Hacking, Security & Privacy

All the latest Hacking, Security & Privacy news with plenty of coverage on new data breaches and leaks, new hacks, ways to protect yourself online & plenty more.

Follow TweakTown on Google News

Widespread VPN attack: 2.8 million IPs involved in brute-force campaign

Ille Smolanko | Feb 12, 2025 1:01 AM CST

An unidentified threat actor is conducting brute-force attacks targeting over 2.8 million VPN and network devices worldwide. Threat monitoring platform The Shadowserver Foundation posted the reports to X, highlighting a wave of intrusion attempts against networks using devices from Palo Alto, Ivanti, and SonicWall.

Widespread VPN attack: 2.8 million IPs involved in brute-force campaign

There's a specific concentration of attacks in Brazil, Turkey, Russia, and Argentina, with 1.1 million of the 2.8 million affected devices located in Brazil. The foundation also reports that the brute-force attacks are primarily targeting vulnerable edge (network) devices - particularly compromised routers from manufacturers such as MikroTik, Huawei, Cisco, Boa, and ZTE. Threat actors are leveraging a botnet or residential proxy network to disguise malicious traffic, making detection and mitigation more difficult.

The companies above often provide enterprise-level VPNs used for remote work and secure corporate access, making them targets for network infiltration. As reported by Techradar, the attack fits the profile of a conventional brute-force attack, during which threat actors submit large numbers of username and password combinations until breaking through. In that regard, devices with week or reused credentials are particularly vulnerable.

Continue reading: Widespread VPN attack: 2.8 million IPs involved in brute-force campaign (full post)

Intel's Security Report for 2024 says its products are more secure than AMD's or NVIDIA's

Kosta Andreadis | Feb 11, 2025 10:02 PM CST

Intel has released its 2024 Intel Product Security Report, which includes several findings and statistics designed to showcase the company's "competitive edge in security assurance." Especially when compared to its main competition in the CPU space, AMD, and especially when it comes to Intel's proactive approach to discovering vulnerabilities.

Intel's Security Report for 2024 says its products are more secure than AMD's or NVIDIA's

According to a detailed slide in the report, "Intel's proactive product security assurance efforts resulted in the discovery and mitigation of 94% of platform firmware vulnerabilities" compared to just 57% on AMD's side. This is for vulnerabilities discovered within CPU firmware, which is a significant concern. One of the highest-profile security stories of 2024 was the 'Sinkclose' vulnerability affecting millions of Ryzen CPUs.

Intel also outlines how its GPU security stacks up against NVIDIA and AMD, where Team Blue had the "fewest number of GPU vulnerabilities in 2024 at 10, while AMD had 13 and NVIDIA posted 18." And of those 18 for NVIDIA, they are all 'high severity.'

Continue reading: Intel's Security Report for 2024 says its products are more secure than AMD's or NVIDIA's (full post)

Microsoft Defender had a built-in VPN - but not anymore as little-known feature has been canned

Darren Allan | Feb 3, 2025 10:20 AM CST

Microsoft Defender has a VPN, and if this is the first you're hearing of this - and you wouldn't be alone in that - well, the discovery comes a bit late, as the news here is that the software giant is ditching this feature.

Microsoft Defender had a built-in VPN - but not anymore as little-known feature has been canned

Microsoft Defender is a solid enough option for security that's left in place as default coverage in Windows for less tech-savvy people who don't know much, or indeed care much, about antivirus apps.

It has a built-in VPN feature called 'privacy protection' which rolled out last year (actually from late 2023). Microsoft implemented it as a basic service, as you might imagine, with no server choice, so it's just a simple switch to hook you up to the nearest server and provide encryption for your data being sent online (and anonymity for your IP address).

Continue reading: Microsoft Defender had a built-in VPN - but not anymore as little-known feature has been canned (full post)

FBI seizes domains for infamous hacking forums that created 17 million US victims

Jak Connor | Feb 1, 2025 12:01 AM CST

The Department of Justice has announced the FBI has seized two infamous hacking forums that created 17 million American victims.

