Security News

A data privacy tool has been developed to help ensure key datasets - such as those tracking COVID-19 - can be publicly shared with an extra layer of security for sensitive personal information. Developed as a collaboration between CSIRO's Data61, the digital specialist arm of Australia's national science agency, the NSW Government, the Australian Computer Society and several other groups, the privacy tool assesses the risks to an individual's data within any dataset; allowing targeted and effective protection mechanisms to be put in place.

Today, Microsoft disclosed that they have also been monitoring the targeted attacks against vulnerability researchers for months and have attributed the attacks to a DPRK group named 'Zinc.'. Microsoft tracks hacking group as ZINC. In a new report, Microsoft states that they too have been tracking this threat actor, who they track as 'ZINC,' for the past couple of months as the hackers target pen testers, security researchers, and employees at tech and security companies.

This month a researcher has disclosed how he broke into the official GitHub repository of Microsoft Visual Studio Code. While riding a train, researcher RyotaK discovered a vulnerability in the VS Code's Continuous Integration script that let him break into Microsoft VS Code's official GitHub repository and commit files.

Hackers linked to North Korea are targeting security researchers with an elaborate social-engineering campaign that sets up trusted relationships with them - and then infects their organizations' systems with custom backdoor malware. The effort includes attackers going so far as to set up their own research blog, multiple Twitter profiles and other social-media accounts in order to look like legitimate security researchers themselves, according to a blog post by TAG's Adam Weidermann.

Over the past few months, hackers have been trying to surreptitiously backdoor the computer systems of a number of security researchers working on vulnerability research and development at different companies and organizations, the Google Threat Analysis Group has revealed on Monday. The hackers, who Google TAG believes are backed by the North Korean government, first created a blog, populated it with posts write-ups about vulnerabilities that have been publicly disclosed, then created Twitter, LinkedIn, Keybase, and Telegram accounts with fake personas and used them to try to contact the targeted security researchers directly.

A North Korean government-backed hacking group targets security researchers who focus on vulnerability and exploit development via social networks, disclosed Google tonight. According to a report released tonight by Google's Threat Analysis Group, a North Korean government-backed hacking group uses social networks to target security researchers and infect their computers with a custom backdoor malware.

Google late Monday raised the alarm about a "Government-backed entity based in North Korea" targeting - and hacking into - computer systems belonging to security researchers. Google's Threat Analysis Group, a team that monitors global APT activity, said the ongoing campaign is aimed at security researchers working on vulnerability research and development at different companies and organizations.

Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware - including a previously undocumented backdoor. Attributing the campaign to Winnti, Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A second attack detected on May 30 used a malicious RAR archive file consisting of shortcuts to two bait PDF documents that purported to be a curriculum vitae and an IELTS certificate.

Now, researchers with Sophos have tracked the origin of the campaign to what they claim is a small software development company based in Iran. "The name of an Iran-based software company was hardcoded into the miner's main configuration file," said researchers with Sophos in a Thursday analysis.

Ransomware attacks took a heavy toll on the United States last year with more than 2,000 victims in government, education and health care, security researchers say in a new report. The study released Monday by the security firm Emsisoft said ransomware attacks - which encrypt and disable computer systems while demanding a ransom - affected 113 federal, state and municipal governments, 560 health facilities and 1,681 schools, colleges and universities last year.