Catalin Cimpanu reports: The operators of the BitPaymer ransomware have been spotted using a zero-day in iTunes for Windows as a mechanism to bypass antivirus detection on infected hosts. The attacks and the zero-day were found by cyber-security firm Morphisec on the network of an enterprise in the automotive industry that got hit by BitPaymer…
Dutch Prostitution Site Hookers.nl Hacked — 250,000 Users’ Data Acquired
Thomas Brewster reports: Hackers have obtained the data and personal details of around 250,000 users of the Dutch sex work forum Hookers.nl. The breach was confirmed by a Hookers.nl moderator on Thursday, saying that the forum software supplier, vBulletin, had reported that a vulnerability had allowed an outsider access to site’s database. Read more on…
Singaporean charged in US with identity theft and wire fraud; accused of taking meth, cybercrimes in Singapore
CNA reports: A Singaporean has been charged with 14 counts of wire fraud, access device fraud and identity theft in Seattle, documents released by the US Department of Justice on Wednesday (Oct 9) revealed. Ho Jun Jia, also known as Matthew Ho, 29, operated a scheme to mine cryptocurrencies using stolen computing power and services, obtained with the stolen identity…
DHS cyber unit wants to subpoena ISPs to identify vulnerable systems
Zack Whittaker reports: Homeland Security’s cybersecurity division is pushing to change the law that would allow it to demand information from internet providers that would identify the owners of vulnerable systems, TechCrunch has learned. Sources familiar with the proposal say the Cybersecurity and Infrastructure Security Agency (CISA), founded just less than a year ago, wants the…
Following flood of spam emails, more than 1,000 student accounts temporarily disabled
Samantha Kizner reports: Over 1,000 Boston University students were forced to change their account passwords after BU servers were flooded with spam emails from student accounts in late September, university officials said. The spam is believed to be a result of a 2018 breach of the educational site Chegg. [..] Over 1,000 Boston University students…
Waitematā DHB sent private mental health notes to wrong patient, inquiry launched
Hannah Martin reports: A mother who requested her son’s medical records claims she was also sent “fully identifiable” mental health notes about another patient. The Auckland woman, who Stuff has chosen not to name for privacy reasons, said Waitematā District Health Board’s error was a “completely unacceptable” breach of patient privacy. Read more on Stuff.