Cybernews researchers uncovered 30 datasets containing 16 billion compromised login credentials, a figure exceeding the global population and suggesting multiple account compromises per individual. This massive collection of data, likely gathered from numerous breaches over time by infostealers, was briefly publicly accessible before being discovered. While the current location of the data remains unknown, the incident underscores the growing need for robust cybersecurity practices. Experts recommend password changes, unique credentials across platforms, and the use of password managers or multi-factor authentication to mitigate future risks.
Read More
Iran’s recent accusation that Israel orchestrated a hack of its state television broadcast, inserting calls for an uprising, is a deeply complex situation. The sheer audacity of such a claim, especially given the existing tensions between the two nations, immediately raises questions. It’s almost as if blaming Israel is a convenient deflection, a way to avoid internal scrutiny and address the underlying issues fueling potential unrest.
The content of the broadcast itself – reportedly featuring footage from the 2022 women’s protests – further complicates the narrative. While Iran portrays this as an act of foreign aggression, the inclusion of this material suggests a deep-seated discontent within the Iranian population that the government is struggling to address.… Continue reading
On April 18th, the City of Abilene suffered a ransomware attack by the Russian group Qilin, resulting in the theft of 477 gigabytes of data and the shutdown of multiple city departments. Qilin demands a ransom by May 27th, threatening data release on the dark web if payment isn’t made; however, paying ransoms is not recommended due to the high costs of recovery and no guarantee of compliance. Cybersecurity expert Sai Huda advises Abilene residents to strengthen their personal security measures, and the city is working with professionals to fully eliminate the malware and prevent future attacks. The city confirms its decision to not pay the ransom and apologizes for service disruptions.
Read More
Nineteen-year-old Matthew Lane pleaded guilty to hacking PowerSchool, a leading education technology company, and stealing the personal data of 62 million children. Lane gained access using a stolen employee password, resulting in the largest known breach of American children’s data. His plea agreement includes a prison sentence of no less than nine years and four months for charges including obtaining information from a protected computer and aggravated identity theft. While Lane admitted to the hack, the extent of his involvement in subsequent extortion attempts remains unclear.
Read More
A hacker compromised TeleMessage, an Israeli firm providing modified messaging apps to U.S. government agencies, resulting in the theft of customer data. Stolen data includes direct messages and group chats from modified Signal, WhatsApp, Telegram, and WeChat clients, exposing vulnerabilities in the archiving process. The breach impacted various clients, including Customs and Border Protection and Coinbase, highlighting a lack of end-to-end encryption between the modified apps and TeleMessage’s servers. While high-level officials’ messages weren’t accessed, the incident demonstrates significant security flaws.
Read More
Shopping Trends operates independently from CTV News journalists. The team’s recommendations may result in a commission if a purchase is made via provided links. This information is disclosed for transparency. Further details about Shopping Trends can be found by clicking the provided link.
Read More
Defense Secretary Pete Hegseth’s use of his personal phone number in a Signal chat group, containing sensitive information about U.S. military actions, has raised serious security concerns. His number was readily available online across various platforms, including social media and review sites, making him a prime target for sophisticated hacking attempts. Experts warn that this easily accessible information could have enabled adversaries to install spyware on his phone, compromising national security. The incident, dubbed “Signalgate,” further intensifies pressure on Hegseth’s position.
Read More
Defense Secretary Pete Hegseth used a “dirty” internet line in his Pentagon office to access the Signal messaging app on a personal computer, bypassing security protocols. This unsecured connection, while used in other Pentagon offices for specific purposes, exposed Hegseth to potential hacking and surveillance, raising concerns about the potential compromise of sensitive defense information. Hegseth’s actions are under investigation by the Defense Department’s inspector general following revelations he shared details of a military airstrike via Signal in multiple group chats. Despite the Pentagon offering secure communication channels, Hegseth’s use of Signal and the unsecured line has generated significant controversy.
Read More
Internal GSA records reveal that sensitive government documents, potentially including classified White House floor plans and bank information, were inadvertently shared with over 11,000 employees across both the Trump and Biden administrations. This oversharing, spanning at least four years, involved a Google Drive folder containing files marked as “controlled unclassified information” but requiring protection. The incident prompted a cybersecurity investigation and corrective action, but highlights a pattern of careless handling of sensitive data across multiple administrations. While the classification of some documents remains unclear, the breach underscores a need for enhanced digital security training within the federal government.
Read More
4chan, the notorious internet message board, has been hacked. This isn’t some minor security breach; this involved a cleverly executed exploit leveraging a vulnerability that highlights the site’s outdated infrastructure. The attack apparently centered around a seemingly innocuous PDF file uploaded to a board that allowed such uploads. This PDF, however, contained malicious code written in PHP, which upon execution granted the attacker near-complete control over the system. The outdated nature of 4chan’s systems, seemingly untouched since at least 2014, is being cited as a major contributing factor to the successful hack.
The attacker’s methods seem remarkably simple, focusing on a well-known vulnerability in PDF handling.… Continue reading
John Q. Hosedrinker 
Matt Underwood