News


  • Npower withdraws mobile app after hackers steal personal details

    February 27, 2021

    Npower has permanently withdrawn its mobile app after hackers used it to access its customers’ personal details, including the sort codes and the last four digits of their bank accounts. The hack, which cybersecurity experts said left the firm’s customers “wide open to fraud”, is understood to have taken place around the start of February. The company ...

  • Go malware is now common, having been adopted by both APTs and e-crime groups

    February 26, 2021

    The number of malware strains coded in the Go programming language has seen a sharp increase of around 2,000% over the last few years, since 2017, cybersecurity firm Intezer said in a report published this week. The company’s findings highlight and confirm a general trend in the malware ecosystem, where malware authors have slowly moved away ...

  • Oxford University lab with COVID-19 research links targeted by hackers

    February 26, 2021

    An Oxford University lab conducting research into the coronavirus pandemic has been compromised by cyberattackers. Oxford University, one of the most prominent educational institutions in the UK, was made aware of the security breach on Thursday. The university confirmed that a security incident took place at the Division of Structural Biology lab, also known as “Strubi,” after ...

  • Dutch Research Council (NWO) confirms ransomware attack, data leak

    February 26, 2021

    The recent cyberattack that forced the Dutch Research Council (NWO) to take its servers offline and suspend grant allocation processes was caused by the DoppelPaymer ransomware gang. The hackers gained access to NWO’s network on February 8 and stole internal documents, threatening with leaking them unless the organization paid a ransom. Since NWO does not cooperate with ...

  • North Korean hackers target defense industry with custom malware

    February 25, 2021

    A North Korean-backed hacking group has targeted the defense industry with custom backdoor malware dubbed ThreatNeedle since early 2020 with the end goal of collecting highly sensitive information. This espionage campaign affected organizations from more than a dozen countries and was coordinated by DPRK-backed state hackers tracked as Lazarus Group. The attackers used COVID19-themed spear-phishing emails with ...

  • Cisco Warns of Critical Auth-Bypass Security Flaw

    February 25, 2021

    A critical vulnerability in Cisco Systems’ intersite policy manager software could allow a remote attacker to bypass authentication. The vulnerability is one of three critical flaws fixed by Cisco on this week. It exists in Cisco’s ACI Multi-Site Orchestrator (ACI MSO) — this is Cisco’s management software for businesses, which allows them to monitor the health ...

  • Health Website Leaks 8 Million COVID-19 Test Results

    February 25, 2021

    Yet another human-related error — this time a flaw in a health department website in the state of Bengal, India — has exposed the confidential results of COVID-19 tests as well as personally identifying information (PII) for an entire geographic region’s population. Test results related to more than 8 million people potentially were exposed before the ...

  • GCHQ: Artificial intelligence is already a vital part of our missions

    February 25, 2021

    The UK’s top intelligence and security body, GCHQ, is betting big on artificial intelligence: the organization has revealed how it wants to use AI to boost national security. In a new paper titled “Pioneering a New National Security,” GCHQ’s analysts went to lengths to explain why AI holds the key to better protection of the nation. ...

  • TD Bank suffered systemwide banking outage, services now recovered

    February 25, 2021

    TD Bank has recovered from a major IT systems outage today that prevented account holders from accessing their online bank accounts, use ATM, or check balances over the phone. The outage started at approximately 2 AM EST this morning and prevented TD Bank members from logging into their online accounts. When attempting to do so, their systems ...

  • COVID pandemic causes spike in cyberattacks against hospitals, medical companies

    February 24, 2021

    Cyberattacks against healthcare organizations have doubled during the coronavirus pandemic, research suggests. On Wednesday, IBM released the company’s annual X-Force Threat Intelligence Index, which analyzed data from the previous year to track the evolution of new threats, malware development, and cyberattacks. The 2021 index includes some notable trends, perhaps the most significant being how many threat actors ...

