Hackers steal data for 15 million patients, then sell it back to lab that lost it
Canada’s biggest provider of specialty laboratory testing services said it paid hackers an undisclosed amount for the return of personal data they stole belonging to as many as 15 million customers. Toronto, Ontario-based LifeLabs Notified Canadian authorities of the attack on November 1. The company said a cyberattack struck computer systems that stored data for about 15 million customers. The stolen information included names, addresses, email addresses, customer logins and passwords, health card numbers, and lab tests.
Epilepsy Foundation Bombarded with Seizure-Triggering Twitter Posts
The Epilepsy Foundation on Monday filed a criminal complaint against a number of undisclosed Twitter users after they bombarded its Twitter feed in November with a barrage of posts of flashing or strobing lights — exposing its thousands of followers to potential seizure-triggering images. The foundation is fighting back against a new type of social media attack involving a cyber-based physical assault on Twitter.
Lazarus Hackers Target Linux, Windows With New Dacls Malware
A new Remote Access Trojan (RAT) malware dubbed Dacls and connected to the Lazarus Group has been spotted by researchers while being used to target both Windows and Linux devices. The RAT is used by North Korea's state-backed Lazarus Group as security researchers at Qihoo 360 Netlab who discovered it speculate in their report.
This China-linked espionage group keeps trying to hack the Cambodian government
There is no shortage of malware that government-backed hackers can get from the public domain, saving them the trouble of developing their own code. But to meet their intelligence-gathering needs, plenty of groups still roll up their sleeves and build their own kits. A Chinese espionage outfit known as Rancor has been particularly active on that front.
Alexa, Google Home Eavesdropping Hack Not Yet Fixed
Months after researchers disclosed a new way to exploit Alexa and Google Home smart speakers to spy on users, those same researchers now warn that Amazon and Google have yet to create effective ways to prevent the eavesdropping hack. The researchers who in October disclosed the “Smart Spies” hack, which enables eavesdropping, voice-phishing, or using people’s voice cues to determine passwords, told Threatpost this week that little has been done to prevent the hacks from being launched.
