Cyber Bites

The recent high-profile cyberattack that struck British budget airline EasyJet may have been carried out by Chinese hackers, new research and multiple sources have suggested. The cyberattack, which saw the email addresses and travel details of millions of passengers being robbed—as well as the credit card details of some 2,000—was reportedly conducted by the very same group of Chinese hackers responsible for other attacks on a number of airlines in recent months. Source: CPO Magazine

A gang demanded an £800,000 Bitcoin ransom in a cyber attack on a firm owned by Kent County Council and leaked its data on the dark web. Kent Commercial Services (KCS) delivers services and supplies to public authorities, including protective equipment during the Covid-19 crisis. No ransom was paid and no personal data relating to taxpayers was stolen, KCS said. The Information Commissioner said KCS had been given data protection advice. KCS chief executive John...

As protests continue to proliferate across the globe in the wake of George Floyd’s death, the Minnesota Police Department is making news for something else: A supposed hack, perpetrated at the hands of the Anonymous hacktivist group. According to Troy Hunt at Have I Been Pwned (HIBP), the group of allegedly ill-gotten email addresses and passwords has been circulating in multiple forums, with most of them attributing the credential leak to Anonymous, which is a...

Amtrak has revealed that some customers may have had their personal information and log-ins stolen after it detected unauthorized access of rewards accounts by a third party. Also known as the National Railroad Passenger Corporation, the state-backed US transportation provider revealed the news in a regulatory filing with the Office of the Vermont Attorney General. Source: Infosecurity Magazine

The Nipissing First Nation administration stopped a ransomware attack in its tracks but not soon enough to prevent disruption of communications. The attack was discovered on May 8 and affected all departments of the administration but most of the network remained unaffected. Source: BleepingComputer 

The team behind the Joomla open source content management system (CMS) announced a security breach last week. The incident took place after a member of the Joomla Resources Directory (JRD) team left a full backup of the JRD site (resources.joomla.org) on an Amazon Web Services S3 bucket owned by their own company. Source: ZDNet In response to the news, Paul Edon, Senior Director Technical Sales and Services (EMEA) at Tripwire, said: This incident confirms the...

Toll Group has said it was making "good progress" with the restoration of its key online systems, following the ransomware attack it suffered after a January infection. In an update posted on Friday, the company said MyToll customers could now access most features and its Track and Trace function is available for a number of services, with historical data being progressively uploaded.  "In our Global Forwarding business, systems tests have been completed and we have...

One of the world’s largest telecoms and IT services companies has revealed that attackers may have stolen data from its internal systems, affecting over 600 customers. NTT Communications provides cloud, network and data center services to some of the world’s biggest companies. Its parent, NTT Group, is ranked in the top 100 of the Fortune Global 500. The firm claimed in a lengthy statement on Thursday that it detected unauthorized access to its Active Directory...

The American Civil Liberties Union (ACLU) is taking Clearview AI to court, claiming the company's facial surveillance activities violate the Illinois Biometric Information Privacy Act (BIPA) and "represent an unprecedented threat to our security and safety". The legal action, brought on by lawyers at the ACLU of Illinois and the law firm Edelson PC, is on behalf of organisations that represent survivors of sexual assault and domestic violence, undocumented immigrants, and other vulnerable communities. Clearview...

Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems and deploy a Remote Administration Tool (RAT). The malware dubbed Octopus Scanner by researchers at the GitHub Security Lab compromises developers' computers by infecting their NetBeans repositories after planting malicious payloads within JAR binaries, project files and dependencies, later spreading to downstream development systems. "Infecting...