Security News

US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach
2021-07-20 10:45

Law firm Campbell Conroy & O'Neil has warned of a breach from late February which may have exposed data from the company's lengthy client list of big-name corporations including Apple and IBM. The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company's internal systems, has been blamed on an unnamed "Unauthorised actor." While it's not yet known precisely what data was accessed during the breach, the system affected held a treasure trove including "Certain individuals' names, dates of birth, driver's license numbers/state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data, and/or online account credentials," the company confirmed in a statement regarding the attack.

US and allies finger China in Microsoft Exchange hack
2021-07-19 18:36

The US has also blamed hackers working with China for ransomware attacks, extortion, crypto-jacking and other cybercrimes. The United States and several allies have officially pointed the finger at China for the recent hack of Microsoft Exchange server as well as an ongoing series of cyberattacks carried out by contract hackers for personal profit.

US indicts members of Chinese-backed hacking group APT40
2021-07-19 14:44

Today, the US Department of Justice indicted four members of the Chinese state-sponsored hacking group known as APT40 for hacking various companies, universities, and government entities in the US and worldwide between 2011 and 2018. Wu Shurong, the fourth Chinese national indicted today by the DOJ, was hired through Hainan Xiandun to create malware, hack into foreign governments' computer systems, companies, and universities to steal trade secrets, intellectual property, and other high-value information, as well as to supervise other Hainan Xiandun hackers.

US and allies officially accuse China of Microsoft Exchange attacks
2021-07-19 11:49

US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign. The Biden administration attributes "With a high degree of confidence that malicious cyber actors affiliated with PRC's MSS conducted cyber espionage operations utilizing the zero-day vulnerabilities in Microsoft Exchange Server disclosed in early March 2021.".

Facebook Suspends Accounts Used by Iranian Hackers to Target US Military Personnel
2021-07-18 22:59

Facebook on Thursday disclosed it dismantled a "Sophisticated" online cyber espionage campaign conducted by Iranian hackers targeting about 200 military personnel and companies in the defense and aerospace sectors in the U.S., U.K., and Europe using fake online personas on its platform. The social media giant pinned the attacks to a threat actor known as Tortoiseshell based on the fact that the adversary used similar techniques in past campaigns attributed to the threat group, which was previously known to focus on the information technology industry in Saudi Arabia, suggesting an apparent expansion of malicious activity.

Kaseya ransomware attack should be a wake-up call to all of us, expert says
2021-07-16 20:40

Thousands of small- and medium-sized businesses were affected, just because they trusted their suppliers. How can companies protect against this sort of breach?

US govt offers $10 million reward for tips on nation-state hackers
2021-07-16 18:46

The other is offering a reward of up to $10 million for information on operations conducted by actors working for a foreign government. On Thursday, the U.S. Department of State announced that its Rewards for Justice program now incentivize reports of foreign malicious activity against U.S. critical infrastructure.

Wanted: State-backed bandits planning cyberattacks on US infrastructure. Reward: $10m
2021-07-16 16:30

The US is offering a $10m reward to anyone who dobs in digital outlaws responsible for foreign government-backed cyberattacks on critical national infrastructure such as pipelines, power grids, and communication networks. The cash incentive is part of the US State Department's Rewards for Justice programme and the ongoing war on cybercrime that has in recent months crippled fuel pipelines and meat production.

Facebook: Iranian Hackers Target Military, Aerospace Entities in the US
2021-07-15 17:27

Recent activity that Facebook associated with the group focused on military personnel, defense organizations, and aerospace entities primarily in the United States and, to a lesser extent, the U.K. and Europe, showing an escalation of the group's cyberespionage activities. Today, Facebook revealed that it took action against similar attacks from the Iranian hacking group, which leveraged its online platform to lure victims into downloading malware.

Regulating facial recognition technology? It's the 'Wild West out there,' says US law boffin
2021-07-15 14:16

The role of facial-recognition technology was put under the microscope earlier this week after the US House Committee on the Judiciary heard evidence about how it's used by law enforcement agencies. Dr Cedric Alexander, a former member of President Barack Obama's Task Force on 21st Century Policing, underlined the minefield facing lawmakers by laying out how, on the one hand, FRT can promote justice and "Even save lives" but not if it means sacrificing constitutional rights.