(Update) T-Mobile Customer Data for Sale Affecting Over 100 Million People

A person in an online forum is offering data for sale that they claim comes from T-Mobile servers. The carrier says it is investigating the accuracy of this alleged breach.

The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information, the seller said. Motherboard has seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.

Update: T-Mobile has issued a statement confirming the breach.

DeFi Platform ‘Poly Network’ Hacked, $600 Million in Crypto Stolen

Poly Network is a cross-chain decentralized finance platform and operates on the Binance Smart Chain, Ethereum and Polygon blockchains. It suffered a hack recently in which approximately US$600 million in crypto was stolen.

About one hour after Poly announced the hack on Twitter, the hacker tried to move assets including USDT through the Ethereum address into liquidity pool Curve.fi, records show. The transaction was rejected. Meanwhile, close to $100 million has been moved out of the Binance Smart Chain address in the past 30 minutes and deposited into liquidity pool Ellipsis Finance.

Firefox 91 Update Lets You Fully Erase Your Browser History

Mozilla’s latest update to Firefox, version 91, offers enhanced cookie clearing when a user deletes their browser history.

When you decide to tell Firefox to forget about a website, Firefox will automatically throw away all cookies, supercookies and other data stored in that website’s “cookie jar”. This “Enhanced Cookie Clearing” makes it easy to delete all traces of a website in your browser without the possibility of sneaky third-party cookies sticking around.

Backup Tool ‘iMazing’ Updated to Detect Pegasus Spyware

The team behind iMazing has updated their tool to detect NSO Group’s Pegasus spyware. You don’t have to buy an iMazing license to scan for it.

It would therefore be possible to relatively quickly re-implement MVT’s methodology in our toolkit, and integrate a user-friendly ‘wizard’ in iMazing’s user interface. And because iMazing can already perform iOS backups and decrypt backup files, the tool we envisaged had the potential to dramatically reduce the technical barrier of entry whilst enhancing performance and promoting backup encryption.

Malware Dubbed ‘Raccoon Stealer’ Targets Crypto Wallets

Researchers at Sophos have been tracking a piece of malware called Raccoon Stealer. A recent update means it can target cryptocurrency wallets.

Raccoon can collect passwords, cookies, and the “autofill” text for websites, including credit card data and other personal identifying information that may be stored by the browser. Thanks to a recent “clipper” update, Raccoon Stealer also now targets cryptocurrency wallets, and can retrieve or drop files on infected systems.

Hackers Increasingly Using Discord to Spread Malware

Researchers found that hackers are turning to Discord to spread malware, such as password-hijacking and Discord chat bot APIs.

But the greatest percentage of the malware we found have a focus on credential and personal information theft, a wide variety of stealer malware as well as more versatile RATs. The threat actors behind these operations employed social engineering to spread credential-stealing malware, then use the victims’ harvested Discord credentials to target additional Discord users.

Worried if You Were Infected by Pegasus? This Tool Can Help

This week, a strain of malware known as Pegasus from NSO Group has been making headlines. It’s used by governments to target journalists, activists, and other people deemed dissidents. But there is a tool that could detect it.

MVT will let you take an entire iPhone backup (or a full system dump if you jailbreak your phone) and feed in for any indicators of compromise (IOCs) known to be used by NSO to deliver Pegasus, such as domain names used in NSO’s infrastructure that might be sent by text message or email.

Hackers Leak ‘Humana’ Data of Over 6,000 Patients

An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a hacker forum.

The author of the post claims that the data was acquired from US insurance giant Humana and includes detailed medical records of the company’s health plan members dating back to 2019. The leaked information includes patients’ names, IDs, email addresses, password hashes, Medicare Advantage Plan listings, medical treatment data, and more.

DuckDuckGo Launches Free Email Protection Service

Privacy search engine DuckDuckGo has launched an Email Protection Service to protect against email trackers. You can get a free, personalized @duck.com address that will forward emails to your regular inbox.

We remove hidden trackers from incoming emails sent to this address, then forward them to your regular inbox for safer reading. This means if you use an email service like Gmail or Yahoo, it’s no problem! Emails sent to your Personal Duck Address will arrive there as usual so you can read your email like normal, in any app or on the web, worry-free.

NSO Group’s ‘Pegasus’ Spyware Targets Journalists and Activists

Spyware known as Pegasus from NSO Group was used to hack 37 smartphones belonging to journalists, activists, and business executives around the world.

The phones appeared on a list of more than 50,000 numbers that are concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of the Israeli firm, NSO Group, a worldwide leader in the growing and largely unregulated private spyware industry, the investigation found.

Firefox 90 Update Introduces SmartBlock 2.0 for Tracking Protection

Mozilla released Firefox 90 recently and it comes with an improved version of its tracking protection called SmartBlock 2.0.

The newest version of Mozilla’s built-in SmartBlock privacy feature makes it easier for users to keep their tracking protection settings cranked up, without breaking individual websites. The updated version seems to especially target Facebook login, which is increasingly used around the web as a third-party authentication and login tool.

Image credit: ArsTechnica

Google Adds Tool to Quickly Delete Your Last 15 Minutes of Searches

Google is adding new protections for your search history like quick deletion, requiring verification to access the My Activity section, and more.

You can also try out a new way to quickly delete your last 15 minutes of saved Search history with the single tap of a button. This feature is available in the Google app for iOS, and is coming to the Android Google app later this year.

You could also just turn disable your search history altogether, too.

‘SolarWinds’ Hackers Used iOS Zero Day Against Government Officials

The Russian hackers behind the SolarWinds attack used an iOS zero day to steal credentials from Western European governments.

Attacks targeting CVE-2021-1879, as the zero-day is tracked, redirected users to domains that installed malicious payloads on fully updated iPhones. The attacks coincided with a campaign by the same hackers who delivered malware to Windows users, the researchers said.

Google published a blog post about zero-days here, and you can read coverage from Ars Technica at the link below.

WIN an iPhone 16 Pro Max!