hacking

https://www.binance.com/en/blog/community/scammers-created-an-ai-hologram-of-me-to-scam-unsuspecting-projects-6406050849026267209

Over the past month, I’ve received several online messages thanking me for taking the time to meet with project teams regarding potential opportunities to list their assets on Binance.com. This was odd because I don’t have any oversight of or insight into Binance listings, nor had I met with any of these people before.

It turns out that a sophisticated hacking team used previous news interviews and TV appearances over the years to create a “deep fake” of me. Other than the 15 pounds that I gained during COVID being noticeably absent, this deep fake was refined enough to fool several highly intelligent crypto community members. 

https://www.wired.com/story/starlink-internet-dish-hack/

It cost a researcher only $25 worth of parts to create a tool that allows custom code to run on the satellite dishes.

https://therecord.media/report-mercenary-spyware-exploited-google-chrome-zero-day-to-target-journalists/

A zero-day vulnerability in Google Chrome was discovered when attackers exploited it to target users in the Middle East, including journalists, cybersecurity firm Avast said Thursday. 

The company attributed the attacks to a secretive Israeli firm known as Candiru — named after a notorious parasitic fish — that sells spyware to governments. 

https://www.vice.com/en/article/z34xnw/hackers-say-they-can-unlock-and-start-honda-cars-remotely

The Honda models that Kevin2600 and his colleagues tested the attack on use a so-called rolling code mechanism, which means that—in theory—every time the car owner uses the keyfob, it sends a different code to open it. This should make it impossible to capture the code and use it again. But the researchers found that there is a flaw that allows them to roll back the codes and reuse old codes to open the car, Kevin2600 said.

https://www.reuters.com/investigates/special-report/usa-hackers-litigation/

A trove of thousands of email records uncovered by Reuters reveals Indian cyber mercenaries hacking parties involved in lawsuits around the world – showing how hired spies have become the secret weapon of litigants seeking an edge.

…

Reuters identified 35 legal cases since 2013 in which Indian hackers attempted to obtain documents from one side or another of a courtroom battle by sending them password-stealing emails.

The messages were often camouflaged as innocuous communications from clients, colleagues, friends or family. They were aimed at giving the hackers access to targets’ inboxes and, ultimately, private or attorney-client privileged information.

https://tidbits.com/2022/06/27/why-passkeys-will-be-simpler-and-more-secure-than-passwords/

Apple has unveiled its version of passkeys, an industry-standard replacement for passwords that offers more security and protection against hijacking while simultaneously being far simpler in nearly every respect.

https://www.reuters.com/technology/tesla-cars-bluetooth-locks-vulnerable-hackers-researchers-2022-05-17/

Millions of digital locks worldwide, including on Tesla cars, can be remotely unlocked by hackers exploiting a vulnerability in Bluetooth technology, a cybersecurity firm said on Tuesday.

In a video shared with Reuters, NCC Group researcher Sultan Qasim Khan was able to open and then drive a Tesla using a small relay device attached to a laptop which bridged a large gap between the Tesla and the Tesla owner’s phone.

“This proves that any product relying on a trusted BLE connection is vulnerable to attacks even from the other side of the world,” the UK-based firm said in a statement, referring to the Bluetooth Low Energy (BLE) protocol – technology used in millions of cars and smart locks which automatically open when in close proximity to an authorised device.

…

NCC Group said such a vulnerability was not like a traditional bug which could be fixed with a software patch and added BLE-based authentication was not originally designed for use in locking mechanisms.

https://www.nrk.no/norge/advarer-mot-skreddersydd-svindel-etter-datalekkasje-1.15963551

Personopplysningene som er på avveie etter det store datainnbruddet mot Norkart, kan åpne for mer utspekulerte former for svindel, tror ekspert.

[…]

De neste månedene anbefaler han å være ekstra varsom for spesielle brev, e-poster og telefoner.

– Bruk god dømmekraft, og være skeptisk – hver eneste gang du får en henvendelse, hvor du ikke enkelt kan identifisere hvem som står bak, påpeker Jøsang.

https://www.nrk.no/norge/dataangrep-mot-norkart_-3_3-millioner-kan-vaere-berort-1.15962268

Selskapet Norkart, som leverer IT-systemer for kart- og eiendomsinformasjon, er utsatt for et dataangrep. Persondata for opp mot 3,3 millioner innbyggere er på avveier.

Selskapet varslet om dataangrepet tirsdag. Alle som eier eiendom i Norge kan være berørt.

[…]

– Det vi ønsker nå er at alle som er eiere eller festere er ekstra årvåkne når det gjelder forsøk på svindel. Et godt råd er å sperre seg for sjekk av kredittopplysninger og følge med på hva som skjer i postkassen din.

https://www.theverge.com/2022/3/16/22981806/facebook-removes-deepfake-ukraine-zelenskyy-meta-instagram

In the fake video, Zelenskyy surrenders to Russian invasion

…

The deepfake appears to have been first broadcasted on a Ukrainian news website for TV24 after an alleged hack