Charlie Osborne reports: Chinese advanced persistent threat (APT) groups are honing in on cancer research institutes in recent cyberattacks in order to steal their work, researchers say. Cancer is the second leading cause of death worldwide and claimed the lives of 9.6 million individuals in 2018. The World Health Organization (WHO) estimates that one in…
Category: Miscellaneous
Adwind Spyware-as-a-Service Attacks Utility Grid Operators
Tara Seals reports: A phishing campaign targeting utility grid operators uses a PDF attachment to deliver spyware. A phishing campaign that spoofs a PDF attachment to deliver Adwind spyware has been taking aim at national grid utilities infrastructure. Adwind, a.k.a. JRAT or SockRat, is being used in a malware-as-a-service model in this campaign, researchers said….
KNEO radio station attacked by ransomware
KNEO radio station, a Christian radio station, got hit with ransomware and wound up with all its audio files corrupted. FourStatesHomePage reports that the radio station first became aware of the attack on Sunday afternoon when they experienced a system breakdown. The staff of KNEO became aware of the system breakdown Sunday afternoon. The station’s…
Hacker site’s incriminating database published online by rival group
Dan Goodin reports: Hackers from Raidforums recently breached the site of rival hacking forum Cracked.to and spilled data for more than 321,000 of its members. The hackers did so while some of their victims were discussing cracking Fortnite accounts, selling software exploits, and engaging in other potentially illegal activities. In all, the dump posted on…
Leadership for Educational Equity Leaks Out Data of 3.7 Million Members
Bill Toulas reports: According to a report by security researcher Jeremiah Fowler, the Washington-based non-profit organization named “Leadership for Educational Equity” (LEE) has left an unprotected Elasticsearch database that contained a total of 5.2 million documents. Not having set up a password, anyone could access the database, so the researcher repeatedly tried to notify the…
Independent Age data breach merits no regulator action
Stephen White reports: Confidential data of employees at older people’s charity, Independent Age, have been accidentally exposed to a former worker. The blunder occurred as the company responded to the ex-staff member’s submission of a DSAR (data subject access request). Independent Age says that the security breach compromised personal data, including bank information, sort codes, account…