Zack Whittaker reports: While its contents might seem unremarkable for China, where facial recognition is routine and state surveillance is ubiquitous, the sheer size of the exposed database is staggering. At its peak the database held over 800 million records, representing one of the biggest known data security lapses of the year by scale, second…
FBI, Secret Service join Kentucky investigation into $4 million cybercrime theft
Jonathan Greig reports: The government of Lexington, Kentucky is working with the FBI and Secret Service to investigate $4 million in federal rent assistance and housing funds allegedly stolen by cybercriminals. In a statement to The Record, Mayor Linda Gorton said the city is already taking internal steps to examine how cybercriminals managed to circumvent…
Cuba Ransomware Team claims credit for attack on Montenegro
When Montenegro claimed Russian hackers attacked them, most of us probably didn’t think about the Cuba ransomware team, but the Cuba group claimed credit for the attack. According to their listing, they received the files on August 19. Their wording may sound puzzling in saying that they “received” the files, but that’s consistent with other…
That ‘clean’ Google Translate app is actually Windows crypto-mining malware
Jeff Burt reports: Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches. The cryptomining Trojan, known as Nitrokod, is typically disguised as a clean Windows app and works as the user expects for days or weeks before its hidden Monero-crafting…
Chinese hackers tied to attacks on South China Sea energy companies: US tech firm
Bloomberg reports: Chinese hackers likely targeted energy companies operating in the South China Sea and the Australian government, according to a US tech security firm, the latest accusation of coordinated cybersnooping by the Asian nation to advance its geopolitical goals. Researchers uncovered an ongoing phishing campaign lasting more than a year that has been aimed…
Insurers must rethink handling of cyber attacks on states
There have been a number of lawsuits addressing the issue of whether some cyberattacks should be excluded from cyberinsurance coverage as “acts of war.” Josephine Wolff, author of Cybersecurity Policy, writes: The invasion of Ukraine earlier this year drew considerable global attention to the possibility that Russia might combine its physical attacks on the country…