Tech News
Killnet, a hacking collective, published U.S. state government websites as targets in Russian messages on the tech platform Telegram alongside an image of fire erupting behind the Statue of Liberty accompanied by the captions “USA Offline” and “F*ck NATO.”
The CIA used hundreds of websites for covert communications that were severely flawed and could have been identified by even an “amateur sleuth”, according to security researchers. The flaws reportedly led to the death of more than two dozen US sources in China in 2011 and 2012 and also reportedly led Iran to execute or imprison other CIA assets.
The City of London Police has arrested seven teenagers that are suspected to be involved in the Lapsus$ hacking group. A 16-year-old from Oxford, UK, has also been named by rival hackers and researchers as one of the groups leaders but the police did not say whether he was included in the group that was arrested.
On the 24th of September 2022 a post emerged on the ‘BreachForums’ message board (which appears to be the old Raid Forums, apparently reborn from the ashes) posting a data sample of approximately 100-200 records demanding a $1.5mil USD via Monero from Optus. Australia’s second largest telecommunications provider. The alleged hack revealing names, dates of birth, addresses, medicare numbers (Australian national healthcare) and drivers licence numbers.
The City of London Police has arrested seven teenagers that are suspected to be involved in the Lapsus$ hacking group. A 16-year-old from Oxford, UK, has also been named by rival hackers and researchers as one of the groups leaders but the police did not say whether he was included in the group that was arrested.
On April 15, we published a blog detailing an attack campaign utilizing stolen OAuth user tokens issued to two third-party GitHub.com integrators, Heroku and Travis CI. The npm organization on GitHub.com was impacted by this campaign and we have been actively investigating the impact of this attack on npm since April 12. Today, we are sharing details of what we’ve learned during our investigation and an additional, though unrelated, finding impacting npm. Below is a brief summary; read on to learn more.