Security News

Hackers with ties to the Russian government have been targeting Ukrainian natural gas company Burisma with a series of phishing attacks designed to steal employee credentials, according to researchers at Area 1 Security. Russian hackers' attacks on Burisma appear to have started around November, according to the Times.

Officials at the Albany International Airport paid a ransom to cybercriminals after the facility's systems were hit with the Sodiniokibi ransomware strain on Christmas, the Albany Times Union reports. At no point did the ransomware attack affect the airport's day-to-day operations, airport officials said.

The FBI laid out new protocols Friday for how it conducts electronic surveillance in national security cases, responding to a Justice Department inspector general report that harshly criticized the bureau's handling of the Russia investigation. The filing comes one month after the chief judge of the surveillance court - in a rare public directive - ordered the FBI to say how it would correct shortcomings identified in the watchdog report on the bureau's investigation into ties between Russia and Donald Trump's 2016 presidential campaign.

Las Vegas officials said Tuesday that that a cyber attack breached the city's computer systems, but it wasn't immediately clear if any sensitive data was compromised. City officials were alerted to the breach around 4:30 a.m., city spokesman David Riggleman told the Las Vegas Review-Journal.

More than a week after its website and online services were taken offline by malware, foreign currency super-exchange Travelex continues to battle through what has become an increasingly damaging outage that may have unpatched VPN servers at its heart. While the capital's cops declined to name a specific victim, a spokesperson told us: "On Thursday, 2 January the Met's Cyber Crime Team were contacted with regards to a reported ransomware attack involving a foreign currency exchange. Enquiries into the circumstances are ongoing."

The Sodinokibi ransomware strain is apparently behind the New Year's Eve attack on foreign currency-exchange giant Travelex, which has left its customers and banking partners stranded without its services. The attack could have been successful in part because Travelex took several months to patch critical vulnerabilities in its Pulse Secure VPN servers, according to Bad Packets.

The FBI and local police are investigating how scammers posing as a contractor for a local bridge project tricked officials in a small Colorado town into electronically transferring over $1 million to a fraudulent account, according to the Denver Post. A Dec. 30 internal email sent by Malcolm Fleming, the town administrator for Erie, says that it appears the scam started when a fraudster completed an electronic form posted on the town's website requesting a change in how SEMA Construction, the primary contractor for a local bridge project, would receive payment for its work, according to the Post.

Certain federal agencies, especially units within the Department of Defense, still have plenty of work to do when it comes to sharing cybersecurity information and threat intelligence among themselves as well with the private sector, according to an unclassified report recently sent to Congress. While the audit found that substantial progress has been made on the sharing cybersecurity information and threat intelligence among agencies over the last two years, it pointed to several areas of ongoing concern, including the failure of certain Defense Department units to use appropriate policies and procedures for data sharing.

The U.S. Army is following the lead of the Navy in banning soldiers from using TikTok, a Chinese-made video sharing and social media app, on their government-issued phones, according to the news site Military.com. In guidance issued Dec. 16, the Defense Department, in a "Cyber Awareness Message," identified TikTok as having "Potential security risks associated with its use" and requested that military personnel remove the app from government-issued phones, according to Military.com.

Wall Street Journal Names Companies Affected By Tenacious Chinese HackersA persistent question over the past several years is which managed service providers were affected by APT10, a tenacious...