Security News

The US Treasury Department's Financial Crimes Enforcement Network warned financial institutions of ransomware actively targeting vaccine research organizations. "FinCEN is aware of ransomware directly targeting vaccine research, and FinCEN asks financial institutions to stay alert to ransomware targeting vaccine delivery operations as well as the supply chains required to manufacture the vaccines," the US Treasury Department bureau warned [PDF].

Threat actors have been discovered distributing a new credential stealer written in AutoHotkey scripting language as part of an ongoing campaign that started early 2020. Customers of financial institutions in the US and Canada are among the primary targets for credential exfiltration, with a specific focus on banks such as Scotiabank, Royal Bank of Canada, HSBC, Alterna Bank, Capital One, Manulife, and EQ Bank.

China's spies "Were actively using that for counterintelligence and offensive intelligence. The capability was there and was being utilized." China had also stepped up its hacking efforts targeting biometric and passenger data from transit hubs. To be sure, China had stolen plenty of data before discovering how deeply infiltrated it was by U.S. intelligence agencies.

The United States Department of Homeland Security has published a guide to the terrifying risks that businesses will expose themselves to if they use tech created in the Peoples' Republic of China or engage in any business activity with the Middle Kingdom. The fifteen-page "Data Security Business Advisory" [PDF] opens by warning "Businesses expose themselves and their customers to heightened risk when they share sensitive data with firms located in the PRC, or use equipment and software developed by firms with an ownership nexus in the PRC.".

US Senator Ron Wyden said that dozens of US Treasury email accounts were compromised by the threat actors behind the SolarWinds hack. The senator also added that the SolarWinds hackers also breached the systems in the Departmental Offices division of the US Treasury, a department that is the "Home to the department's highest-ranking officials."

Hackers broke into systems used by top US Treasury officials during a massive cyberattack on government agencies and may have stolen essential encryption keys, a senior lawmaker said Monday. Senator Ron Wyden, who sits on both the Senate Intelligence and Finance Committees, said after a closed-door briefing that the hack at the US Treasury Department "Appears to be significant."

The US Department of Justice has seized two domain names used to impersonate the official websites of biotechnology companies Moderna and Regeneron involved in the development of COVID-19 vaccines. While almost perfectly cloning the contents of the real sites, the website seized by the federal government were instead used for various malicious purposes including running scams, infecting visitors with malware, and collecting sensitive info in phishing attacks.

NATO said Saturday it was checking its computer systems after a massive cyberattack on US government agencies and others that Washington blamed on Moscow. "At this time, no evidence of compromise has been found on any NATO networks. Our experts continue to assess the situation, with a view to identifying and mitigating any potential risks to our networks," a NATO official told AFP. Microsoft said Thursday its anti-virus software detected intrusions in dozens of networked systems, most of them in the United States, via software supplied by US tech company SolarWinds.

Russia was "Pretty clearly" behind a devastating cyberattack on several US government agencies that also hit targets worldwide, Secretary of State Mike Pompeo said. "There was a significant effort to use a piece of third-party software to essentially embed code inside of US government systems," Pompeo told The Mark Levin Show on Friday.

The United States on Friday announced it has imposed export controls on 77 Chinese companies including the country's biggest chipmaker, SMIC, restricting its access to US technology over its alleged ties to China's military. The announcement in the final weeks of President Donald Trump's term comes after relations between Washington and Beijing soured under his administration, which saw the US start a trade war with China and expand its list of sanctioned entities to a few hundred Chinese companies and subsidiaries.