惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

K
Kaspersky official blog
T
Threat Research - Cisco Blogs
N
News and Events Feed by Topic
Hacker News: Ask HN
Hacker News: Ask HN
Project Zero
Project Zero
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - 叶小钗
Security Latest
Security Latest
Spread Privacy
Spread Privacy
aimingoo的专栏
aimingoo的专栏
N
News and Events Feed by Topic
Webroot Blog
Webroot Blog
U
Unit 42
Cyberwarzone
Cyberwarzone
小众软件
小众软件
Scott Helme
Scott Helme
Engineering at Meta
Engineering at Meta
Microsoft Security Blog
Microsoft Security Blog
T
The Blog of Author Tim Ferriss
A
About on SuperTechFans
爱范儿
爱范儿
S
Schneier on Security
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Schneier on Security
Schneier on Security
Latest news
Latest news
GbyAI
GbyAI
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
The Register - Security
The Register - Security
WordPress大学
WordPress大学
博客园_首页
Blog — PlanetScale
Blog — PlanetScale
PCI Perspectives
PCI Perspectives
Jina AI
Jina AI
AI
AI
NISL@THU
NISL@THU
I
Intezer
G
GRAHAM CLULEY
B
Blog
S
Secure Thoughts
IT之家
IT之家
宝玉的分享
宝玉的分享
Recent Announcements
Recent Announcements
Y
Y Combinator Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
酷 壳 – CoolShell
酷 壳 – CoolShell
有赞技术团队
有赞技术团队
V2EX - 技术
V2EX - 技术
Recorded Future
Recorded Future
Hacker News - Newest:
Hacker News - Newest: "LLM"

The Register - Security

India's cyber agency sets clock at 12 hours to tackle exploited bugs as AI turns up the heat Are we human? MyPillow must decide whether to be firm or soft as ransomware crims demand pay Experts pour cold borscht on Farage's Russian hack claim AI eyes scanning for bugs create a worrisome Linux security trend A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets Techie claims Trump Mobile website was leaking thousands of people's data Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund' Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach Microsoft open-sources agentic AI safety tools Are we human? America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames Shai-Hulud copycat worm infects yet another npm package MPs want social media treated more like unsafe toys than harmless apps Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data To gain root access, intruder just had to ask AWS patched Quick auth bypass, says customers weren't using control Disgruntled researcher releases two more Microsoft zero-days Malware crew TeamPCP open-sources its Shai-Hulud worm on GitHub Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files US bank reports itself after slinging customer data at 'unauthorized AI app' Anthropic’s bug-hunting Mythos was greatest marketing stunt ever, says cURL creator Best Western Hotels confirms web app data breach Arctic Wolf cuts 250 jobs in AI push 1 in 8 workers say selling company logins is justifiable Iran cyberspies LARPing as ransomware crims in espionage ops UK age-gating plans risk breaking the internet, privacy groups warn India orders infosec red alert in case Mythos sparks crime 'CopyFail' attackers start cashing in on Linux flaw ShinyHunters claims dump puts 119K Vimeo emails in the wild ShinyHunters claims 119K Vimeo emails in the wild Singapore boffins get diverse SIEMs singing in harmony Shadow IT has given way to shadow AI. Enter AI-BOMs AI-BOMs replace SBOMs as way to track AI agents and bots Home Office adds £216M to travel doc contract before bids FBI: China's hacker-for-hire ecosystem 'out of control' UK business breach rate stuck at 43%... blame the phishing What type of 'C2 on a sleep cycle' do they leave behind? Novel Chinese spy group found in critical networks in Poland, Asia Chinese spy group caught lurking in Poland, Asia networks Critical cPanel, WHM flaw probs exploited as 0-day, pros say ORNL builds more sensitive GPS interference detector Microsoft patch fell short. New Windows flaw exploited Fooling large language models just keeps getting simpler Wiz hands GitHub AI-aided bug report that isn Don’t pay VECT a ransom - your big files are likely gone Pitney Bowes the latest victim of ShinyHunters’ breach-spree Ongoing supply-chain attack targets security, dev tools Medical and utility tech companies admit digital breakins Cybersecurity professional getting more work and less pay Crime crew impersonates help desk, abuses Teams chats ShinyHunters claim they have cruise giant Carnival’s booty CISA, NCSC issue Firestarter backdoor warning Intel expects AI inference to drive demand for its CPUs Open source models can find bugs as well as Mythos Researchers find sabotage malware that may predate Stuxnet Attackers could disable all of a city's public EV chargers Age checks could turn internet into an ID checkpoint, complains Proton CEO If malware via monitor cables is a matter of national security, this might be the gadget for you France's 'Secure' ID agency probes breach as crooks claim 19M records Scotland Yard can keep using live facial recognition on Londoners, say judges Nation-states want to cause harm, not just steal cash - stop handing your cyber defenses to the cheapest contractor Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords AI-assisted intruders pwned Vercel via OAuth abuse and a pilfered employee account Met police trials snoop tech platform in push to cuff more London shoplifters Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul Panasonic creates device-locked QR codes to speed facial biometric capture Iran claims US used backdoors to knock out networking equipment during war Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus Scot becomes second Scattered Spider-linked crook to plead guilty in US Just like phishing for gullible humans, prompt injecting AIs is here to stay Locked-out iPhone user tells The Reg that Apple is scrambling to fix character flaw passcode bug Git identity spoof fools Claude into giving bad code the nod McGraw Hill linked to 13.5M-record data leak Microsoft announces product it doesn't want anyone to buy Server-room lock was nothing but a crock Nobody knows how many CVEs Anthropic's Project Glasswing has actually found Autovista blames ransomware for service disruption French cops free mother and son after crypto kidnapping UK told its Big Tech habit is now a national security risk Commvault has a Ctrl+Z for rogue AI agents No honor among thieves as 0APT threatens rival ransomware gang Krybit Fake Linux leader using Slack to con devs into giving up their secrets Booking.com warns of possible reservation data exposure NHS pays £46K to prep next Microsoft licensing round China wants AI to prepare school lessons and mark homework Anthropic's Mythos has The Kettle crew curious, skeptical Two different attackers poisoned popular open source tools Hungary officials used weak passwords exposed in breach dump CPUID hijacked to serve malware as HWMonitor downloads Unpacking AI security 2026 from experimentation agentic era Microsoft locks out top open source devs, blames process NHS Scotland-linked domains push pr0n and illegal streams Iran cyber actors disrupting US water, energy facilities, FBI warns Russia's Fancy Bear still attacking routers to boost fake sites, NCSC warns AI agents found vulns in this Linux and Unix print server Don't glamorize cybercrims, roast them instead Trump wants to take a battle axe to CISA again and slash $707M from budget
Crook claims to leak 'video surveillance footage' of companies
Connor Jones · 2026-04-21 · via The Register - Security

