Security News

The Maze hacker gang claims it has infected computer memory maker SK hynix with ransomware and leaked some of the files it stole. For what it's worth, the Maze crew doesn't tend to need to fib about these sort of things.

Chinese hackers infiltrated at least 10 Taiwan government agencies and gained access to around 6,000 email accounts in an attempt to steal data, officials said Wednesday. The damage done was "Not small", according to a top Taiwan cyber official, who said the full impact was still being assessed.

Carnival Corp. says it was the victim of a ransomware attack that likely got some personal information about the cruise company's guests and employees. The attack accessed an encrypted portion of technology systems for one of the cruise line's brands and certain data files were downloaded, the company said in a filing with the U.S. Securities and Exchange Commission.

Thousands of user accounts for online government services in Canada were recently hacked during cyber attacks, authorities said Saturday. The passwords and usernames of 9,041 GCKey account holders "Were acquired fraudulently and used to try and access government services," the authorities said.

What's more, in most of the cases, an attacker did not need to do much, beyond gaining an initial foothold, to command full internal network access: in 68 per cent of the trials, the infiltrators only needed to take one or two steps to have the entire organization at their fingertips. Network compartmentalization, and access controls limiting who can see what, may have helped minimize intruders' reach.

Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products. Play a video file - thanks to flaws in Microsoft Media Foundation and Windows Codecs.

A team of Chinese researchers has described the analysis process that resulted in the discovery of 19 vulnerabilities in a Mercedes-Benz E-Class, including flaws that can be exploited to remotely hack a car. The researchers conducted their analysis on a real Mercedes-Benz E-Class and demonstrated how a hacker could have remotely unlocked the car's doors and started its engine.

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned. KrebsOnSecurity reviewed dozens of emails the fraud group exchanged, and noticed that a great many consumer records they shared carried a notation indicating they were cut and pasted from the output of queries made at Interactive Data LLC, a Florida-based data analytics company.

The trade union's servers were breached at the end of July, knocking out its website on the 30th as BDA personnel scratched their heads. Trade news site Dentistry Online reported BDA chief exec Martin Woodrow as saying: "As we attempted to restore services, it became clear hackers had accessed our systems."

The Vatican and the Catholic Diocese of Hong Kong have been the targets of alleged Chinese state-backed hackers ahead of talks on renewal of a landmark 2018 deal that helped thaw diplomatic relations between the Vatican and China, according to a monitoring group. Recorded Future said that the Hong Kong Study Mission to China - a key link between the Vatican and China - and the Pontifical Institute for Foreign Missions also were targeted.