Danny Palmer reports: A cyber-espionage campaign is using new malware to infiltrate targets around the world including organisations in media, finance, construction and engineering. Detailed by cybersecurity company Symantec, the attacks against organisations in the US, Japan, Taiwan and China are being conduced with the aim of stealing information and have been linked to an espionage…
Russia’s Fancy Bear Hackers Likely Penetrated a US Federal Agency
Andy Greenberg reports: A warning that unidentified hackers broke into an agency of the US federal government and stole its data is troubling enough. But it becomes all the more disturbing when those unidentified intruders are identified—and appear likely to be part of a notorious team of cyberspies working in the service of Russia’s military intelligence agency,…
It takes hackers 1 minute to find and abuse credentials exposed on GitHub
Paul Bischoff reports on an issue DataBreaches.net and Jelle Ursem recently reported on: data being exposed because of code left in public repositories on GitHub (see our report about exposed protected health information in No Need to Hack When It’s Leaking). Bischoff writes that Comparitech researchers sought to find out how long it took hackers…
Ca: Two Telus Health medical service providers pay ransom after 60K client files accessed
David Paddon reports: The Medisys Health Group and its affiliate Copeman Healthcare say they paid an unspecified ransom to retrieve personal information for about 60,000 clients after detecting a security breach on Aug. 31. An email from Medisys head office in Montreal says privacy officials were notified Sept. 4, four days after the breach was…
SunCrypt ransomware group swears off medical entities, sets sights on cybersecurity firms
When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. BleepingComputer reported that SunCrypt operators had reached out to them to introduce themselves as part of the Maze cartel. Days…
Anthem agrees to pay $39.5M in latest settlement over 2015 hacking
John Russell reports: Anthem Inc. has agreed to pay a group of states $39.5 million to settle claims the health insurer failed to safeguard its data, a breach that led to a massive computer hacking in 2015 that compromised the private information of 78.8 million customers and former customers. The Indianapolis-based company announced the settlement…