Catalin Cimpanu reports: Security researchers say they found evidence that a Chinese government-linked hacking group has been bypassing two-factor authentication (2FA) in a recent wave of attacks. The attacks have been attributed to a group the cyber-security industry is tracking as APT20, believed to operate on the behest of the Beijing government, Dutch cyber-security firm…
Category: Of Note
The Hacker Who Took Down a Country
Kit Chellel reports: The attack against Liberia began in October 2016. More than a half-million security cameras around the world tried to connect to a handful of servers used by Lonestar Cell MTN, a local mobile phone operator, and Lonestar’s network was overwhelmed. Internet access for its 1.5 million customers slowed to a crawl, then…
‘Russian pirate hacked 39 British universities’
Danny Fortson reports: A Russian internet pirate under investigation for potential ties to Russia’s intelligence services is alleged to have hacked the systems of 39 British universities. Alexandra Elbakyan is founder of Sci-Hub, a website that publishes millions of academic papers free that would otherwise be available only through subscriptions or one-off payments. Read more…
GozNym Gang Members Behind $100 Million Damages Sentenced
Sergiu Gatlan reports: Three members of a cybercrime group that used the GozNym banking Trojan to steal millions from U.S. businesses were sentenced today in parallel and multi-national prosecutions in Pittsburgh and Tbilisi, Georgia. The GozNym group members were charged for stealing “an estimated $100 million from more than 41 000 victims, primarily businesses and…
UK: Information Commissioner’s Office takes enforcement action against pharmacy
From the ICO: The Information Commissioner’s Office (ICO) has fined a London-based pharmacy £275,000 for failing to ensure the security of special category data. Doorstep Dispensaree Ltd, which supplies medicines to customers and care homes, left approximately 500,000 documents in unlocked containers at the back of its premises in Edgware. The documents included names, addresses,…
China Citizen Watch (Finally) Secures 150TB of Leaking Data
China Citizen Watch, the official Chinese division of the Japanese watch giant Citizen, and Bulova Watch Company (a Citizen brand in the U.S.) have both been affected because China Citizen Watch or its hosting company left an unsecured RSYNC server online with more than 150TB of files. Cursory skimming of the files, necessitated by Citizen…