Sergiu Gatlan reports: Clop ransomware leaked files stolen from U.S pharmaceutical company ExecuPharm after ransom negotiations allegedly failed. ExecuPharm is a contract research organization (CRO) that provides clinical research support services to companies from the pharmaceutical industry. The company has more than 18,000 global clinical operational specialists in its network and it is one largest…
Category: Business Sector
Spear-phishing campaign compromises executives at 150+ companies
Catalin Cimpanu reports: A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today. The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more than half of its victims; although, victims have been recorded at companies…
“Government” hackers cracked the mail of dignitaries of Estonia
The following is a Google translation of a story that appears on securitylab.ru: For hacking, it was enough for the victim to open a malicious email; no other action was required on her part. Government-sponsored hackers exploited the zero-day vulnerability in the Estonian email service Mail.ee and hacked the accounts of a number of dignitaries….
Personal data of thousands of “Figaro” readers exposed on a server
The following is a Google translation of a story in Le Monde by Damien Leloupe: A large volume of data, including personal data of subscribers and subscribers to the Figaro site , remained accessible for several months online without protection, reveals a report by the computer security company Safety Detective , published Thursday, April 30. The Safety Detective team discovered…
Chegg notifying employees of recent hack
While Chegg may have won one round in litigation stemming from their massive 2018 data breach, they may have another problem brewing. On April 10, Chegg learned that on or about April 9, 2020, an outside hacker may have illegally obtained employee information for approximately 700 current and former U.S. Chegg employees. The personal information…
When someone claims something is a “confirmed scam,” ask for their proof
On April 27, this site linked to a post by Cyble.io, describing how a threat actor claimed to have gained access to Huiying Medical’s AI-assisted COVID-19 Detection source code as well as experimental data. And it was all up for sale for 4 BTC. On April 28, Vinny Troia tweeted: Regarding the stolen COVID-19 vaccine…