A Mexican IT infrastructure and digital transformation biz is on clean-up duty after a criminal posted screenshots of what they claimed was company video surveillance footage to a cybercrime forum.

Monterrey-based Be Prime confirmed that it was the victim of a "cybersecurity incident" on Thursday, after the criminal, who used the alias "dylanmarly," made sweeping claims about an attack they claim to have carried out.

Screenshots published by the attacker depicted access to Be Prime's Cisco Meraki Vision panel, which, if true, would have allowed access to live feeds around its clients' offices, including cameras overlooking different teams' workspaces.

Dylanmarly also leaked what they claimed was 12.6 GB worth of data belonging to the company and some of its high-profile clients, which range from energy giants and household retail names to national pharmacies.

In its statement, Be Prime did not address the claims about client data being leaked online, nor did it speak about whether or not it uses Cisco Meraki Vision, which the attacker claims to have accessed. It did, however, admit that it had suffered a cyberattack, which it said it was working with Cisco Talos to remediate.

"In times like these, we believe it's right to speak clearly, humbly, and with complete transparency," the statement posted to LinkedIn reads (machine translated from Spanish). "No organization is immune to cybersecurity incidents, and today it has happened to us. Therefore, we want to communicate the facts, the actions taken, and our position on this situation directly and responsibly.

"Be Prime was the target of a cyberattack, so we immediately activated our containment, mitigation, investigation, and remediation protocols. Based on the information analyzed so far, there is no evidence of any impact on Be Prime's operational continuity or on our clients' operations.

"From the outset of the incident, we implemented a comprehensive response process. To date, the most critical phases of containment and remediation have been executed and completed, and we are continuing with additional strengthening and follow-up actions in communication with the Talos Cybersecurity Intelligence Center."

According to dylanmarly's narrative, shared by Mexican journalist Ignacio Gómez Villaseñor, the attacker gained access to admin accounts because Be Prime failed to implement two-factor authentication.

The attacker also claimed they accessed the Meraki API keys and used them to gain control of thousands of Be Prime network devices, including the security camera feeds of its clients.

Whomever these feeds belonged to, it is not clear why the cameras would have overlooked workspaces, although it is not uncommon for companies to deploy surveillance in commercially sensitive locations, such as server rooms, to assist in criminal investigations.

Be Prime has not explicitly addressed the attacker's specific claims regarding the API keys or the thousands of accessed devices in its public communications, but has warned that defamation lawsuits would be brought against any person or media outlet it believes has disseminated inaccurate or out-of-context information.

The Register asked Be Prime to clarify every aspect of the attacker's claims, identifying which were true and which were false. The company did not respond.

Be Prime went on to say in its public disclosure (machine translated from Spanish) that it wished to thank its clients for their support, and remind them that there is a dedicated contact method the company had shared with them, should they have any queries about the attack.

"We will continue to maintain direct communication with our clients to provide them with reassurance, support, and assistance," Be Prime stated. "We have established and communicated a specific point of contact to address any questions, clarifications, or requests related to this incident."

"We also want to express our sincere gratitude to our clients, partners, collaborators, specialists, and everyone who has given us their support, trust, and backing during this time," it added. 

"We know that a situation of this nature can happen to any organization, and today it has fallen to us to face it. We accept it with responsibility, seriousness, and total commitment. We reiterate that our priority is to protect operations, further strengthen our security capabilities, and respond with action, not just words. We will continue to provide updates through the appropriate channels as the investigations and additional actions underway progress." ®