lorenzofb@infosec.exchange (@lorenzofb@infosec.exchange)
Real-time cyber historian of the late capitalist era @TechCrunch, writing about the intersection of hackers, human rights, and spies.
Posts about infosec, surveillance by day. 🍕, ⚽️, 🎸, 🎮 by night.
☎️ Signal: +1 917 257 1382 💻 Keybase/Telegram: @ lorenzofb ✉️ lorenzo@techcrunch.com
Previously: VICE Motherboard, Mashable, WIRED's Danger Room.
Post
-
NEW: The pro-Iran hacktivists Handala claim to have hacked U.S. medical tech giant Stryker.
WorldNEW: The pro-Iran hacktivists Handala claim to have hacked U.S. medical tech giant Stryker. Some company systems have been wiped, causing disruptions and outages worldwide.
The hakctivists said the attack was "in retaliation for the brutal attack on the Minab school," which killed dozens of kids.
“In this operation, over 200,000 systems, servers, and mobile devices have been wiped and 50 terabytes of critical data have been extracted. Stryker’s offices in 79 countries have been forced to shut down,” the hackers wrote in a message posted online.
Pro-Iran hacktivist group says it is behind attack on medical tech giant Stryker | TechCrunch
The hacktivist group claimed the attack was in retaliation for a U.S. strike on a Tehran school that killed more than 175 people, most of them children.
TechCrunch (techcrunch.com)
-
NEW: A hacker broke into a server at the Child Exploitation Forensic Lab in the FBI’s New York Field Office and compromised files related to the Epstein investigation, as first reported by Reuters.
WorldNEW: A hacker broke into a server at the Child Exploitation Forensic Lab in the FBI’s New York Field Office and compromised files related to the Epstein investigation, as first reported by Reuters.
“Following the 2023 cyber incident, the FBI contained the affected network and determined the incident to be an isolated one. The FBI restricted access to the malicious actor and rectified the network,” an FBI spokesperson said.
Hacker broke into FBI and compromised Epstein files, report says | TechCrunch
According to a Reuters report, a foreign hacker broke into a server that was part of the FBI’s investigation into Jeffrey Epstein — without realizing they had hacked an FBI server.
TechCrunch (techcrunch.com)
-
SCOOP: The iPhone mass hacking toolkit used by Russian spies was developed at U.S. military contractor L3Harris, former employees said.
WorldSCOOP: The iPhone mass hacking toolkit used by Russian spies was developed at U.S. military contractor L3Harris, former employees said.
The Coruna toolkit was used against Ukrainians during the war and by Chinese cybercriminals, according to Google.
But the toolkit was initially developed for governments in the Five Eyes spy alliance, and it was used in Operation Triangulation, according to one source.
The mystery of a globetrotting iPhone-hacking toolkit
Google found a series of hacking tools they said were used by a Russian espionage group and a cybercriminal group in China. Sources from a U.S. government defense contractor said some of those hacking tools were theirs.
TechCrunch (techcrunch.com)
-
NEW: The FBI said it is investigating a hack on its networks.
WorldNEW: The FBI said it is investigating a hack on its networks.
The breach affected the FBI's systems to manage wiretaps and surveillace requests, according to CNN.
FBI investigating hack on its wiretap and surveillance systems: Report | TechCrunch
Hackers allegedly broke into the FBI’s networks, according to a report by CNN.
TechCrunch (techcrunch.com)
-
NEW: Italian prosecutors confirm that the phone of journalist Francesco Cancellato was hacked with Paragon spyware at the same time as the phones of two immigration activists.
WorldNEW: Italian prosecutors confirm that the phone of journalist Francesco Cancellato was hacked with Paragon spyware at the same time as the phones of two immigration activists.
The Italian government admitted the hack on the activists, but said it wasn't behind Cancellato's hack.
So who was? The mystery continues. And Cancellato, as well as his colleague Ciro Pellegrino, who was also allegedly hacked, are demanding answers.
Italian prosecutors confirm journalist was hacked with Paragon spyware | TechCrunch
Italian authorities are making progress in their investigation into a wide-ranging spyware scandal in Italy involving Paragon spyware. But the mystery of who hacked two Italian journalists with Paragon spyware continues.
TechCrunch (techcrunch.com)
-
NEW: Google said that last year, and for the first time, it found more zero-days used by spyware makers (15) rather than government-backed espionage groups (12) in the wild.
WorldNEW: Google said that last year, and for the first time, it found more zero-days used by spyware makers (15) rather than government-backed espionage groups (12) in the wild.
The shift demonstrated “a slow but sure movement in the landscape” of how governments hack targets, according to the company.
Google says half of all zero-days it tracked in 2025 targeted buggy enterprise tech | TechCrunch
Enterprise software was a major focus of zero-day activity during 2025, with security and networking devices, like firewalls, VPNs, and virtualization platforms among the most targeted by malicious hackers.
