News

Google says that it delivered almost 40,000 alerts of state-sponsored phishing or malware hacking attempts to its users during 2019, with a 25% drop when compared to the previous year. One of the reasons behind this notable drop in the number of government-backed hacking incidents is the increasingly effective protections Google sets up to protect its users. Due to the more effective protections, hackers are forced to slow down their attacks and try to adapt...

  In recent days, Nefilim, CLOP and Sekhmet have become the latest ransomware operations to launch data-leaking sites, as Bleeping Computer first reported on Tuesday. CLOP has been tied to an attack against Maastricht University in the Netherlands that resulted in the institution paying attackers a ransom of 30 bitcoins (now worth about $200,000). Nefilim appears to be a new version of Nemty and lists on its data-leak site two energy firms. And little is...

  Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team recently found a serious breach in an open Amazon S3 bucket owned by secure cloud storage provider Data Deposit Box. The leak exposed detailed information about 270,000 private files uploaded by customers through the company’s secure cloud storage service. The database also revealed personally identifiable information (PII) of customers, which could have serious consequences for those affected. Source: Security Magazine

  Researchers say that APT41’s exploits are part of one of the broadest espionage campaigns they’ve seen from a Chinese-linked actor “in recent years.” Researchers warn that APT41, a notorious China-linked threat group, has targeted more than 75 organizations worldwide in “one of the broadest campaigns by a Chinese cyber-espionage actor observed in recent years.” Source: Threatpost

  The COVID-19 crisis will likely result in the postponement of the go-live date for Brazil's general data protection regulations. According to industry observers, the pandemic is seen as a fair justification to delay the go-live date for the regulations, which are due to be enforced in August 2020. A bill authored by congressman Carlos Bezerra presented in November 2019 had already proposed pushing the go-live date for the rules to August 15, 2022. In...

  An international group of nearly 400 volunteers with expertise in cybersecurity formed on Wednesday to fight hacking related to the novel coronavirus. Called the COVID-19 CTI League, for cyber threat intelligence, the group spans more than 40 countries and includes professionals in senior positions at such major companies as Microsoft Corp. and Amazon.com Inc. One of four initial managers of the effort, Marc Rogers, said the top priority would be working to combat hacks...

Fortune 500 technology giant General Electric (GE) disclosed that personally identifiable information of current and former employees, as well as beneficiaries, was exposed in a security incident experienced by one of GE's service providers. GE is a multinational operating in a wide range of tech segments including aviation, power, healthcare, and renewable energy, and it is currently ranked by Fortune 500 as the 21st-largest company in the U.S. by revenue. Source: Bleeping Computer

  As per Trend Micro’s research, since May 2019, a Russian state-sponsored notorious cyber espionage threat group called Pawn Storm (also known as Fancy Bear or APT28) has been scanning servers for reusing previously compromised emails. The compromised email addresses are used to carry out phishing campaigns, targeted mainly at defense firms from the Middle East with an intent of cyber espionage. Source: Ciso Mag  

Hospitals in Spain have been targeted with coronavirus-themed phishing lures by attackers looking to lock-down their systems with Netwalker ransomware. Local reports indicate that medical centres have been receiving emails purporting to offer "information on COVID-19", but with PDF attachments that activate the ransomware, commonly associated with computer crime groups in Eastern Europe. Source: Computing.com

MICROSOFT has warned of hackers exploiting a new vulnerability that can be found in all supported versions of Windows. If successfully manipulated by a cyber-criminal, it would be possible for them to run malware on a victim's device. Source: The Sun