Raphael Satter and Jack Stubbs of Reuters report: Suspected North Korean hackers have recently tried to break into at least nine health organizations, including pharmaceutical giant Johnson & Johnson and vaccine developer Novavax Inc, revealing a broader effort to target key players in the race to develop treatments for COVID-19. Four people who have investigated…
Category: Commentaries and Analyses
Russian hacking group uses Dropbox to store malware-stolen data
Sergiu Gatlan reports: Russian-backed hacking group Turla has used a previously undocumented malware toolset to deploy backdoors and steal sensitive documents in targeted cyber-espionage campaigns directed at high-profile targets such as the Ministry of Foreign Affairs of European Union countries. The previously unknown malware framework, named Crutch by its authors, was used in campaigns spanning…
This incredible exploit could have let hackers remotely own iPhones without even touching them
Sean Hollister reports: … Google Project Zero security researcher Ian Beer has revealed that, until May, a variety of Apple iPhones and other iOS devices were vulnerable to an incredible exploit that could let attackers remotely reboot and take complete control of their devices from a distance — including reading emails and other messages, downloading photos,…
Hackers are targeting MacOS users with this updated malware
Danny Palmer reports: A newly discovered form of malware is targeting Apple MacOS users in a campaign that researchers say is tied to a nation-state-backed hacking operation. The campaign has been detailed by cybersecurity analysts at Trend Micro who’ve linked it to OceanLotus – also known as APT32 – a hacking group that is thought to have links to the Vietnamese government. Read…
Cadwalader and Bar Groups Among Latest to Report Data Breach Incidents
Andrew Maloney reports: In an era of remote work, big bar groups and large law firms continue to see a spate of data breaches and cybersecurity attacks. The New York City Bar Association and the Chicago Bar Association have both reported data breaches this year, according to reports filed with the Maryland attorney general’s office. Meanwhile, Cadwalader,…
UK: “Human error” blamed for personal data breaches at Sheffield Council
Lucy Ashton reports: The council is required to note, assess and deal with any information security or personal data breaches and logged 231 incidents during 2019/20. Of these, 92 were personal data breaches. The majority involved customers and were caused by human error with emails or post being delivered to the wrong person. Read more…