Security News

Documents related to the Pfizer coronavirus vaccine were illegally accessed during a cyberattack at the EU regulator, the company said Wednesday, as Germany and other northern hemisphere countries grappled with a winter surge in the pandemic. While the EMA did not give details on the attack, Pfizer and BioNTech said documents relating to their vaccine candidate had been accessed, but that "No systems have been breached in connection with this incident."

FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "Highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers. Red Team tools are often used by cybersecurity organizations to mimic those used in real-world attacks with the goal of assessing a company's detection and response capabilities and evaluating the security posture of enterprise systems.

The EU Medicines Agency today revealed it was hacked, just a week after infosec eggheads said foreign state hackers have been targeting European institutions. BioNTech, the German biotech firm that is developing a COVID-19 coronavirus vaccine with Pfizer said it was told by EMA that the miscreants had stolen from an agency computer files submitted by BioNTech and Pfizer describing their vaccine as part of the regulatory approval process.

During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers' security. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers.

Credit card stealer scripts are evolving and become increasingly harder to detect due to novel hiding tactics. This happened because scanners aren't commonly scanning CSS files for malicious code and anyone looking at the skimmer's trigger script reading a custom property from the CSS page wouldn't give it a second glance.

Prominent U.S. cybersecurity firm FireEye said Tuesday that foreign government hackers with "World-class capabilities" broke into its network and stole offensive tools it uses to probe the defenses of its thousands of customers, who include federal, state and local governments and top global corporations. Neither Mandia nor a FireEye spokeswoman said when the company detected the hack or who might be responsible.

Cybersecurity corp FireEye has confessed its most secure servers have been compromised, almost certainly by state-backed hackers who then made away with its proprietary hacking tools. "Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack," a memo by its CEO Kevin Mandia on Tuesday read. The tools stolen are used by FireEye to test their customers' networks to find potential security holes, making it doubly embarrassing for the tech giant because, presumably, it uses its own tools to make sure its networks are secure.

Leading cybersecurity company FireEye disclosed today that it was hacked by a threat actor showing all the signs of a state-sponsored hacking group. The attackers were able to steal Red Team assessment tools FireEye uses to test customers' security and designed to mimic tools used by many cyber threat actors.

For at least the third time in its existence, OGUsers - a forum overrun with people looking to buy, sell and trade access to compromised social media accounts - has been hacked. Roughly a week ago, the OGUsers homepage was defaced with a message stating the forum's user database had been compromised.

Researchers have demonstrated for the third time how hacking into the key fob of a Tesla can allow someone to access and steal the car in minutes. Researchers from the Computer Security and Industrial Cryptography, an Imec research group at the University of Leuven in Belgium, have "Discovered major security flaws" in the key fob of the Tesla Model X, the small device that allows someone to automatically unlock the car by approaching the vehicle or pressing a button.