Sten Hankewitz reports: According to the Estonian Information System Authority – also known by its Estonian acronym, RIA – three Estonian ministries reported cybersecurity incidents in November that resulted in significant breaches of personal data. The three ministries were the economy ministry, the foreign ministry and the social affairs ministry. “The affected ministries have been…
Category: Commentaries and Analyses
Federal agencies warn that hackers are targeting US think tanks
Maggie Miller reports: The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that major hacking groups are targeting U.S. think tanks. The agencies put out an alert noting that advanced persistent threat (APT) hacking groups were mainly targeting think tanks and individuals involved with international affairs or national security policies….
The painful calculus of ransomware payments
Dennis Fisher writes: The pandemic has disrupted, and in some cases destroyed, the business models of many companies, but it has been a boon for many ransomware gangs, which have taken the opportunity to hone their skills and expand their operations to include new forms of extortion, making an already serious threat into perhaps the…
North Korea-linked hackers targeted J&J, Novavax in hunt for COVID research
Raphael Satter and Jack Stubbs of Reuters report: Suspected North Korean hackers have recently tried to break into at least nine health organizations, including pharmaceutical giant Johnson & Johnson and vaccine developer Novavax Inc, revealing a broader effort to target key players in the race to develop treatments for COVID-19. Four people who have investigated…
Russian hacking group uses Dropbox to store malware-stolen data
Sergiu Gatlan reports: Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of European Union countries. The previously unknown malware framework, named Crutch by its authors, was used in campaigns spanning…
This incredible exploit could have let hackers remotely own iPhones without even touching them
Sean Hollister reports: … Google Project Zero security researcher Ian Beer has revealed that, until May, a variety of Apple iPhones and other iOS devices were vulnerable to an incredible exploit that could let attackers remotely reboot and take complete control of their devices from a distance — including reading emails and other messages, downloading photos,…