  • APT32 state hackers target human rights defenders with spyware

    February 23, 2021

    Vietnam-backed hacking group APT32 has coordinated several spyware attacks targeting Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The state hackers also pointed their attacks at a nonprofit (NPO) human rights organization from Vietnam, as Amnesty International’s Security Lab revealed (full report here). The spyware used by the APT32 hackers allowed them to read ...

  • Airplane maker Bombardier data posted on ransomware leak site following FTA hack

    February 23, 2021

    Canadian airplane manufacturer Bombardier has disclosed today a security breach after some of its data was published on a dark web portal operated by the Clop ransomware gang. “An initial investigation revealed that an unauthorized party accessed and extracted data by exploiting a vulnerability affecting a third-party file-transfer application, which was running on purpose-built servers isolated ...

  • Finnish IT Giant Hit with Ransomware Cyberattack

    February 23, 2021

    Norwegian business journal E24 reported the attack on Espoo, Finland-based TietoEVRY on Tuesday, claiming to have spoken with Geir Remman, a communications director at the company. Remman acknowledged technical problems with several services that TietoEVRY provides to 25 customers, which are “due to a ransom attack,” according to the report. Remman told E24 that the company ...

  • Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11

    February 22, 2021

    Researchers have identified a set of threat actors (dubbed UNC2546 and UNC2582) with connections to the FIN11 and the Clop ransomware gang as the cybercriminal group behind the global zero-day attacks on users of the Accellion legacy File Transfer Appliance product. Multiple Accellion FTA customers, including the Jones Day Law Firm, Kroger and Singtel, have all ...

  • TDoS Attacks Take Aim at Emergency First-Responder Services

    February 22, 2021

    Telephony denial-of-service (TDoS) attacks, which affect the availability and readiness of call centers, are hitting critical first-responder facilities, according to the Federal Bureau of Investigation (FBI). A TDoS attack is designed to prevent incoming and outgoing calls, by flooding a target with junk calls. “The objective is to keep the distraction calls active for as long as ...

  • Chinese hackers cloned attack tool belonging to NSA’s Equation Group

    February 22, 2021

    Chinese threat actors “cloned” and used a Windows zero-day exploit stolen from the NSA’s Equation Group for years before the privilege escalation flaw was patched, researchers say. On Monday, Check Point Research (CPR) said the tool was a “clone” of software developed by the US National Security Agency (NSA)’s Equation Group, identified by FireEye in 2015 ...

  • Lakehead University shuts down campus network after cyberattack

    February 21, 2021

    Canadian undergraduate research university Lakehead has been dealing with a cyberattack that forced the institution earlier this week to cut off access to its servers. The school’s services, including its website, have been down since Tuesday, with personnel shutting down computers on the Thunder Bay and Orillia campuses to stop the attack from spreading. In a communication ...

  • Recently fixed Windows zero-day actively exploited since mid-2020

    February 20, 2021

    Microsoft says that a high-severity Windows zero-day vulnerability patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its telemetry data. The actively exploited zero-day bug is tracked as ‘CVE-2021-1732 – Windows Win32k Elevation of Privilege Vulnerability.’ It allows local attackers to elevate their privileges to ...

  • Experian challenged over massive data leak in Brazil

    February 20, 2021

    After receiving feedback from Experian over a massive data leak in Brazil, São Paulo state consumer rights foundation Procon described the company’s explanations as “insufficient” and said it is likely that the incident was initiated in a corporate environment. Procon notified the credit information multinational following the emergence of a leak that exposed the personal data ...

  • SonicWall releases additional update for SMA 100 vulnerability

    February 20, 2021

    SonicWall has released a second firmware update for an SMA-100 zero-day vulnerability known to be used in attacks and is warning to install it immediately. Last month, SonicWall disclosed that their internal systems were attacked using a zero-day vulnerability in their SMA-100 remote access devices. A week later, cybersecurity firm NCC Group discovered the zero-day vulnerability used ...