13 Jan 2021

Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021

83 vulnerabilities have been patched on Microsoft’s first Patch Tuesday of 2021. The patches addressed 10 major flaws, including a zero-day remote code execution bug in Microsoft Defender. 73 of the fixes are classified important and one is publicly known. The fixes addressed Microsoft Windows, the Edge search browser, ChakraCore,

Read More
13 Jan 2021

Hackers have leaked the COVID-19 vaccine data they stole in a cyberattack

A cyberattack targeting the European Union’s medical agency has resulted in stolen information about the COVID-19 vaccines. The stolen information has been leaked. The attack was against the European Medicines Agency last month and information about coronavirus medicines was gained. The documents containing the data about coronavirus medicines, including the

Read More
12 Jan 2021

Kaspersky Connects SolarWinds Attack Code to Known Russian APT Group

Turla cyberspies were linked to the SolarWinds breach due to similarities in the malware used in the attack and Kazuar, a backdoor used. The hackers are believed to be based in Russia and targeted the SolarWinds company in a sophisticated attempt to breach the system of hundreds of high-profile organizations.

Read More
12 Jan 2021

Millions of Social Profiles Leaked by Chinese Data-Scrapers

SocialArks exposed 318 million records from Facebook, Instagram, and LinkedIn in a misconfig of the cloud. Details for social-media influencers and celebrities from the U.S were among the public and personal profile data exposed. An ElasticSearch database owned by a Chinese social-media company, SocialArks, was misconfigured leading to the leak.

Read More
12 Jan 2021

Colombian energy, metal firms under fire in new Trojan attack wave

Three Remote Access Trojans (RATs) are being used to commit a wave of attacks on companies in Columbia. These attacks result in the stealing of confidential information and the campaign has been named Operation Spalax. ESET discovered the campaign on Tuesday that is targeting government and private entities, specifically with

Read More
11 Jan 2021

High Court Rules Against Government Bulk Hacking

The High Court in the UK ruled against the intelligence agencies’ use of bulk hacking for domestic targets. Edward Snowden revealed the use of hacking to target large numbers of users simultaneously in 2014.  In 2016, the Non-profit Privacy International challenged the practice in a secretive court for cases involving

Read More
11 Jan 2021

Russian Hacker Sentenced to 12 Years for Role in Breaches of JP Morgan, Others

Andrei Tyurin was sentenced to 12 years in prison after his role in a global hacking campaign. The campaign accessed personal information for more than 80 million JP Morgan Chase customers. This breach was the largest-ever of a financial institution in the United States.  From 2012 to 2015, Tyurin hacked

Read More
15 Jan 2020

2017 Data Breach Will Cost Equifax at Least $1.38 Billion

Equifax has agreed to set aside a minimum of $380.5 million for breach compensation and promises to spend another $1 billion on elevating its information security over the next five years. Customers affected by the breach, almost 147 million US consumers, have one week from today to file a claim.

Read More
09 Jan 2020

TrickBot Adds Custom, Stealthy Backdoor to its Arsenal

TrickBot is evolving to avoid detection by adding a new backdoor to its arsenal. Russian cybercriminals behind the malware have developed “PowerTrick” to infiltrate high-value targets and give TrickBot new capabilities. SentinelLabs stated that PowerTrick was released on Thursday and is designed to execute commands and return results in Base64

Read More
09 Jan 2020

Google Removed Over 1.7K Joker Malware Infected Apps from Play Store

Google has removed 1,700 applications compromised by the Joker Android malware from its Google Play Store to protect consumers from the harmful software. The infected applications have been detected and removed since 2017 when the company began tracking the uploads. CSIS Security Group researchers found 24 apps with over 400,000

Read More