Ransomware hits helicopter maker Kopter
Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
Ransomware gangs are now cold-calling victims if they restore from backups without paying
Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
Johnson & Johnson CISO: Healthcare orgs are seeing nation-state attacks every single minute of every single day
Johnson & Johnson is one of six COVID-19 research companies that have been recently targeted by North Korean state-sponsored hackers.
Ransomware attack cripples Vancouver public transportation agency
TransLink customers left unable to use the agency's public ticketing kiosks and cards for two days.
Edward Snowden asks Trump to pardon Wikileaks founder Julian Assange
Snowden claims the pardon would save Assange's life.
Dell announces new protections for its PC and server supply chain
Dell to start using tamper-evident seals during physical transport and provide a software reset feature to wipe hard-drives before customer deployment.
Data of 243 million Brazilians exposed online via website source code
The password to access a highly sensitive Ministry of Health database was stored inside a government site's source code.
Mysterious phishing campaign targets organizations in COVID-19 vaccine cold chain
Targets include EU directorates, companies making vaccine shipping containers, a website development firm linked to vaccine supply chains.
8% of all Google Play apps vulnerable to old security bug
Devs have not updated a crucial library inside their apps, leaving users exposed to dangerous attacks. Some of the vulnerable apps include Microsoft's Edge browser, Grindr, OKCupid, and Cisco Teams.
New TrickBot version can tamper with UEFI/BIOS firmware
New TrickBot feature scares security researchers.
This phishing group is targeting COVID-19 vaccine supply chains
Clues indicate state-sponsored hackers may be to blame.
Compounder Finance DeFi project allegedly pulls the rug from under investors, $11 million stolen
One investor is offering a $100,000 bounty leading to the unmasking of the thief, or thieves, involved.
Open source software security vulnerabilities exist for over four years before detection
GitHub research suggests there is a need to reduce the time between bug detection and fixes.
Absa bank embroiled in data leak, rogue employee accused of theft
Personal information belonging to banking customers was compromised.
Ivanti announces double acquisition of MobileIron, Pulse Secure in zero-trust security push
Ivanti says the deals strengthen the company in the mobile zero-trust security space.
Malicious npm packages caught installing remote access trojans
JavaScript and Node.js developers who installed the jdb.js and db-json.js packages were infected with the njRAT malware.
FBI warns of email forwarding rules being abused in recent hacks
FBI: "The web-based client's forwarding rules often do not sync with the desktop client, limiting the rules' visibility to cyber security administrators."
Microsoft removes 18 malicious Edge extensions for injecting ads into web pages
Some extensions mimicked official apps while others copied popular Chrome extensions.
'Hacker_R_US' gets eight years in prison for bomb threats and DDoS extortion
'Hacker_R_US' was one of the two members of the Apophis Squad hacker group.
2020's worst cryptocurrency breaches, thefts, and exit scams
Cryptocurrency exchanges have felt the impact of everything from vulnerability exploit to social engineering scams over this year.
Italy Says Two Arrested for Defense Data Theft
Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.
The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...
The US Used the Patriot Act to Justify Logging Website Users
Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
Ransomware hits helicopter maker Kopter
Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
Ransomware gangs are now cold-calling victims if they restore from backups without paying
Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
Kmart, a vulnerable target, among those hit in Egregor ransomware attack spree
The fast-moving Egregor ransomware added Kmart to its list of retail targets, one day before the same attack group hit the Vancouver metro.
The fast-moving Egregor ransomware has already hit other recognizable companies, most notably Barnes and Noble. Egregor first...
