Security News

Just as the cybercriminals behind the Clop ransomware operation made public information supposedly stolen from Canadian business jet manufacturer Bombardier, the company confirmed suffering a data breach. In a Thursday statement, the jet maker revealed that an unauthorized party was able to access and steal data by exploiting a vulnerability in "a third-party file-transfer application." While the company did not say which third-party software was compromised, the general characteristics of the incident suggest it was Accellion's FTA service.

The Clop ransomware gang claims to have stolen documents from aerospace giant Bombardier's defense division - and has leaked what appears to be a CAD drawing of one of its military aircraft products, raising fears over what else they've got. Bombardier confirmed its security had been breached, putting out a public statement only minutes after The Register grilled the Canadian business jet maker on the Clop gang's claims.

Chinese state hackers cloned and started using an NSA zero-day exploit almost three years before the Shadow Brokers hacker group publicly leaked it in April 2017. "To our surprise, we found out that this APT31 exploit is in fact a reconstructed version of an Equation Group exploit called 'EpMe'," Check Point said.

A Chinese threat actor known as APT31 likely acquired and cloned one of the Equation Group's exploits three years before the targeted vulnerability was publicly exposed as part of Shadow Brokers' "Lost in Translation" leak, cybersecurity firm Check Point says in a new report. Attributed to APT31, a Chinese hacking group also tracked as Zirconium, the exploit for this vulnerability is the clone of an Equation Group exploit code-named "EpMe," Check Point says.

Brave has patched up its privacy-focused web browser after it was spotted leaking its Tor users' dark-web habits. Onion domains visited by the browser to whatever DNS servers the software was configured to use for non-Tor websites, allowing whoever operates those DNS servers - or anyone who can snoop on the queries in transit - to figure out the kinds of hidden services frequented by an individual user.

The Atheist Alliance International, an organisation that works to demystify atheism and advocate for secular governance, has warned members their personal information appears to have been leaked. In an email to members sighted by The Register, the organisation says former staffers recently started a rival atheist organisation that has since emailed the Alliance's members.

A group of cybercriminals known for ransomware attacks has started leaking files allegedly stolen from Jones Day, a major U.S.-based law firm that has represented former president Donald Trump, including in his attempts to overturn the results of the recent election. The cybercriminals behind the ransomware operation known as Clop have been known to encrypt files on compromised systems, as well as stealing files from the victim and threatening to leak them unless a ransom is paid.

UPDATE. VIPGames, a free platform with a total of 56 available classic board and card games like Hearts, Crazy Eights, Euchre, Dominoes, Backgammon and others, has exposed the personal data of tens of thousands of users. In a statement, released after this original Threatpost report was published, VIPGames acknowledged "An issue that potentially exposed user profiles" but stated it wasn't aware any user data was leaked.

UPDATE. A non-password protected database exposed 323,000 court records for at least four months, according to researchers. The database exposed the names of various people involved in sensitive criminal, domestic-abuse or child-custody court cases, related to a county in Illinois.

A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free. Over the weekend, a threat actor known as ShinyHunters posted the link to an archive that contains the alleged database dumps for the Buyucoin cryptocurrency exchange.