The European Union has sanctioned six people and three organizations in Russia, China and North Korea in connection with three major cyberattacks dating back to 2017. EU officials announced Thursday they would enact restrictive measures against the people it deemed responsible for the WannaCry ransomware outbreak in 2017, the NotPetya campaign and Operation Cloud Hopper, a Chinese cyber-espionage effort. READ MORE...
The hackers behind this month's epic Twitter breach targeted a small number of employees through a "phone spear phishing attack," the social media site said on Thursday night. When the pilfered employee credentials failed to give access to account support tools, the hackers targeted additional workers who had the permissions needed to access the tools. "This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems," Twitter officials wrote in a post. READ MORE...
Alcohol delivery startup Drizly has suffered a major breach of customer data, with nearly 2.5 million accounts compromised in an incident discovered earlier this month. The firm - which describes itself as the world's largest marketplace for beers, wines and spirits - partners with retail stores in over 100 North American cities. It has been emailing customers to warn them of a recent incident in which personally identifiable information (PII) but no financial data was compromised. READ MORE...
Crypto-wallet firm Ledger has revealed a major security breach of its e-commerce and marketing database, resulting in the compromise of one million customer email addresses and the personal details of thousands. Aside from the email addresses, which could be used in follow-on phishing attacks spoofing the brand, the hacker made off with the personally identifiable information (PII) of 9500 customers, including first and last name, postal address, phone number and ordered products. READ MORE...
Over the past few years, online disinformation has taken evolutionary leaps forward, with the Internet Research Agency pumping out artificial outrage on social media and hackers leaking documents-both real and fabricated-to suit their narrative. More recently, Eastern Europe has faced a broad campaign that takes fake news ops to yet another level: hacking legitimate news sites to plant fake stories, then hurriedly amplifying them on social media before they're taken down. READ MORE...
Cisco has issued a number of critical security advisories for its data center manager and SD-WAN offering customers should deal with now. On the data center side, the most critical - with a threat score of 9.8 out of 10 - involves a vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could let an unauthenticated, remote attacker bypass authentication and execute arbitrary actions with administrative privileges on an affected device. READ MORE...
TrickBot's Anchor malware platform has been ported to infect Linux devices and compromise further high-impact and high-value targets using covert channels. TrickBot is a multi-purpose Windows malware platform that uses different modules to perform various malicious activities, including information stealing, password stealing, Windows domain infiltration, and malware delivery. READ MORE...
Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards. READ MORE...
A fresh Linux backdoor called Doki is infesting Docker servers in the cloud, researchers warn, employing a brand-new technique: Using a blockchain wallet for generating command-and-control (C2) domain names. Doki however is meant to provide a persistent capability for code-execution on an infected host, setting the scene for any number of malware-based attacks, from denial-of-service/sabotage to information exfiltration to ransomware, according to Intezer. READ MORE...
Yesterday, Ars spoke with IBM Senior Research Scientist Flavio Bergamaschi about the company's recent successful field trials of Fully Homomorphic Encryption. We suspect many of you will have the same questions that we did-beginning with "what is Fully Homomorphic Encryption?" FHE is a type of encryption that allows direct mathematical operations on the encrypted data. Upon decryption, the results will be correct. For example, you might encrypt 2, 3, and 7 and send the three encrypted values to a third party. READ MORE...