Sebastian McCarthy reports: Morrisons has been granted permission to appeal to the Supreme Court after losing a major court case over a data leak. In October the UK’s fourth-biggest supermarket lost an appeal against a High Court ruling that concluded the firm was legally liable for a former employee leaking personal information about 100,000 staff…
Category: Of Note
Spear Phishing Campaign Targets Ukraine Government and Military; Infrastructure Reveals Potential Link to So-Called Luhansk People’s Republic
John Hultquist, Ben Read, Oleg Bondarenko, and Chi-en Shen of FireEye explain: In early 2019, FireEye Threat Intelligence identified a spear phishing email targeting government entities in Ukraine. The spear phishing email included a malicious LNK file with PowerShell script to download the second-stage payload from the command and control (C&C) server. The email was…
New Malicious Medical DICOM Image Files Cause HIPAA Headache
Sergiu Gatlan reports: Malicious DICOM files can be crafted to contain both CT and MRI scan imaging data and potentially dangerous PE executables, a process which can be used by threat actors to hide malware inside seemingly harmless files. Cylera’s Markel Picado Ortiz achieved this by taking advantage of a DICOM format design flaw which…
A hacker has dumped nearly one billion user records over the past two months
Catalin Cimpanu reports: A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall. The hacker’s name is Gnosticplayers,…
Kaspersky: 70 percent of attacks now target Office vulnerabilities
Catalin Cimpanu reports: Microsoft Office products are today’s top target for hackers, according to attack and exploitation data gathered by Kaspersky Lab. In a presentation at its security conference –the Security Analyst Summit– the company said that around 70 percent of the attacks its products have detected in Q4 2018 are trying to abuse a…
A clever way to increase awareness in the workplace
Seen on Twitter. This is brilliant :))) Apparently Shawn is the HR boss. pic.twitter.com/N45GxdtwOa — Mladen Prajdic (@MladenPrajdic) April 11, 2019 [The image shows a “Password Change Sign Up Sheet” where employees can list their current password and the one they’d like it changed to. After a few employees signed up publicly that way, there’s…