FBI seizes domains for infamous hacking forums that created 17 million US victims

The two hacking forums that are now in possession of the US government are Cracked.io and Nulled.to, which are known hubs for cybercriminal activity, with their main focus being password theft, cracked software sharing, credential theft, hacking tools, and data breaches. According to the press release from the DOJ, the domains for each of the forums were seized under Operation Talent, a multinational law enforcement operation that included authorities from the following countries: the United States, Italy, Spain, Europe, France, Greece, Australia, and Romania.

Banners have now been placed on both of the websites, stating the domains have been seized by international law enforcement partners. Cracked.io staff initially published an announcement on their Telegram channel where they wrote the problems users were reporting with the website, such as error messages being presented when loading was attempted, was related to a data center issue. However, an update from Cracked.io staff confirmed, "Cracked.io has been seized under operation talent with specific reasons being undisclosed."

Continue reading: FBI seizes domains for infamous hacking forums that created 17 million US victims (full post)

Stop Spam and Scams: Create a Private Online Identity

Kosta Andreadis | Dec 17, 2024 7:07 AM CST

With so much personal information and data stored online, identity theft, getting scammed, and being the victim of fraud is a real threat.

Stop Spam and Scams: Create a Private Online Identity

From online shopping to dating apps to streaming services and simply creating an account to access a single piece of information you're interested in, we're all potentially exposing our sensitive personal information and data every time we hit that 'sign up' button.

Millions see the effects daily, from online-specific data points like usernames and email addresses leading to email inboxes filled with spam and phishing attempts to exposed phone numbers leading to scam calls and text messages. The latter can lead to severe outcomes, with scam calls and phishing texts looking to infect your mobile device, make a payment, or trick you into revealing additional personal information.

Continue reading: Stop Spam and Scams: Create a Private Online Identity (full post)

See if Your Personal Data is Compromised with the Free Data Leak Checker

Kosta Andreadis | Dec 16, 2024 6:39 PM CST

The email addresses we use daily with online service require a login, and this data point is often linked with additional information like passwords, personal information, and phone numbers.

See if Your Personal Data is Compromised with the Free Data Leak Checker

In Q3 2024, over 100 million North American accounts were breached - a figure that makes up a quarter of affected accounts. Globally, that number skyrockets to over 420 million, which means over 3,200 accounts were compromised every minute. This covers small businesses, large corporations, and everyday internet users with sensitive personal data, leaving many individuals vulnerable to identity theft and fraud.

Due to a recent "security event," one of the largest companies in the world, Amazon, saw phone numbers, email addresses, and locations of its employees stolen as part of last year's MOVEit Transfer hack. In another recent example, U.S. communications giant T-Mobile was reportedly breached as part of a Chinese hacking operation targeting international telecommunications companies.

Continue reading: See if Your Personal Data is Compromised with the Free Data Leak Checker (full post)

Microsoft confirms Ukrainian frontline was hit with hacks traced back to Russia

Jak Connor | Dec 12, 2024 4:33 AM CST

A group of hackers connected to the Russian government have launched cyber attacks at Starlink-connected infrastructure in Ukraine to target devices being used by Ukrainian soldiers on the frontline. Microsoft has confirmed the infrastructure has been compromised, and currently, investigators still don't know what vulnerability was exploited.

Microsoft confirms Ukrainian frontline was hit with hacks traced back to Russia

Microsoft has labeled the group as "Secret Blizzard," and according to reports and the latest Microsoft Security blog post, in at least one instance this year when Ukrainian frontline devices were targeted, Secret Blizzard used infrastructure created by a cybercrime group Microsoft tracks as Storm-1919. In another instance,e Secret Blizzard leveraged infrastructure from another group called Storm-1837, a Russian-based cybercrime group that targets Ukrainian drone operations.

So, how did they gain access to the infrastructure? Microsoft explains the cybercriminals between March and April this year used a bot swarm attack to install the XMRIG cryptocurrency app on targeted servers. Typically, hackers will install this malware and then use the device's resources to mine a cryptocurrency, which they then sell online for real money. However, Microsoft writes the ultimate objective of bot swarm malware was to install Tavdig, a backdoor Secret Blizzard used to conduct reconnaissance on the target device.

