Security News

A recently identified threat actor that remained unnoticed for roughly two years appears focused on the targeting of airlines that are using the BSPLink financial settlement software made by the International Air Transport Association, cybersecurity firm Malwarebytes reported on Wednesday. Over time, the group evolved its toolset from PowerShell Empire to the Koadic and Octopus RATs, and used LuminosityLink, RMS, Quasar, njRat and Remcos RATs in between.

New research has found evidence that a Chinese-affiliated threat group has hijacked a hacking tool previously used by the Equation Group. "Although we don't show any conclusive evidence that there is there any connection between China and the ShadowBrokers, we do show conclusive evidence that this Chinese group had in their possession a tool that was made by Equation Group, and not only that they had this tool, but they also repurposed it and used it, probably to attack many targets, including American targets," Yaniv Balmas, head of cyber research with Check Point Software, said.

A South Carolina county continues to rebuild its computer network after what it called a sophisticated hacking attempt. Hackers sent an email Jan. 22 that allowed them to take over Georgetown County's computers.

Analyzing data from the U.S. Department of Health and Human Services, threat protection company Bitglass found that the count of healthcare breaches reported in 2020 increased to 599, a jump of more than 50% compared to the previous year. Most of the breaches were caused by hacking and IT incidents, which exposed data from 24.1 million individuals, making them vulnerable to identity theft and phishing attacks.

A major French software firm allegedly targeted by Russian hackers denied Tuesday that its major clients could have been affected by the attack. Centreon, which lists blue-chip French firms from Airbus to Total among its users, was named in a report by the French national cybersecurity agency ANSSI late Monday.

We delve into Google's tight-lipped Chrome bugfix, explain how a Belgian researcher awarded himself 111,848 cups of coffee, and discuss the audacious but thankfully temporary theft of the Perl.com domain. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

Unit 42 researchers today have shared info on a new polymorphic and "Highly sophisticated" malware dubbed BendyBear, linked to a hacking group with known ties to the Chinese government. The malware has features and behavior that strongly resemble those of the WaterBear malware family, active since at least as early 2009.

Microsoft will soon notify Office 365 of suspected nation-state hacking activity detected within their tenants according to a new listing on the company's Microsoft 365 roadmap. Microsoft Defender for Office 365 provides Office 365 enterprise accounts with email protection against several types of threats including credential phishing and business email compromise, as well as automated attack remediation.

An Internet Explorer zero-day vulnerability has been discovered used in recent North Korean attacks against security and vulnerability researchers. Last month, Google disclosed that the North Korean state-sponsored hacking group known as Lazarus was conducting social engineering attacks against security researchers.

What's the connection between coronavirus facemasks and fingerprint biometrics? Who would have expected funky job ads on the White House website? And who would you call if you spotted a deceased former colleague hanging out on your network? WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.