TechCrunch (techcrunch.com)
-
NSO Group has spent at least $7.6 million to lobby in Washington D.C., according to this report.
WorldNSO Group has spent at least $7.6 million to lobby in Washington D.C., according to this report.
And it's gonna continue to pressure the U.S. government to get removed from the blocklist it was put on in 2021, in an attempt to get into the U.S. market.
NSO has hired a lot of people for its lobbying efforts.
Will NSO’s US Lobbying Pay Off Under Trump?
Now, with Friedman, a seasoned Trump insider, at its helm, NSO might finally achieve its long-awaited US comeback, writes Vas Panagiotopoulos.
Tech Policy Press (www.techpolicy.press)
-
This Google research on the Coruna iOS exploits is very interesting.
WorldThis Google research on the Coruna iOS exploits is very interesting. And perhaps the most interestig things are all the open questions that are not answered here.
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit | Google Cloud Blog
Coruna is a powerful iOS exploit kit leveraging 23 vulnerabilities across multiple threat actors and global campaigns.
Google Cloud Blog (cloud.google.com)
-
NEW: There have been a few reports and some statements from government officials that suggest cyber operations played a significant role in the first days of the war in Iran.
WorldNEW: There have been a few reports and some statements from government officials that suggest cyber operations played a significant role in the first days of the war in Iran.
At the end of the day this war is about dropping bombs, but these reports show cyber can have an important supporting role — for surveillance, intelligence gathering, disruption, and PYOPs — in real world conflict.
Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran | TechCrunch
After U.S. and Israeli forces started bombing Iran, reports say cyber operations have disrupted communications, supporting surveillance activities, and have been used in psychological operations.
TechCrunch (techcrunch.com)
-
Does anyone remember what this self-spreading bluetooth malware for Nokia phones could have been?
WorldDoes anyone remember what this self-spreading bluetooth malware for Nokia phones could have been? I got hacked with it 20 years ago and I never figured out what virus it was exactly.
The Time I Got Hacked in a Lisbon Bar
This whole story is a long way of introducing myself to you, dear Motherboard reader.
VICE (www.vice.com)
-
NEW: A group of hacktivists calling themselves "Department of Peace" claims to have hacked an office wihin the Department of Homeland Security.
WorldNEW: A group of hacktivists calling themselves "Department of Peace" claims to have hacked an office wihin the Department of Homeland Security.
The hacktivists leaked data on more than 6,000 contracts between DHS and ICE and private companies to the transparency website Distributed Denial of Secrets.
"The DHS is killing us and people deserve to know which companies support them and what they’re working on,” the hackers wrote in a manifesto.
Hacktivists claim to have hacked Homeland Security to release ICE contract data | TechCrunch
A hacking group called Department of Peace said they hacked a specific office within Homeland Security to protest ICE’s mass deportation campaign, and the companies aiding it.
TechCrunch (techcrunch.com)
-
This game security company estimates the video game cheating market to be worth 8.5 billion (yes, with a B).
WorldThis game security company estimates the video game cheating market to be worth 8.5 billion (yes, with a B). Absolutely wild.
Cheatonomics - How the video game cheat business became a multi-billion dollar industry
A common question about the video games cheat business is, “How big is it?” Or “How much is it worth?” For a seemingly simple question, finding a satisfactory answer can be tricky.Much of the work done on this to date massively underestimates its value because it only looks at certain aspects. For example, it focuses only on what cheat developers and vendors make from selling cheats. Or it only considers FPS games, rather than include the MMO’s and Mobile games that suffer their own forms of che
Intorqa (www.intorqa.gg)
-
This game security company estimates the video game cheating market to be worth 8.5 billion (yes, with a B).
WorldReminds me of this profile of Cheat Ninja and its creator Catfish, who made cheats for PUBG Mobile, and made more than $75 million, according to Chinese police, which dismantled the organization and arrested some members.
Catfish, if you're out there, reach out. I'd love to know what you're up to.
Inside The ‘World’s Largest’ Video Game Cheating Empire
The cheat-making group known as "Chicken Drumstick" made more than $70 million selling cheats for PUBG Mobile. This is the story of its rise and fall.
VICE (www.vice.com)
-
NEW: For months, I’ve been working on the story of Peter Williams, the former U.S. defense contractor who stole several hacking tools and then sold them to a Russian broker.
WorldNEW: For months, I’ve been working on the story of Peter Williams, the former U.S. defense contractor who stole several hacking tools and then sold them to a Russian broker.
Now that Williams has been sentenced to seven years in prison, it's time to look back. Here’s what we know about the case, what we still don’t know, and a peek behind the scenes at how I reported this story.
