Catalin Cimpanu reports: Security researchers say they found evidence that a Chinese government-linked hacking group has been bypassing two-factor authentication (2FA) in a recent wave of attacks. The attacks have been attributed to a group the cyber-security industry is tracking as APT20, believed to operate on the behest of the Beijing government, Dutch cyber-security firm…
Category: Business Sector
The Hacker Who Took Down a Country
Kit Chellel reports: The attack against Liberia began in October 2016. More than a half-million security cameras around the world tried to connect to a handful of servers used by Lonestar Cell MTN, a local mobile phone operator, and Lonestar’s network was overwhelmed. Internet access for its 1.5 million customers slowed to a crawl, then…
RavnAir flights in Alaska canceled after cyber attack
Anchorage Daily News reports: At least a dozen RavnAir flights in Alaska were canceled Saturday following what the company described as “a malicious cyber attack” on its computer network. The cancelations affected around 260 passengers, said company spokeswoman Debbie Reinwand. The regional carrier, which flies routes across much of Alaska, canceled all flights involving its…
Twitter for Android Security Issue
Kritti Bhalla reports: Microblogging website Twitter, on December 21, admitted that a malicious code was inserted into its mobile-app that may have compromised some user’s information. The privacy breach is said to have taken place worldwide, including India. “We don’t have evidence that malicious code was inserted into the app or that this vulnerability was…
Member of “Turkish Crime Family” who attempted to extort Apple in 2017 gets no prison time
Catalin Cimpanu reports: A 22-year-old man was sentenced today in London for his involvement in an extortion attempt against Apple, during which the suspect and co-conspirators threatened to mass-hack iCloud accounts and factory reset 250 million iPhones and iPads. The man, Kerem Albayrak, was sentenced today to a two-year suspended jail term, 300 hours of…
Fashion rental company HURR Collective exposed user information through misconfigured plugin
James Walker reports: HURR Collective, a UK-based fashion rental company, has notified around 400 users of a data security incident that resulted in their email addresses being exposed, The Daily Swig has learned. A misconfigured plugin on the HURR website meant that users’ email addresses could be obtained simply by clicking ‘View Source’ on certain web pages….