- Amnesty International Canada intruder was in system for 17 months before detection
December 6, 2022
A suspected Chinese-based threat actor was in the IT system of Amnesty International Canada for 17 months before being detected, according to the head of the non-profit group. The Canadian branch of the human rights organization said in a news release Monday that the breach of security controls was detected in October. To its knowledge, this ...
- Four suspects cuffed, face extradition to US over tax refund scam plot
December 6, 2022
Four men suspected of plotting to commit wire fraud and identity theft have been arrested and now face extradition to America. It is alleged they conspired to break into US companies’ servers, steal people’s personally identifiable information (PII), use that info to file fraudulent tax returns to Uncle Sam, and collect victims’ tax refunds. In newly unsealed ...
- Russian VTB bank reports major DDoS attack on bank from overseas
December 6, 2022
VTB’s technical infrastructure is currently under a major cyberattack from abroad. The bank’s customers may face temporary problems when using the application and the web version of VTB online due to the measures in tackling the attack that are in progress, the press service of Russia’s second-biggest lender reported on Tuesday. “VTB’s technological infrastructure is currently ...
- Ransomware hits city of Antwerp
December 6, 2022
Cybercriminals infected the city’s IT systems with ransomware. Residents are unable to make appointments for public affairs. Antwerp’s police and museums are partially offline. The attack took place on the night of December 5-6. A city spokesperson told De Standaard that ransomware was found on several systems. The identity of the attacker(s) is unknown at the ...
- KmsdBot botnet is down after operator sends typo in command
December 6, 2022
Somewhere out there, a botnet operator is kicking themselves and probably hoping no one noticed the typo they transmitted in a command that crashed their whole operation. Unfortunately for the typographically-challenged botnetter, it happened on the internet, so someone knows: Akamai, in this case, had been watching for some time. Even worse for the operator(s), their Golang-coded ...
- Google warns stolen Android keys used to sign info-stealing malware
December 5, 2022
Compromised Android platform certificate keys from device makers including Samsung, LG and Mediatek are being used to sign malware and deploy spyware, among other software nasties. Googler Łukasz Siewierski found and reported the security issue and it’s a doozy that allows malicious applications signed with one of the compromised certificates to gain the same level of ...
- French hospital cancels operations after cyberattack
December 5, 2022
A hospital complex in Versailles, near Paris, had to cancel operations and transfer some patients after being hit by a cyberattack over the weekend, France’s health ministry said. The Hospital Centre of Versailles – which consists of Andre-Mignot Hospital, Richaud Hospital and the Despagne Retirement Home – was affected by the hacking attempt, said the complex’s ...
- Crimeware trends: self-propagation and driver exploitation
December 5, 2022
If one sheep leaps over the ditch, the rest will follow. This is an old saying, found in various languages, and it can be applied to ransomware developers. In previous blog posts, Kaspersky researchers highlighted an increase in the popularity of platform-independent languages and ESXi support, and recently, Kaspersky published a research about ransomware borrowing ...
- Registration is now open for National Cyber Security Show 2023
December 5, 2022
National Cyber Security Show is set to return to NEC Birmingham on 25-27 April 2023, and is guaranteed to be bigger and better than its predecessors. Registration is open and visitors are now able to register to attend this outstanding cybersecurity showcase for free. Following its successful launch in 2021, this year’s National Cyber Security Show ...
- Android malware apps with 2 million installs spotted on Google Play
December 4, 2022
A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them. The apps were discovered by Dr. Web antivirus and pretend to be useful utilities and system optimizers but, in reality, are the sources of performance hiccups, ads, and user experience degradation. One app ...
- UK: Cambridge Water customers’ bank details published to dark web after cyber attack
December 3, 2022
Bank account details of Cambridge Water customers have been published to the dark web, following a cyber attack. Customers have been left alarmed and furious after learning that names and current addresses, sort codes and account numbers are among the data stolen by cyber criminals from its parent company, South Staffordshire plc, back in August. Cambridge Water ...