Security News

Clop ransomware gang leaks online what looks like stolen Bombardier blueprints of GlobalEye radar snoop jet
2021-02-23 21:22

The Clop ransomware gang claims to have stolen documents from aerospace giant Bombardier's defense division - and has leaked what appears to be a CAD drawing of one of its military aircraft products, raising fears over what else they've got. Bombardier confirmed its security had been breached, putting out a public statement only minutes after The Register grilled the Canadian business jet maker on the Clop gang's claims.

Chinese hackers used NSA exploit years before Shadow Brokers leak
2021-02-22 16:26

Chinese state hackers cloned and started using an NSA zero-day exploit almost three years before the Shadow Brokers hacker group publicly leaked it in April 2017. "To our surprise, we found out that this APT31 exploit is in fact a reconstructed version of an Equation Group exploit called 'EpMe'," Check Point said.

Chinese Hackers Cloned Equation Group Exploit Years Before Shadow Brokers Leak
2021-02-22 15:06

A Chinese threat actor known as APT31 likely acquired and cloned one of the Equation Group's exploits three years before the targeted vulnerability was publicly exposed as part of Shadow Brokers' "Lost in Translation" leak, cybersecurity firm Check Point says in a new report. Attributed to APT31, a Chinese hacking group also tracked as Zirconium, the exploit for this vulnerability is the clone of an Equation Group exploit code-named "EpMe," Check Point says.

Brave browser leaks visited Tor .onion addresses in DNS traffic, fix released after bug hunter raises alarm
2021-02-22 07:14

Brave has patched up its privacy-focused web browser after it was spotted leaking its Tor users' dark-web habits. Onion domains visited by the browser to whatever DNS servers the software was configured to use for non-Tor websites, allowing whoever operates those DNS servers - or anyone who can snoop on the queries in transit - to figure out the kinds of hidden services frequented by an individual user.

Atheists warn followers of unholy data leak, hint dark deeds may have tried to make it go away
2021-02-19 06:04

The Atheist Alliance International, an organisation that works to demystify atheism and advocate for secular governance, has warned members their personal information appears to have been leaked. In an email to members sighted by The Register, the organisation says former staffers recently started a rival atheist organisation that has since emailed the Alliance's members.

Cybercriminals Leak Files Allegedly Stolen From Law Firm Jones Day
2021-02-17 12:12

A group of cybercriminals known for ransomware attacks has started leaking files allegedly stolen from Jones Day, a major U.S.-based law firm that has represented former president Donald Trump, including in his attempts to overturn the results of the recent election. The cybercriminals behind the ransomware operation known as Clop have been known to encrypt files on compromised systems, as well as stealing files from the victim and threatening to leak them unless a ransom is paid.

23M Gamer Records Exposed in VIPGames Leak
2021-01-26 19:35

UPDATE. VIPGames, a free platform with a total of 56 available classic board and card games like Hearts, Crazy Eights, Euchre, Dominoes, Backgammon and others, has exposed the personal data of tens of thousands of users. In a statement, released after this original Threatpost report was published, VIPGames acknowledged "An issue that potentially exposed user profiles" but stated it wasn't aware any user data was leaked.

Criminal, Domestic Violence Case Info Exposed in Cook County Leak
2021-01-26 17:24

UPDATE. A non-password protected database exposed 323,000 court records for at least four months, according to researchers. The database exposed the names of various people involved in sensitive criminal, domestic-abuse or child-custody court cases, related to a county in Illinois.

Data breach at Buyucoin crypto exchange leaks user info, trades
2021-01-24 18:16

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.

Chipmaker Intel Corp. Blames Internal Error on Data Leak
2021-01-23 20:23

The computer chipmaker Intel Corp. on Friday blamed an internal error for a data leak that prompted it to release a quarterly earnings report early. The company's chief financial officer, George Davis, had earlier told The Financial Times that Intel published its earnings ahead of the stock market's close on Thursday because it believed a hacker stole financially sensitive information from the site.