Hacking articles

Linus Tech Tips

YouTube channel Linus Tech Tips terminated after it was hacked to show crypto-scam videos

TechLinked has also fallen victim
What just happened? Linus Tech Tips, one of the largest and most popular technology YouTube channels on the platform, has been hacked. It was used by the hackers to show pre-recorded 'live-streaming' crypto-scam videos, featuring former Twitter CEO Jack Dorsey and Tesla CEO Elon Musk. The channel is now showing a message stating it has been shut down for violating YouTube's community guidelines, but it appears Linus' other channels are also being abused.
bitwarden password hacking vulnerability password manager credentials flashpoint

Bitwarden's password manager browser extension has a known exploit it hasn't addressed in five years (Update: fix coming)

PSA: Hackers can steal your username and password for a website using an embedded iframe. It's a weakness for all password managers, and most have addressed the flaw in various ways, including issuing warnings when users are on a login page with an iframe or not trusting subdomains. Bitwarden is the sole exception, having determined in 2018 that the threat was not significant enough to address.
marshals service fbi government united states hacking department of defense department of justice ransomware

U.S. Marshals Service hack is the latest in a string of cybersecurity "incidents" over last two weeks

The big picture: The US government has had a bad run of cybersecurity-related incidents over the last couple of weeks. In the span of 12 days, officials from the FBI, DoD, and USMS have confirmed one data leak caused by human error and two separate attacks against government systems. So far, investigators have either not found any suspects or are keeping the lid on what they have discovered.
lastpass password hack breach

LastPass says employee's home computer was hacked to steal a decrypted vault

Reportedly via Plex
In brief: Password manager LastPass has revealed details of a breach last year that resulted in partially encrypted user login data being stolen. The company confirmed that the incident stemmed from a previous hack in August that enabled the hacker to steal credentials from a DevOps engineer's home computer and obtain a decrypted vault.
hackers windows mortal kombat hacking phishing ransomware cryptocurrency

Hackers hit US Windows systems with "Mortal Kombat" ransomware

Scorpion says: "Get over here!" Watch out for emails from the crypto exchange CoinPayments. Hackers are running a new "Mortal Kombat" ransomware campaign. The attackers disguise the phishing email attachment to look like payment transactions. However, when opened, the payload automatically downloads either ransomware or a crypto-wallet skimmer. So it's a bit like a one-two uppercut. TOASTY!