News

China has fined Didi Global, a global mobility technology, around $1.2 billion (8.026 billion yuan) for violating the country's network security law, personal information protection law, and data security law. The country's cybersecurity regulator, the Cyberspace Administration of China (CAC), also fined two Didi executives 1 million yuan each for the infringements. The ride-hailing service had its app removed from the web by the Chinese authorities last year, prompting an investigation to start. The CAC...

The online pet website, Neopets, has confirmed it fell victim to a data breach, exposing the personal information of approximately 69 million users. The website's source code was also stolen in the attack. Recently, Neopets launched NFTs, which are part of a plan to create an online Metaverse game, in which users can own, raise and play games with their virtual pets. According to reports, the breach occurred on Tuesday and has since been attributed...

Russian adversaries are taking advantage of trusted cloud services, like Google Drive and DropBox, to deliver malware to businesses and governments, according to new research. Researchers at Palo Alto Networks Unit 42 wrote that the threat actor Cloaked Ursula - AKA the Russian government-linked APT29 or Cozy Bear - is increasingly using online storage services because it makes attacks difficult to detect and prevent. They are believed to have targeted several Western diplomatic missions and...

Virtual pet website Neopets has suffered from a data breach leading to the theft of a database and source codes containing the sensitive information of over 69 million members. The Neopets website allows members to own, raise, and play games with their virtual pets. The popular website recently launched NFTs that will be used as part of an online Metaverse game. Earlier this week, a hacker using the name 'TarTarX' began selling the source code...

The U.S Department of Justice announced that over $500,000 worth of Bitcoin was seized by the FBI from hackers based out of North Korea. "The seized funds include ransoms paid by healthcare providers in Kansas and Colorado," the DoJ said in a press release issued Tuesday. The healthcare providers paid ransoms of up to $100,000 and $120,000 which were ran through two cryptocurrency accounts. These accounts were then seized by the FBI. The initial attacks were carried...

Cato Networks, global SASE cloud provider, just announced the release of their new Data Loss Prevention (DLP) engine. Part of Cato’s SSE architecture, the DLP is meant to offer protection of data as well as prevention of loss of data across organisation software and applications.  Historically, DLP has been considered complex and operationally complicated. With inaccuracies in traffic routing and a limited scope of protection, DLP left some issues to the wayside such as disruptions...

Researchers have discovered what they believe is the first recorded instance of Android malware distribution by prolific state-sponsored Russian hacking group Turla (aka Venomous Bear, amongst other names). The active persistent threat (APT) group is linked to Russia's Federal Security Service (FSB), a successor to the KGB. It is currently involved in operations in operations targeting pro-Ukrainian activists and Ukrainian forces, many of whom have been encouraged to enlist in a volunteer "IT army" to...

The Minister of Foreign Affairs for Beligum announced on Monday that Belgium's defense and interior ministries were targeted by Chinese-government hacking groups. The cyber-espionage groups named in the Belgian Government statement are APT27, APT30, APT31, and a fourth threat group tracked under multiple names, including Gallium, Softcell, and UNSC 2814. The Chinese Embassy in Belgium denied the allegations that China had endorsed these attacks and pointed to a lack of evidence from the Belgium government. "It is extremely...

Google has taken steps to axe dozens of malicious apps from the official Play Store that were spotted propagating Facestealer, Joker, and Coper malware families through the virtual marketplace. Bad actors have repeatedly found ways to sneak past security barriers put up by Google in hopes of luring unsuspecting users into downloading the fraudulent apps. On Monday, researchers Viral Gandhi and Himanshu Sharma said in a report that "Joker is one of the most prominent malware...

The FBI has warned US financial institutions and investors of a surge in fake apps designed to trick consumers into depositing cryptocurrency. Over an unspecified time scale, such scams have already cost $42.7million to 244 identified victims. The Private Industry Notification claimed, "The FBI has observed cyber-criminals using the names, logos and other identifying information of legitimate US businesses, including creating fake websites with this information, as part of their ruse to gain investors.” “Financial...