Recent Posts

Pages: [1] 2 3 ... 10
1
BY: uly 20, 2018  By Pierluigi Paganini

The largest healthcare group in Singapore, SingHealth, has suffered a massive data breach that exposed personal information of 1.5 million patients who visited the clinics of the company between May 2015 and July 2018. Stolen records include patient’s name, address, gender, race, date of birth, and National Registration Identity Card (NRIC) numbers.

SingHealth has 42 clinical specialties, a network of 2 Hospitals, 5 National Specialty Centres, 9 Polyclinics, and Bright Vision Community Hospital.

full article here:https://securityaffairs.co/wordpress/74614/data-breach/singhealth-data-breach.html
2
BY: July 20, 2018  By Pierluigi Paganini
Microsoft revealed that Russian cyberspies attempted to hack at least three 2018 midterm election candidates and it has helped the US government to repeal their attacks.

A Microsoft executive speaking at the Aspen Security Forum revealed the hacking attempts against at least three unnamed congressional candidates, all the attacks were detected this year,

Quote
The company executive only added that the three candidates were “people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint.”

full article here:https://securityaffairs.co/wordpress/74582/cyber-warfare-2/microsoft-russia-attacks.html
3

By Ionut Arghire on July 20, 2018

A cybercriminal group referred to as MoneyTaker recently managed to steal nearly $1 million from PIR Bank (Russia), according to cybercrime research firm Group-IB.

The theft was performed on July 3 through the Russian Central Bank’s Automated Workstation Client, an interbank system similar to SWIFT. The hackers managed to transfer the funds to 17 accounts at major Russian banks and then cashed them out.

After the incident, the cybercriminals also attempted to maintain persistence in the bank’s network, but were detected. While PIR staff was able to delay the withdrawal of some of the funds, it appears that most of what was stolen has been lost, namely around $920,000 (which is a conservative estimate, according to Group-IB).

full article here:https://www.securityweek.com/moneytaker-hackers-stole-1-million-russian-bank
4
BY: Tara Seals
July 20, 2018



An uncharacteristic spate of strikes against IoT devices in Finland during the summit was likely an indicator of a coordinated cyberespionage effort, researchers said.

Cyberattackers, unsurprisingly, appear to be interested in Donald Trump as an intelligence target – as evidenced by an uncharacteristic spate of strikes against IoT devices in Finland during the American president’s summit there with Russia’s Vladimir Putin.

According to researchers, the uptick was likely an indicator of a coordinated cyberespionage effort emanating from Chinese actors, bent on gathering intelligence about what was said in the meetings between the two leaders and their staffs. Hackers attacked a protocol used for IoT devices that could be turned on to listen in on private meetings, and as many of these devices still use factory settings (which often include usernames that are the name of the manufacturer or software provider), this can be an effective way to gain control over poorly secured access points.

full article here:https://threatpost.com/chinese-hackers-mount-espionage-campaign-during-trump-putin-summit/134225/
5
BY: Tom Spring
July 20, 2018




Dasan and D-Link routers running GPON firmware are being targeted by hackers in an attempt to create a botnet.

Unpatched D-Link and Dasan GPON router vulnerabilities are being targeted by hackers attempting to build a botnet army, according to research published Friday by eSentire Threat Intelligence.

Researcher observed on Thursday a massive uptick in exploit attempts from over 3,000 different source IPs targeting model D-Link 2750B and Dasan GPON routers running a version of the GPON firmware.

full article here:https://threatpost.com/d-link-dasan-routers-under-attack-in-yet-another-assault/134255/
6
BY: Tara Seals
July 20, 2018



Hundreds of thousands of emails are delivering weaponized PDFs containing malicious SettingContent-ms files.

A widespread spam campaign from the well-known financial criminal group TA505 is spreading the FlawedAmmyy RAT using a brand-new vector: Weaponized PDFs containing malicious SettingContent-ms files.

The SettingContent-ms file format was introduced in Windows 10; it allows a user to create “shortcuts” to various Windows 10 setting pages.

full article here:https://threatpost.com/massive-malspam-campaign-finds-a-new-vector-for-flawedammyy-rat/134262/
7
By Catalin Cimpanu

For the past year, Android malware authors have been increasingly relying on a solid trick for bypassing Google's security scans and sneaking malicious apps into the official Play Store.

The trick relies on the use of a technique that's quite common in desktop-based malware, but which in the last year is also becoming popular on the Android market.

The technique involves the usage of "droppers," a term denoting a dual or multiple-stage infection process in which the first stage malware is often a simplistic threat with limited capabilities, and its main role is to gain a foothold on a device in order to download more potent threats.

full article here:https://www.bleepingcomputer.com/news/security/droppers-is-how-android-malware-keeps-sneaking-into-the-play-store/
8
By Catalin Cimpanu

Singapore's Ministry of Health (MOH) revealed today that a hacker had breached its IT systems and stolen personal and health-related data on roughly 1.5 million citizens.

MOH officials said this was not the work of casual hackers or criminal gangs but a deliberate and well-planned attack that sought to gather health information on the country's prime minister.

"The attackers specifically and repeatedly targeted Prime Minister Lee Hsien Loong’s personal particulars and information on his outpatient dispensed medicines," the MOH said in a statement.

full article here:https://www.bleepingcomputer.com/news/security/hackers-stole-a-third-of-singapores-healthcare-data-including-prime-ministers/
9
By Catalin Cimpanu

Armis, the cyber-security firm that discovered the BlueBorne vulnerabilities in the Bluetooth protocol, warns that nearly half a billion of today's "smart" devices are vulnerable to a decade-old attack known as DNS rebinding.

Spurred by recent reports regarding DNS rebinding flaws in Blizzard apps, uTorrent, and Google Home, Roku TV, and Sonos devices, the company has recently analyzed the impact this type of attack has on Internet-of-Things-type of devices.

full article here:https://www.bleepingcomputer.com/news/security/half-a-billion-iot-devices-vulnerable-to-dns-rebinding-attacks/
10
By Catalin Cimpanu

Security researchers have discovered a precursor of the notorious Proton macOS malware. This supposed precursor appears to have been developed back in 2016, a year before Proton, and uploaded on VirusTotal, where it remained undetected for nearly two years until May 2018, when Kaspersky researchers stumbled upon it.

Researchers who analyzed the malware used the term "raw" to describe its code and capabilities.

It was clear in their analysis that the malware was still under development and did not have the same capabilities as the Proton remote access trojan.

full article here:https://www.bleepingcomputer.com/news/security/researchers-discover-calisto-a-precursor-to-dangerous-proton-macos-malware/
Pages: [1] 2 3 ... 10