13 Jan 2021

Hackers have leaked the COVID-19 vaccine data they stole in a cyberattack

A cyberattack targeting the European Union’s medical agency has resulted in stolen information about the COVID-19 vaccines. The stolen information has been leaked. The attack was against the European Medicines Agency last month and information about coronavirus medicines was gained. The documents containing the data about coronavirus medicines, including the

Read More
12 Jan 2021

Kaspersky Connects SolarWinds Attack Code to Known Russian APT Group

Turla cyberspies were linked to the SolarWinds breach due to similarities in the malware used in the attack and Kazuar, a backdoor used. The hackers are believed to be based in Russia and targeted the SolarWinds company in a sophisticated attempt to breach the system of hundreds of high-profile organizations.

Read More
12 Jan 2021

Millions of Social Profiles Leaked by Chinese Data-Scrapers

SocialArks exposed 318 million records from Facebook, Instagram, and LinkedIn in a misconfig of the cloud. Details for social-media influencers and celebrities from the U.S were among the public and personal profile data exposed. An ElasticSearch database owned by a Chinese social-media company, SocialArks, was misconfigured leading to the leak.

Read More
12 Jan 2021

IoT Vendor Ubiquiti Suffers Data Breach

Internet of Things and Wi-Fi vendor Ubiquiti discovered a breach of one of its systems in the cloud yesterday. THe customers were advised to change their passwords and use multifactor authentication.  There is no evidence of breaching of any databases that contain personal information of users. The data that could

Read More
12 Jan 2021

Colombian energy, metal firms under fire in new Trojan attack wave

Three Remote Access Trojans (RATs) are being used to commit a wave of attacks on companies in Columbia. These attacks result in the stealing of confidential information and the campaign has been named Operation Spalax. ESET discovered the campaign on Tuesday that is targeting government and private entities, specifically with

Read More
11 Jan 2021

High Court Rules Against Government Bulk Hacking

The High Court in the UK ruled against the intelligence agencies’ use of bulk hacking for domestic targets. Edward Snowden revealed the use of hacking to target large numbers of users simultaneously in 2014.  In 2016, the Non-profit Privacy International challenged the practice in a secretive court for cases involving

Read More
11 Jan 2021

Russian Hacker Sentenced to 12 Years for Role in Breaches of JP Morgan, Others

Andrei Tyurin was sentenced to 12 years in prison after his role in a global hacking campaign. The campaign accessed personal information for more than 80 million JP Morgan Chase customers. This breach was the largest-ever of a financial institution in the United States.  From 2012 to 2015, Tyurin hacked

Read More
11 Jan 2021

New Zealand Central Bank Hit by Cyber Attack

On Sunday, New Zealand’s central bank was responding to a breach of one of its data systems. The third-party file accessed stored “sensitive information”. The Governor of the Reserve Bank of New Zealand, Adrian Orr, stated the breach was contained and the extent of the information accessed would take time

Read More
11 Jan 2021

Over 100,000 UN Employee Records Accessed by Researchers

Over 100,000 United Nations employee records and credentials were able to be accessed by security researchers in only hours. Sakura Samurai created a team to look for bugs to report to the UN under its vulnq disclosure program. Using the git-dumper tool, an exposed subdomain for UN program the International

Read More
08 Jan 2021

Emotet Tops Malware Charts in December After Reboot

The Emotet Trojan, after undergoing a makeover, is back at the top of malware charts, according to Check Point’s Global Threat Index for December 2020. Emotet was re-designed to boast more evasive strategies that prevent detection. The malware was in fifth place in the Global Threat Index in November but

Read More