Continue reading: Microsoft confirms Ukrainian frontline was hit with hacks traced back to Russia (full post)

Microsoft sounds alarm on cyberspy group now targeting critical US infrastructure

Jak Connor | Dec 6, 2024 11:06 AM CST

Microsoft Threat Intelligence has warned that a Chinese government espionage hacking group is targeting critical US infrastructure, such as telecommunications networks, financial and legal services industries, and government and non-government agencies.

Microsoft sounds alarm on cyberspy group now targeting critical US infrastructure

Sherrod DeGrippo, the director of threat intelligence strategy at Microsoft, spoke with The Register, saying the new group Microsoft is tracking under the moniker "Storm-0227" began targeting critical US infrastructure as soon as yesterday. DeGrippo says the group has been active since January but didn't say its total number of victims. Notably, DeGrippo said the group's members have some overlap with Silk Typhoon, a notorious Chinese government-affiliated hacking group known for healthcare, law firms, higher education, defense contractors, and non-governmental organizations.

Furthermore, over the past 12 months, Microsoft has seen a significant increase in the frequency of attacks by Chinese hacking groups. As for how the hacking is done, The Register reports Storm-0227 typically infiltrates a system by exploiting security vulnerabilities in public-facing applications and spear-fishing emails that contain contaminated links or attachments. The objective of Storm-0227 is to get a victim to click on a document that automatically downloads SparkRAT, an open-source remote administration tool that enables the controller administrative access to a machine.

Continue reading: Microsoft sounds alarm on cyberspy group now targeting critical US infrastructure (full post)

Top US senator confirms China is listening in on phone calls, including the Presidents

Jak Connor | Nov 27, 2024 12:32 AM CST

Last week, telecommunications executives sat in front of the Biden administration and discussed the exponential frequency of cyber attacks from China on the United States, with one Senator saying the attacks from China make severe cyber security events such as Solar Winds caused by Russia-affiliated bad actors look like "child's play."

Top US senator confirms China is listening in on phone calls, including the Presidents

The details come from Senator Mark R Warner, who spoke to the press and said that "my hair is on fire" with the ramping cyber attacks from China, which started increasing well before the recent US election. Additionally, the Senator stated the presence and nature of the attacks may require the replacement of "literally thousands and thousands and thousands" of routers, switches, and other potentially infiltrated hardware.

Furthermore, the Senator warned that the extent to which these attacks have affected US networks is currently unknown, describing the situation as follows: "The barn door is still wide open, or mostly open." More specifically, US telecommunications networks that have been infiltrated may provide Chinese state employees or affiliated hackers with the means of listening in on phone calls, even as high as President-elect Donald Trump.

Continue reading: Top US senator confirms China is listening in on phone calls, including the Presidents (full post)

Microsoft asks President Trump for help against Russian and Chinese cyber attacks

Jak Connor | Nov 25, 2024 12:04 AM CST

In a recent interview with the Financial Times, Brad Smith, the vice chair and top legal officer at Microsoft, said that he is hoping President Trump and his administration push back harder against foreign cyber attacks, particularly those that originate from Russia and China.

Microsoft asks President Trump for help against Russian and Chinese cyber attacks

Cyber attacks from Russia and China have become more and more frequent, with Microsoft only recently confirming that Russian state-backed hacking group Midnight Blizzard infiltrated its servers. Microsoft has since implemented security updates to mitigate the likelihood of breaches, but attacks are still increasing and only becoming more sophisticated. Brad Smith, Microsoft's vice chair and top legal officer, has called upon the Trump Administration to "push harder" against cyber attacks, saying the issue "deserves to be a more prominent issue of international relations".

Smith has said he hopes Trump is prepared to send a "strong message" to Russia, Iran, and any other nation that is launching cyber attacks on the US. It was only earlier this month US authorities accused China of launching widespread cyber espionage campaigns against the US, with a recent Microsoft-led study finding that more than 600 million cyber attacks are launched at its customers every day. Moreover, Microsoft found that criminal gangs are now increasingly teaming up with "nation-state groups" to launch operations against targets and share hacking tools.

Continue reading: Microsoft asks President Trump for help against Russian and Chinese cyber attacks (full post)

Newsletter Subscription