Plus, Twitter sues the Texas Attorney General and T-Mobile announces it will share user data
A hacking collective facetiously calling itself “Advanced Persistent Threat 69420” has breached the video archives and live feeds of security software company Verkada Inc., gaining access to 150,000 active surveillance cameras and every video archived by Verkada customers.
The Silicon Valley-based company services a wide range of businesses and institutions including Tesla, Cloudflare, hospitals, prisons, police departments, and schools. One of the hackers told Bloomberg that the group simply found the credentials for a Verkada administrator account publicly exposed online and used used that to gain access. But shining a light on the security company’s poor security was only part of their intent. The hacker said the breach was “intended to show the pervasiveness of video surveillance and the ease with which systems could be broken into.” Certain subjects of the video footage, such as gym members and hospital patients, may not be aware they are being surveilled. Once Verkada learned of the hack, the login credentials were changed and the group lost the connection.
Microsoft fixes bug targeted by Lazarus group
Microsoft issued a patch on Tuesday to fix a vulnerability recently exploited by the North Korean state-sponsored hacking group Lazarus, AKA Zinc. Members of the group posed as white hat hackers in order to gain the trust of security researchers and then attack them. hackers breach thousands security cameras avast
