Hacker News with Generative AI: Cybersecurity

Oracle privately confirms Cloud breach to customers (bleepingcomputer.com)
Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017, Bloomberg reported.
Spike in Palo Alto Networks scanner activity suggests imminent cyber threats (securityaffairs.com)
<p>China-linked group UNC5221 exploited Ivanti Connect Secure zero-day since mid-March</p>
Cybersecurity Professor Faced China Funding Inquiry Before Disappearing (wired.com)
Before the official faculty profiles of renowned Indiana University, Bloomington (IU) data privacy professor Xiaofeng Wang and his wife disappeared and the FBI raided two of the couple’s homes last week, the school is said to have been reviewing for months whether the professor received unreported research funding from China, WIRED has learned.
Crimelords at Hunters International tell lackeys ransomware too 'risky' (theregister.com)
Big-game ransomware crew Hunters International says its criminal undertaking has become "unpromising, low-converting, and extremely risky," and it is mulling shifting tactics amid an apparent rebrand.
Hacking the call records of millions of Americans (evanconnelly.github.io)
Imagine if anyone could punch in a phone number from the largest U.S. cell carrier and instantly retrieve a list of its recent incoming calls—complete with timestamps—without compromising the device, guessing a password, or alerting the user.
Oracle's masterclass in breach comms: Deny, deflect, repeat (theregister.com)
Oracle is being accused of poor incident comms as it reels from two reported data security mishaps over the past fortnight, amid a reluctance to publicly acknowledge all of the events as well as allegedly deleting evidence from the web.
Alleged Deel Spy Confesses to Coordinating with Deel CEO Alex Bouaziz (newcomer.co)
BREAKING: Alleged Deel Spy Confesses to Coordinating with Deel CEO Alex Bouaziz
Someone is trying to recruit security researchers in a bizarre hacking campaign (techcrunch.com)
Someone is making precisely that tantalizing, bizarre, and clearly sketchy job offer. The person is using what looks like a series of fake accounts with avatars displaying photos of attractive women and sliding into the direct messages of several cybersecurity professionals and researchers on X in the last couple of weeks.
Over 200M Records Allegedly Belonging to X Leaked Online (safetydetectives.com)
Furry hackers who leaked Heritage Foundation data feared raided by feds (dailydot.com)
Individuals with connections to SiegedSec, the now-defunct group of “gay furry hackers” who leaked data relating to the think tank behind Project 2025, believe their former leader may have been arrested in a raid by law enforcement.
UK's GCHQ Intern Transferred Top Secret Files to His Phone (bbc.com)
A former GCHQ intern has admitted risking national security by taking top secret data home with him on his mobile phone.
Oracle Cloud security SNAFU latest: IT giant's pedantry as evidence vanishes (theregister.com)
Two Oracle data security breaches have been reported in the past week, and the database goliath not only remains reluctant to acknowledge the disasters publicly – it may be scrubbing the web of evidence, too.
The North Korea worker problem is bigger than you think (cyberscoop.com)
North Korean nationals have infiltrated businesses across the globe with a more expansive level of organization and deep-rooted access than previously thought, insider risk management firm DTEX told CyberScoop.
Doge accesses federal payroll system and punishes employees who objected (arstechnica.com)
Elon Musk's Department of Government Efficiency (DOGE) has gained access "to a payroll system that processes salaries for about 276,000 federal employees across dozens of agencies," despite "objections from senior IT staff who feared it could compromise highly sensitive government personnel information" and lead to cyberattacks, The New York Times reported today.
Oracle attempt to hide cybersecurity incident from customers? (doublepulsar.com)
Being a provider of cloud SaaS (Software-as-a-service) solutions requires certain cybersecurity responsibilities — including being transparent and open. The moment where this is tested at Oracle has arrived, as they have a serious cybersecurity incident playing out in a service they manage for customers.
Intel and Microsoft staff lured to work for fake Chinese company in Taiwan (theregister.com)
Chinese tech companies created entities in Taiwan and disguised them so they had no connections to China, so they could lure top tech talent to work on significant projects.
"The US government has the ability to access many politicians' emails in Europe" (republik.ch)
Anmelden<h1>«Die US-Regierung hat die Möglichkeit, auf viele Politiker­mails in Europa zuzugreifen»</h1><p>Warum europäische Regierungen aus den amerikanischen Clouds dringend raus­sollten und wie sie das am schnellsten anstellen, erklärt der niederländische Informatiker und Geheimdienst­experte Bert Hubert.</p>
FBI Alert Issued as Time Traveling Hackers Attack –Act Now (forbes.com)
Enable 2FA as time-traveling hackers strike.
FBI raids home of prominent computer scientist who has gone incommunicado (arstechnica.com)
A prominent computer scientist who has spent 20 years publishing academic papers on cryptography, privacy, and cybersecurity has gone incommunicado, had his professor profile, email account, and phone number removed by his employer Indiana University, and had his homes raided by the FBI. No one knows why.
Exploiting exposed Portainer agent and using new SSH persistence (exatrack.com)
During an incident response for one of our clients, we stumbled upon a server compromised by the now relatively documented 1234 perfctl malware.
Oracle Health (formerly Cerner) breach compromises patient data at US hospitals (bleepingcomputer.com)
A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers.
You Have 7 Days to Act Following Gmail Lockout Hack Attacks, Google Says (forbes.com)
As the FBI takes the unusual step of warning users of webmail platforms, including Gmail, to enable two-factor authentication in the light of a dangerous new ransomware threat campaign, Google email users still have more mundane hacking threats on their minds.
Judge Confirms LaLiga's Right to Block Cloudflare in Pursuit of IPTV Pirates (torrentfreak.com)
Last December, a Spanish judge authorized LaLiga to block Cloudflare's shared IP addresses to combat piracy. Thousands of innocent internet users were affected, prompting Cloudflare and cybersecurity group RootedCon to ask the court to overturn the order. A judge has now denied both requests, stating that no evidence was presented to show that blocking caused any damage.
Obfuscation 101: Unmasking the Tricks Behind Malicious Code (socket.dev)
“The malicious package was right in front of our eyes, but we didn't see it until it was too late.”
Private Data and Passwords of Senior U.S. Security Officials Found Online (spiegel.de)
Private contact details of the most important security advisers to U.S. President Donald Trump can be found on the internet. DER SPIEGEL reporters were able to find mobile phone numbers, email addresses and even some passwords belonging to the top officials.
When Getting Phished Puts You in Mortal Danger (krebsonsecurity.com)
Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life.
Private Data and Passwords of Senior U.S. Security Officials Found Online (spiegel.de)
Private contact details of the most important security advisers to U.S. President Donald Trump can be found on the internet. DER SPIEGEL reporters were able to find mobile phone numbers, email addresses and even some passwords belonging to the top officials.
India wants backdoors into clouds, email, SaaS, for tax inspectors (theregister.com)
India’s government has proposed giving its tax authorities sweeping powers to access private email systems and applications.
Ask HN: What's the worst thing that could happen if I click on an unknown link (ycombinator.com)
There's no theoretical limit. That's what the concept of a "zero day" is all about. It's entirely possible that some undiscovered vulnerability allows an attacker to remotely hijack your entire PC, steal all passwords, and completely ruin your life just by opening a webpage. Is it likely? No. But in terms of the "worst thing possible" there's really no upper bound.
Oracle customers confirm data stolen in alleged cloud breach is valid (bleepingcomputer.com)
Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid.