Gareth Corfield reports: Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia’s FSB security service. Referring to the hidden backdoor secretly implanted in SolarWinds’ Orion product, Kaspersky’s Georgy Kucherin wrote in a blog post on Monday: “While looking at the Sunburst backdoor, we discovered several features that overlap…
Jefferson Healthcare hit by ‘phishing’ cyber attack
Brian Kelley reports: The personal information of roughly 2,550 people was compromised by a “phishing” attack on the email account of an employee at Jefferson Healthcare, the organization announced Monday. The information stolen may have included the full names of individuals, as well as their dates of birth, phone numbers, home addresses, and health insurance…
This Android malware claims to give hackers full control of your smartphone
Danny Palmer reports: A new combination of two older types of malware, which provides hackers with access to almost everything a user does on an Android smartphone, is up for sale on underground forums for as little as $29.99 – providing even low-level cyber criminals with the ability to steal sensitive personal data. The ‘Rogue’…
DarkSide ransomware decryptor recovers victims’ files for free
Sergiu Gatlan reports: Romanian cybersecurity firm Bitdefender has released a free decryptor for the DarkSide ransomware to allow victims to recover their files without paying a ransom. DarkSide is a human-operated ransomware that has already earned millions in payouts since it started targeting enterprises in August 2020. The operation has seen a spike in activity between October and December 2020…
Parler Is Gone, But Hackers Say They Downloaded Everything First
David Gilbert reports: Right-wing social network Parler was taken offline in the early hours of Monday morning, but not before a hacker found a way to download all data posted by users — including messages, images, videos, and users’ location data — shared during last week’s attack on the Capitol. The data taken from Parler…
Ransom demanded after AKVA group victim of ransomware attack
SalmonBusiness reports: On Monday morning, it was announced that the aquaculture equipment manufacturer on Sunday was hit by an extensive cyber attack. AKVA group CEO Knut Nesse told the newspaper Dagens Næringsliv that the cyber attack was ransomware. This is malicious software that infects computer systems and displays messages demanding a fee to be paid in order for…