hacking

https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/

Amnesty International’s Security Lab has performed in-depth forensic analysis of numerous mobile devices from human rights defenders (HRDs) and journalists around the world. This research has uncovered widespread, persistent and ongoing unlawful surveillance and human rights abuses perpetrated using NSO Group’s Pegasus spyware.

Most recently, a successful “zero-click” attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021.

https://www.theguardian.com/news/2021/jul/19/how-does-apple-technology-hold-up-against-nso-spyware

The iPhone maker says it is keeping pace with malware, but the Pegasus project paints a worrying picture

https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus

Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.

The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.

Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.

https://www.axios.com/china-cyberattacks-nato-181e71d2-7414-45f3-9463-c8b1d46392c1.html

The U.S., NATO, European Union, U.K., Australia, Canada, New Zealand and Japan say they can now, “with high confidence,” attribute the March attack using the Exchange flaw to cyberattackers affiliated with China’s state security ministry. That attack crippled thousands of computers around the world.

https://www.nrk.no/norge/stort-dataangrep-mot-norsk-ingeniorselskap-1.15568171

Hackargruppa hevdar dei har 2000 gigabyte med sensitiv informasjon som dei vil publisere viss selskapet ikkje innfrir kravet

https://techcrunch.com/2021/07/03/digital-violence-nso-group-spyware/

The research reveals new links between phone hacks and real-world violence

For the first time, researchers have mapped all the known targets, including journalists, activists, and human rights defenders, whose phones were hacked by Pegasus, a spyware developed by NSO Group

https://www.nrk.no/urix/sverige_-hackere-krever-600-millioner-kroner-1.15564723

Angrepet har rammet hundrevis av selskaper over hele verden. Blant dem er svenske Coop, som har måttet stenge hundrevis av dagligvarebutikker, Apotek Hjärtat og SJ.

Kravet er blitt publisert på bloggen til hackergruppen Revil og virker ifølge eksperter autentisk.

Angrepet ble innledet fredag og var rettet mot det amerikanske programvareselskapet Kaseya, som selger tjenester til kunder over hele verden, deriblant Coop.

https://www.svt.se/nyheter/inrikes/coop-tvingas-stanga-efter-kassahaveri

https://www.wired.com/story/atm-hack-nfc-bugs-point-of-sale/

FOR YEARS, SECURITY researchers and cybercriminals have hacked ATMs by using all possible avenues to their innards, from opening a front panel and sticking a thumb drive into a USB port to drilling a hole that exposes internal wiring. Now one researcher has found a collection of bugs that allow him to hack ATMs—along with a wide variety of point-of-sale terminals—in a new way: with a wave of his phone over a contactless credit card reader.

Rodriguez has built an Android app that allows his smartphone to mimic those credit card radio communications and exploit flaws in the NFC systems’ firmware.

https://therecord.media/north-korean-hackers-breach-south-korean-submarine-builder-again/

The target of the attack was Daewoo Shipbuilding & Marine Engineering (DSME), one of the country’s three primary shipbuilding companies—together with Hyundai and Samsung—and the only submarine builder.

Sources said that some of the stolen files included plans for a nuclear-powered submarine that DSME and the South Korean Navy had been working on for the past few years.