Security News

The Open Group and the University of York announced a partnership with a consortium of leading European research organizations, software developers, and industrial big data users. Today's development teams face substantial challenges when it comes to ensuring hybrid big data applications and services are designed coherently, which requires capturing a range of different formats that data is held within.

Threat actors behind an ongoing worldwide mobile banking fraud campaign were able to steal millions from multiple US and EU banks, needing just a few days for each attack. While emulators are not malicious tools, the group behind this campaign used them for malicious purposes emulating compromised devices or setting up what looked like new devices picked up by the compromised accounts' owners.

Big tech companies face hefty fines in the European Union and Britain if they treat rivals unfairly or fail to protect users on their platforms, in proposed regulations unveiled Tuesday by officials in Brussels and London. Big tech companies won't be allowed, for example, to stop users from uninstalling preinstalled software or apps, nor will they be able to use data from business users to compete against them.

Ireland's Data Protection Commission has fined Twitter €450,000 after ruling a bug in the firm's Android app that allowed users' private messages to be publicly viewed infringed the EU's General Data Protection Regulation. "The DPC's investigation commenced in January, 2019 following receipt of a breach notification from Twitter and the DPC has found that Twitter infringed Article 33(1) and 33(5) of the GDPR in terms of a failure to notify the breach on time to the DPC and a failure to adequately document the breach. The DPC has imposed an administrative fine of €450,000 on Twitter as an effective, proportionate and dissuasive measure" the DPC said.

Ireland's Data Protection Commission fined Twitter €450,000 for failing to notify the DPC of a breach within the 72-hour timeframe imposed by European Union's General Data Protection Regulation and to adequately document it. "The DPC's investigation commenced in January 2019 following receipt of a breach notification from Twitter and the DPC has found that Twitter infringed Article 33(1) and 33(5) of the GDPR in terms of a failure to notify the breach on time to the DPC and a failure to adequately document the breach," the Irish DPC said.

Another cyberattack has been launched - this time, threat actors were able to break into the European Medicines Agency server and access documentation about the vaccine candidate from Pfizer and BioNTech. "Today, we were informed by the European Medicines Agency that the agency has been subject to a cyberattack and that some documents relating to the regulatory submission for Pfizer and BioNTech's COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed," the Pfizer-BioNTech statement said.

The EU Medicines Agency today revealed it was hacked, just a week after infosec eggheads said foreign state hackers have been targeting European institutions. BioNTech, the German biotech firm that is developing a COVID-19 coronavirus vaccine with Pfizer said it was told by EMA that the miscreants had stolen from an agency computer files submitted by BioNTech and Pfizer describing their vaccine as part of the regulatory approval process.

The EU's medicines regulator said Wednesday it had been the victim of a cyberattack, just weeks before it is due to decide on special approval for two coronavirus vaccines. "EMA has been the subject of a cyberattack. The agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities," the EMA said in a brief statement.

An unidentified group of malicious sorts impersonated a so-called "Cold chain" company involved in COVID-19 vaccine distribution networks then targeted an EU governmental agency, according to IBM. Infosec researchers from Big Blue's X-Force threat intelligence unit "Uncovered targets across multiple industries, governments and global partners" involved in setting up the vaccine cold chain, it said in a blog post today. The phishing campaign's operators reportedly posed as an executive from the Chinese arm of Haier Biomedical, a business IBM described as "a credible and legitimate member company of the COVID-19 vaccine supply chain and qualified supplier for the CCEOP program."

IBM X-Force warned of threat actors actively targeting organizations associated with the COVID-19 vaccine cold chain in a large scale spear-phishing campaign that has started three months ago, in September 2020. Cold chain orgs are an essential part of storing and delivering the COVID-19 vaccine at safe temperatures, minus 70 degrees Celsius for the one made by Pfizer and minus 20 Celsius for the one developed by Moderna.