Brazilian gang defrauds Uber, Lyft, DoorDash using GPS spoofing and stolen IDs
US authorities have charged a gang of Brazilian nationals for a scheme that defrauded the customers of services like Uber, Lyft, DoorDash, and two other unidentified food delivery services.
Security firm Rapid7 says Codecov hackers accessed some of its source code
Boston-based security firm Rapid7 disclosed today that a threat actor accessed some of its source code after a hack at software supplier Codecov earlier this year.
Price of IPv4 addresses, one of the Internet’s hottest commodities, reaches all-time high
Companies that own or manage IPv4 address blocks should be on the lookout for an increased risk of hijacking attempts in the coming months as the price for an IPv4 address has reached an all-time high, which might encourage threat actors to go after unused or unsecured IPv4 inventory.
WiFi devices going back to 1997 vulnerable to new Frag Attacks
A Belgian security researcher has discovered a series of vulnerabilities that impact the WiFi standard, with some bugs dating back as far back as 1997 and affecting devices sold for the past 24 years.
Thousands of Tor exit nodes attacked cryptocurrency users over the past year
For more than 16 months, a threat actor has been seen adding malicious servers to the Tor network in order to intercept traffic and perform SSL stripping attacks on users accessing cryptocurrency-related sites.
SolarWinds says fewer than 100 customers were impacted by supply chain attack
Texas-based software firm SolarWinds downgraded the number of customers impacted by its 2020 supply chain attack from 18,000 to less than 100.
iOS users are using Apple’s new tracking opt-out feature, ad industry stats show
Twelve days after Apple released iOS 14.5, most iPhone users today are taking advantage of a new anti-tracking feature included in the updated operating system and are refusing to allow iOS apps to track their activities.
UK and US share more vulnerabilities exploited by Russia’s APT29 hackers
The UK government’s cybersecurity agency has published today an in-depth report detailing techniques used by a group of Russian state hackers known as APT29, Cozy Bear, or the Dukes.
Google to enable 2FA for all users, add privacy labels to Android apps
On World Password Day, on Thursday, Google has announced two upcoming security and privacy changes that will help the company’s customers stay safe in the face of an ever-increasing wave of cyber-attacks and intrusive tracking technologies.
Rare new Windows rootkit spotted in Chinese APT attacks
In a report published today, security firm Kaspersky said it discovered a rare new Windows rootkit that has remained undetected since at least 20018 and has been deployed in some highly targeted attacks.