Security News

Ukraine arrests 51 for selling data of 300 million people in US, EU
2021-12-13 14:09

Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe. "As a result of the operation, about 100 databases of personal data relevant for 2020-2021 were seized," the Cyberpolice Department of the National Police of Ukraine said.

NSO Group’s Pegasus Spyware Used Against US State Department Officials
2021-12-13 12:16

NSO Group's descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees.

Canadian charged with running ransomware attack on US state of Alaska
2021-12-08 19:02

A Canadian man is accused of masterminding ransomware attacks that caused "Damage" to systems belonging to the US state of Alaska. A federal indictment against Matthew Philbert, 31, of Ottawa, was unsealed yesterday, and he was also concurrently charged by the Canadian authorities with a number of other criminal offences at the same time.

US universities targeted by Office 365 phishing attacks
2021-12-07 20:23

US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials. These campaigns are believed to be conducted by multiple threat actors starting in October 2021, with Proofpoint sharing details on the tactics, techniques, and procedures used in the phishing attacks.

US State Dept employees’ phones hacked using NSO spyware
2021-12-03 17:55

Apple has warned at least nine US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group. "On top of the independent investigation, NSO will cooperate with any relevant government authority and present the full information we will have," an NSO spokesperson separately told Motherboard.

FBI: Cuba ransomware breached 49 US critical infrastructure orgs
2021-12-03 17:16

The Federal Bureau of Investigation has revealed that the Cuba ransomware gang has compromised the networks of at least 49 organizations from US critical infrastructure sectors. "The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors," the federal law enforcement agency said.

EwDoor botnet targets AT&T network edge devices at US firms
2021-11-30 17:26

A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. The botnet, dubbed EwDoor by researchers at Qihoo 360's Network Security Research Lab, targets AT&T customers using EdgeMarc Enterprise Session Border Controller edge devices.

US bans Chinese firms – including one linked to HPE’s China JV – for feeding tech to Beijing's military
2021-11-25 01:11

The US Dept of Commerce's Bureau of Industry and Security has added 27 companies to its list of entities prohibited from doing business with the USA on grounds they threaten national security - and one of the firms is associated with HPE's Chinese joint venture H3C. A preliminary announcement [PDF] of the bans lists a company named New H3C Semiconductor Technologies Co., Ltd on the grounds of its "Support of the military modernization of the People's Liberation Army.". The addresses given by Uncle Sam for this semiconductor business matches those listed on the website of H3C, the Chinese company formed as a joint venture between HPE and Tsinghua Unigroup to build networking products.

US government securities watchdog spoofed by investment scammers – don’t fall for it!
2021-11-24 19:57

The US Securities and Exchange Commission has issued numerous warnings over the years about fraudsters attempting to adopt the identity of SEC officials, including by phone call spoofing. Call spoofing is where a scammer calls you up on your landline or mobile phone, claims to be from organisation X, and then reassures you by saying, "If you don't believe me, check the number I'm calling from."

Alleged Brit SIM-swapper will kill himself if extradited to US for trial, London court told
2021-11-23 16:10

De Rose allegedly conspired with members of a gang known as The Community to defraud someone identified in court as "RM". He is currently contesting extradition to the US to stand trial on wire fraud, theft, and money laundering charges. De Rose's extradition hearing comes after the National Crime Agency arrested eight men aged between 18 and 26 back in February on suspicion of carrying out SIM-swap attacks targeted at US citizens.