Nobelium launched the attacks after getting access to an email marketing service used by the United States Agency for International Development, or USAID, according to Microsoft. Guardian staff and agencies report: The state-backed Russian cyber spies behind the SolarWinds hacking campaign launched a targeted phishing assault on US and foreign government agencies and thinktanks this…
Mexico Arrests Suspected Romanian Boss of ATM Skimming Network
Marcel Gascón Barberá reports: Mexican prosecutors have announced the arrest of a man identified in Romania as a key underworld figure, Florian Tudor, suspected of runnning an international skimming operation copying credit card data. The arrest follows an extradition request from Romania concerning charges of organised crime, extortion and aggravated attempted homicide. Minutes after the two…
Philly data breach that impacted health employee emails also hit other departments
Emily Scott reports: The City of Philadelphia has released an update on an investigation into a data breach that left some employee email accounts accessible to unauthorized individuals. The incident, initially identified in March 2020, was the result of an employee’s email account that was exposed due to a phishing attack. The breach impacted people receiving services…
Klarna battles data breach with reports of leaked user info
Isabel Woodford reports: Consumers have raised the alarm about a data breach — including users’ names — at Klarna, Europe’s largest private fintech. The company, which is reportedly in the throes of closing a deal valuing it at $40bn, came under fire on Thursday after users complained they were being accidentally logged in as other people, given…
Japanese government agencies suffer data breaches after Fujitsu hack
So it may not be just 76,000 email addresses… Ax Sharma reports: Offices of multiple Japanese agencies were breached via Fujitsu’s “ProjectWEB” information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data. It is not yet clear if this breach occurred because of a vulnerability exploit, or a…
The FBI will feed hashes of hacked passwords directly into Have I Been Pwned
Catalin Cimpanu reports: Australian security researcher Troy Hunt announced today that he granted the US Federal Bureau of Investigation a direct line to upload new content into Have I Been Pwned, a website that indexes data from security breaches. The HIBP creator said that when the FBI discovers password collections during their investigations, they will upload…