Security News

Security firm Check Point has found evidence that a Chinese government-linked hacking group has been infiltrating and gathering information on governments from around the Asia-Pacific region for more than five years. The group, known as Naikon Advanced Persistent Threat was first discovered in 2015, and after a report went public that named one of its members the group went silent.

Unknown threat actors have allegedly dumped nearly 25,000 email addresses and passwords from notable organizations involved in the fight against the COVID-19 pandemic, including credentials from prominent health organizations. Hackers have been using information belonging to groups such as World Health Organization, the U.S. Centers for Disease Control and Prevention, the World Bank, the U.S. National Institutes of Health, the Bill and Melinda Gates Foundation and the Wuhan Institute of Virology online in various ways, according to a report by the Washington Post, citing research by the SITE Intelligence Group.

Thousands of small business owners reeling from the aggressive measures taken to halt the spread of the coronavirus may have had their personal information exposed last month on a government website that handles disaster loan applications. The Small Business Administration said Tuesday that the personal information of more than 7,000 business owners applying for economic injury disaster loans was potentially seen by other applicants on the SBA website on March 25.

IBM has acknowledged that it mishandled a bug report that identified four vulnerabilities in its enterprise security software, and plans to issue an advisory. IBM Data Risk Manager offers security-focused vulnerability scanning and analytics, to help businesses identify weaknesses in their infrastructure.

New research from Atlas VPN has shown that the United States experienced more than 175,000 DDoS attacks in the month of March, more than double the number faced by the next highest country and four times as many as China. According to data gathered and analyzed by Atlas VPN researchers, South Korea and Brazil both suffered from more than 50,000 DDoS attacks while China came in just ahead of the United Kingdom with about 45,000 attacks.

Flaws target Zoom clients for the Windows and the MacOS operating system, according to a published report by Vice Motherboard. The Windows code could be a significant threat to Zoom users, according to experts quoted by Motherboard.

For the first time ever, the Apache Pulsar PMC team is publishing a user survey report. The 2020 Apache Pulsar User Survey Report reveals Pulsar's accelerating rate of global adoption, details how organizations are leveraging Pulsar to build real-time streaming applications, and highlights key features on Pulsar's product roadmap.

British police are saying coronavirus-related fraud reports have spiked by 400 per cent over the past six weeks as the COVID-19 illness continues its inexorable march through humanity. Although absolute numbers of reports are low, perhaps kept that way because the public now knows Action Fraud is largely useless, the National Fraud Intelligence Bureau said there were a total of 200 reports of coronavirus scams made to them since 1 February.

The suspicious network activities revealed in the research by Positive Technologies are traffic hiding, VPN tunneling, connections to the Tor anonymous network, and network proxying. The 13-page study, "Top Cybersecurity Threats on Enterprise Networks," which was performed using advanced network traffic analysis tools, found that 97% of the surveyed companies show evidence of suspicious activity in their network traffic and that 81% of the companies were being subject to malicious activity.

Most ransomware is deployed after hours, and usually several days after the initial compromise, newly published research from FireEye reveals. While performing an analysis of dozens of incidents between 2017 and 2019, FireEye discovered common characteristics related to infection vectors, dwell time, and time of day of ransomware deployment, while also identifying innovations that operators adopted to maximize profits.