News

FortiGuard explained that ThirdEye can harvest BIOS and hardware data

Kaspersky analyzes the group’s tactics and reveals the emergence of a new threat called EarlyRat

Zimperium records large increase in share of compromised devices

Encrypted comms platform was used by organized criminals

Its 3600 applicants will barely make a dent in overall skills shortages

Technically, it’s “up to $10 million”, but it’s potentially a LOT of money, nevertheless…

The stalkerware company LetMeSpy has been hacked:

TechCrunch reviewed the leaked data, which included years of victims’ call logs and text messages dating back to 2013.

The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy. (LetMeSpy claims to delete data after two months of account inactivity.)

[…]

The database also contained over 13,400 location data points for several thousand victims. Most of the location data points are centered over population hotspots, suggesting the majority of victims are located in the United States, India and Western Africa.

The data also contained the spyware’s master database, including information about 26,000 customers who used the spyware for free and the email addresses of customers who bought paying subscriptions.

The leaked data contains no identifying information, which means people whose data was leaked can’t be notified. (This is actually much more complicated than it might seem, because alerting the victims often means alerting the stalker—which can put the victims into unsafe situations.)

ThreatFabric said the ongoing campaign started in March and has witnessed over 30,000 installations

American Airlines reported 5745 pilots and applicants affected, Southwest Airlines reported 3009

CardinalOps examined 4000 detection rules, one million log sources and many unique log source types