Inside the story of the US defense contractor who leaked hacking tools to Russia | TechCrunch
The former boss of a U.S. hacking tools maker was jailed for selling highly sensitive software exploits to a Russian broker. This is how we first learned of his arrest, reported the story, and some of the unanswered questions we still have.
TechCrunch (techcrunch.com)
-
NEW: Former L3Harris boss Peter Williams was sentenced to seven years in prison for stealing sensitive company hacking tools, and then selling them to a Russian broker.
WorldNEW: Former L3Harris boss Peter Williams was sentenced to seven years in prison for stealing sensitive company hacking tools, and then selling them to a Russian broker.
Williams, aka Doogie, previously pleaded guilty to stealing and selling eight trade secrets to Russian broker Operation Zero.
Former L3Harris Trenchant boss jailed for selling hacking tools to Russian broker | TechCrunch
Peter Williams, the former head of U.S. hacking tools maker L3Harris Trenchant, was sentenced to seven years in prison for stealing and selling his former company’s hacking and surveillance tools to a Russian firm.
TechCrunch (techcrunch.com)
-
NEW: The U.S. government is sanctioning Russian zero-day broker Operation Zero and its founder, alleging it acquired stolen hacking tools from U.S. defense contractor L3Harris Trenchant.
WorldNEW: The U.S. government is sanctioning Russian zero-day broker Operation Zero and its founder, alleging it acquired stolen hacking tools from U.S. defense contractor L3Harris Trenchant.
The Treasury Department alleges former Trenchant boss Peter Williams stole and sold these exploits to Operation Zero, which then sold them on "to at least one unauthorized user."
Treasury sanctions Russian zero-day broker accused of buying exploits stolen from US defense contractor | TechCrunch
The U.S. Treasury announced it was imposing sanctions against a Russian broker of zero-day exploits, its founder and two affiliates, citing a threat to U.S. national security. Another affiliated zero-day broker in the United Arab Emirates was also sanctioned.
TechCrunch (techcrunch.com)
-
NEW: There have been a seemingly endless series of critical flaws and cybersecurity incidents related to Ivanti's VPN appliances in the last few years.
WorldNEW: There have been a seemingly endless series of critical flaws and cybersecurity incidents related to Ivanti's VPN appliances in the last few years.
Turns out there was a major one in 2021 that wasn't reported until now, according to Bloomberg.
VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report | TechCrunch
Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN product, which allowed the hackers to gain access to 119 other unnamed organizations.
TechCrunch (techcrunch.com)
-
NEW: Last year, Cellebrite stopped Serbia from using its tools after allegations that local police had abused them to hack into the phone of a journalist.
WorldNEW: Last year, Cellebrite stopped Serbia from using its tools after allegations that local police had abused them to hack into the phone of a journalist.
Now there are similar allegations in Kenya and Jordan, and Cellebrite is taking an entirely different approach.
Cellebrite cut off Serbia citing abuse of its phone unlocking tools. Why not others? | TechCrunch
Cellebrite, which makes phone unlocking and hacking tools, stopped sales to countries that allegedly abused its tools. But after new allegations in Jordan and Kenya, the company has changed its approach.
TechCrunch (techcrunch.com)
-
NEW: Def Con banned hackers Pablos Holman and Vincenzo Iozzo, as well as former MIT Media Lab director Joichi Ito, from attending the conference based on their links to Jeffrey Epstein.
WorldNEW: Def Con banned hackers Pablos Holman and Vincenzo Iozzo, as well as former MIT Media Lab director Joichi Ito, from attending the conference based on their links to Jeffrey Epstein.
Holman and Iozzo exchanged emails with Epstein for several years.
Hacking conference Def Con bans three people linked to Epstein | TechCrunch
The Def Con hacking conference banned hackers Pablos Holman and Vincenzo Iozzo, as well as former MIT Media Lab director Joichi Ito, from attending the annual conference after their reported connections with Jeffrey Epstein.
TechCrunch (techcrunch.com)
-
NEW: Researchers from Amnesty International found Intellexa Predator spyware used against prominent journalist in Angola.
WorldNEW: Researchers from Amnesty International found Intellexa Predator spyware used against prominent journalist in Angola.
The Intellexa customer contacted the journalist on WhatsApp and after a few days of chatting started sending him malicious links, until he clicked one and got infected.
The spyware disappeared after reboot, but the researchers were able to still find forensic traces of it, and they linked the infection servers used here to known Intellexa infrastructure.
Intellexa's Predator spyware used to hack iPhone of journalist in Angola, research says | TechCrunch
Amnesty International says it found evidence that a government customer of Intellexa, a sanctioned surveillance vendor, used its Predator spyware against a prominent journalist in Angola.
TechCrunch (techcrunch.com)
