The hack of a U.K. trade minister’s email account – the result of a spear phishing campaign likely engineered by Russian operatives – led to the leak of U.S.-U.K. trade documents and perpetuated a disinformation campaign credited with influencing the 2019 U.K. election. Hackers were able to successfully access the email
Author: Teri Robinson
Feds arrest teen Twitter hack leader, accomplices
The ringleader of the Twitter breach that used prominent accounts to run a cryptocurrency scam turns out to be a 17-year-old in Tampa arrested earlier today. Two accomplices, Nima Fazeli, 22, of Orlando and Mason Sheppard, 19, in the U.K., known as Rolex and Chaewon, respectively, were also arrested in the
Nefilim gang leaks files stolen from Dussmann Group subsidiary
By now, it’s a familiar refrain, ransomware operators publishing documents after pinching them from a vulnerable company – this time the victim was a subsidiary of Germany’s Dussmann Group, a sprawling multiservice provider, and the attacker, Nefilim’s operators. The ransomware gang pinched files, including AutoCAD drawings, Word documents and accounting docs
SEI Investments customer data exposed in ransomware attack on vendor
A May ransomware attack on M.J. Brunner Inc. exposed data pertaining to clients of SEI Investments Co., among them money managers like Pacific Investment Management Co. (Pimco), Fortress Investment Group LLC and Centerbridge Partners. SEI Investments said in a statement that the attack was not the result of any flaw in
Cisco patches severe traversal vulnerability exploited in wild
Cisco is urging organizations to implement its patch for a high severity directory traversal vulnerability that affected the web services interface of the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software firewall products and which is being actively exploited in the wild. The vulnerability, CVE-2020-3452, stems
Misconfigured S3 exposes Twilio users to Magecart attack
A misconfiguration in an S3 bucket that was hosting a Twilio Javascript library caused a bad threat actor to inject code that made Twilio users load an extraneous URL on their browsers that has been associated with the Magecart group of attacks. In a company blog, Twilio said this solely affected v1.20
New cryptominer botnet spreads payload, less intrusive
A new cryptocurrency-mining botnet attack called Prometei bypasses detection systems and monetizes its campaigns in less intrusive ways. It is the first time that anyone’s documented the a multi-modular botnet, according to Talos, which discovered the botnet and dubbed it “Prometei.” The botnet, which has been active since March, spreads a
Phishing attack hid in Google Cloud Services
Details of a phishing attack concealed in Google Cloud Services point to a fast-growing trend that has hackers disguising malicious activities in cloud service providers. In a report released today, researchers at Check Point unravel, step-by-step, how even security-savvy professionals could be tricked by a well-disguised ruse, which kicked off with
Covid-19 vaccines, economies in peril after Russian APT29 attacks
Warnings by officials in the U.S., U.K. and Canada that Russia’s Cozy Bear, APT29, is actively trying to steal Covid-19 vaccine research by hacking vaccine trials and dropping WellMess and WellMail malware proves at least two things: Russia military intelligence is still going hard against U.S. targets, and the health
EU court kills Privacy Shield, wreaks havoc on digital economy
The EU court decision in the Schrems II case that effectively kills the Privacy Shield pact hammered out four years ago between the U.S. and EU could cripple multinational companies’ ability to operate as they scramble to scrutinize their data transfer mechanisms. “This is a stunning and completely unexpected decision. In invalidating