Spyware leak offers ‘first-of-its-kind’ look inside Chinese government hacking efforts

Over the weekend, someone posted a cache of files and documents apparently stolen from the Chinese government hacking contractor, I-Soon. This leak gives cybersecurity researchers and rival governments an unprecedented chance to look behind the curtain of Chinese government hacking operations facilitated by private contractors. Like the hack-and-leak operation that targeted the Italian spyware maker […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn

Security experts are warning that a pair of high-risk flaws in a popular remote access tool are being exploited by hackers to deploy LockBit ransomware — days after authorities announced that they had disrupted the notorious Russia-linked cybercrime gang. Researchers at cybersecurity companies Huntress and Sophos told TechCrunch on Thursday that both had observed LockBit […]

© 2024 TechCrunch. All rights reserved. For personal use only.

UnitedHealth says Change Healthcare hacked by nation state, as pharmacy outages drag on

U.S. health insurance giant UnitedHealth Group said Thursday in a filing with government regulators that its subsidiary Change Healthcare was compromised likely by government-backed hackers. In a filing Thursday, UHG blamed the ongoing cybersecurity incident affecting Change Healthcare on suspected nation state hackers but said it had no timeframe for when its systems would be […]

© 2024 TechCrunch. All rights reserved. For personal use only.

FTC bans antivirus giant Avast from selling its users’ browsing data to advertisers

The Federal Trade Commission (FTC) on Thursday said it will ban the antivirus giant Avast from selling consumers’ web browsing data to advertisers after Avast claimed its products would prevent its users from online tracking. Avast also settled the federal regulator’s charges for $16.5 million, which the FTC said will provide redress for Avast’s users […]

© 2024 TechCrunch. All rights reserved. For personal use only.

US health tech giant Change Healthcare hit by cyberattack

U.S. healthcare technology giant Change Healthcare has confirmed a cyberattack on its systems. In a brief statement, the company said it was “experiencing a network interruption related to a cyber security issue.” “Once we became aware of the outside threat, in the interest of protecting our partners and patients, we took immediate action to disconnect […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Discord took no action against server that coordinated costly Mastodon spam attacks

Over the weekend, hackers targeted federated social networks like Mastodon to carry out ongoing spam attacks that were organized on Discord, and conducted using Discord applications. But Discord has yet to remove the server where the attacks are facilitated, and Mastodon community leaders have been unable to reach anyone at the company. “The attacks were […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit

Security experts are warning that a high-risk vulnerability in a widely used remote access tool is “trivial and embarrassingly easy” to exploit, as the software’s developer confirms malicious hackers are actively exploiting the flaw. The maximum severity-rated vulnerability affects ConnectWise ScreenConnect (formerly ConnectWise Control), a popular remote access software that allows managed IT providers and […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Apple readies iMessage for when quantum computers could break encryption

Apple announced today it is upgrading iMessage’s security layer to post-quantum cryptography, starting in iOS and iPadOS 17.4, macOS 14.4, and watchOS 10.4. The technology giant said that in the coming years, quantum computers will be able to break today’s cryptography standards. That’s why Apple said it is changing how end-to-end encryption works with iMessage […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Six things we learned from the LockBit takedown

A sweeping law enforcement operation led by the U.K.’s National Crime Agency this week took down LockBit, the notorious Russia-linked ransomware gang that has for years wreaked havoc on businesses, hospitals, and governments around the world. The action saw LockBit’s leak site downed, its servers seized, multiple arrests made, and U.S. government sanctions applied in […]

© 2024 TechCrunch. All rights reserved. For personal use only.

US sanctions LockBit members after ransomware takedown

The U.S. government has sanctioned two key members of LockBit, the Russian-speaking hacking and extortion gang accused of launching ransomware attacks against victims across the U.S. and internationally. In a post on Tuesday, the U.S. Treasury confirmed it is sanctioning two Russian nationals, Artur Sungatov and Ivan Gennadievich Kondratiev. Sungatov and Kondratiev were separately indicted […]

© 2024 TechCrunch. All rights reserved. For personal use only.