Mathieu Tartare writes: In November 2019, we discovered a new campaign run by the Winnti Group against two Hong Kong universities. We found a new variant of the ShadowPad backdoor, the group’s flagship backdoor, deployed using a new launcher and embedding numerous modules. The Winnti malware was also found at these universities a few weeks…
FL: Clinic worker pleads guilty to identity theft
Austin L. Miller reports: A 49-year-old Leesburg woman pleaded guilty in the federal courthouse in Ocala Thursday to charges of aggravated identity theft and wire fraud. Stacey Lavette Hendricks faces up to 20 years behind bars on the wire fraud charge, followed by a mandatory two-year term for identity theft, according to federal authorities. Read…
Three suspects arrested in Maltese bank cyber-heist
Catalin Cimpanu reports: British police have arrested yesterday three individuals that they believe are involved in the February 2019 hack of Bank of Valletta (BOV), one of Malta’s biggest banks. National Crime Agency (NCA) officers arrested two males, aged 22 and 17, in London, and a third suspect, a 39-year-old male in Belfast, Northern Ireland….
SpiceJet dismisses data breach report of 1.2 million passengers
ANI reports: India’s privately-owned airline SpiceJet has denied the data breach reports of about a million passengers. The airline also said that there was no security lapse in its systems. “There was no data breach in any of SpiceJet’s servers. At SpiceJet, safety and security of our fliers’ data is sacrosanct. Our systems are fully capable and…
CO: Wheat Ridge clinic reports potential breach of 1,300 patients’ information following burglary
Eric Ruble reports: A local mental health clinic says 1,319 patients’ information was possibly accessed during a burglary in November 2019. On Thursday, the Jefferson Center for Mental Health said its Independence Corner location at 9595 W. 49th Ave. in Wheat Ridge was burglarized on Nov. 29. Read more on KDVR.
Japanese company NEC confirms 2016 security breach
Catalin Cimpanu reports: Japanese electronics and IT company NEC Corp disclosed a security breach today that took place more than three years ago, in December 2016. The company’s admission comes after reports in Japanese media [1, 2, 3] that the company might have suffered a security breach but decided to keep it quiet. Read more on ZDNet.