Hackers gained access to the Finnish Parliament's IT system in recent months in an incident that allowed them to access to some emails belonging to members of Parliament, the Finnish Central Criminal Police announced Monday. The perpetrators "have been able to obtain information either to benefit a foreign state or to harm Finland" in an apparent espionage operation, the chief inspector at the National Bureau of Investigation, Tero Muurman, said in a statement. Police did not identify any suspects. READ MORE...
Kawasaki Heavy Industries on Monday revealed that information from its overseas offices might have been stolen following a security breach that occurred earlier this year. Based in Japan, Kawasaki Heavy Industries is a multinational corporation best known for the manufacturing of motorcycles, heavy equipment, engines, ships, rolling stock, and aerospace and defense equipment. On June 11, 2020, the company discovered that unknown actors breached its network. READ MORE...
The US Treasury Department's Financial Crimes Enforcement Network (FinCEN) warned financial institutions of ransomware actively targeting vaccine research organizations. "FinCEN is aware of ransomware directly targeting vaccine research, and FinCEN asks financial institutions to stay alert to ransomware targeting vaccine delivery operations as well as the supply chains required to manufacture the vaccines," the US Treasury Department bureau warned [PDF]. READ MORE...
German cruise line AIDA Cruises is dealing with mysterious "IT restrictions" that have led to the cancellation of New Year's Eve cruises embarking this past weekend. Aida Cruises is a subsidiary of multinational cruise giant Carnival Corporation and predominantly caters to German-speaking passengers. In an email seen by BleepingComputer, Aida told passengers for the AIDAperla cruise ship that their trip was canceled due to IT restrictions affecting the companies' phone systems and email. READ MORE...
It's been almost a year since an international sting took down WeLeakInfo, a site that marketed stolen personal data, but its alleged customers are still drawing the attention of law enforcement. The U.K.'s National Crime Agency says that 21 people have been arrested across the country recently for using data purchased on WeLeakInfo for criminal activity, including hacking and fraud. "Of those 21 arrested - all men aged between 18-38 - nine were detained on suspicion of Computer Misuse Act offences. READ MORE...
A piece of malware named by researchers Supernova and a zero-day vulnerability exploited to deliver this malware indicate that SolarWinds may have been targeted by a second, unrelated threat actor. When FireEye disclosed details of the attack on SolarWinds in early December, in addition to the Sunburst backdoor, it mentioned a piece of malware named Supernova. However, further analysis has led researchers to believe that Supernova is not related to Sunburst. READ MORE...
If you think you've heard this one before, to quote Bachman-Turner Overdrive, "you ain't heard nothing yet." As companies move full speed ahead on cloud migration, we'll start to understand how little we really know about securing complex cloud deployments. From network configurations to user authorization, each cloud security control has its own best practice (or set of them). And just as in "olden times," mistakes, errors, and technology flaws can introduce vulnerabilities into the environment. READ MORE...
Home appliances giant Whirlpool suffered a ransomware attack by the Nefilim ransomware gang who stole data before encrypting devices. Whirlpool is one of the world's largest home application makers with appliances under its name and KitchenAid, Maytag, Brastemp, Consul, Hotpoint, Indesit, and Bauknecht. Whirlpool employs 77,000 people at 59 manufacturing & technology research centers worldwide and generated approximately $20 billion in revenue for 2019. READ MORE...