CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

Published by skeptic

CrowdStrike, working with Google and Shadowserver, a nonprofit organization that scans and monitors the internet for cyberattacks, took down a botnet that cybercriminals used to push malware and steal passwords from open-source software developers. The takedown operation had the goal of disrupting the activities of the cybercriminals behind the so-called Glassworm botnet, who have been targeting the broader open source software supply chain for two years, according to CrowdStrike.  In recent months, several hacking groups have targeted developers and open source projects to push malicious software to companies and organizations who in turn use that software. These attacks can be effective because they exploit the trust that companies put into code that’s hosted on platforms like GitHub, and the workers behind that code. “Adversaries are no longer just targeting products, they’re targeting the developers who build them,” CrowdStrike wrote in its report about the takedown operation. “Developers represent uniquely high-value targets: compromising a single developer’s workstation can cascade into a supply-chain compromise that impacts thousands of downstream organizations and users.” The Glassworm hackers used several …

How hackers can break into AI servers with an off-the-shelf antenna

How hackers can break into AI servers with an off-the-shelf antenna

Published by Jenni Sidey

Get the Popular Science daily newsletter💡 Breakthroughs, discoveries, and DIY tips sent six days a week. The word ‘hacker’ comes loaded with a cliched image: A hoodie-clad loner hunched over a keyboard in a room lined with monitors. The stereotype stuck for a reason. And for decades hacking really did come down to how well a hacker could operate a computer. That trend might change. The next generation of attacker may have more in common with a cat burglar than a code monkey. They slip physically close to a target instead of typing their way in. Some of the sharpest new attacks skip the login screen entirely. They reach straight into the hardware, sometimes from the other side of a wall. The researchers behind the discovery are led by Prof. Han Jun of KAIST, working with researchers from the National University of Singapore and Zhejiang University in China. At NDSS (Network and Distributed System Security) 2026, they demonstrated that an antenna trained on a running computer can capture the faint electromagnetic leakage from its GPU. …