Cyber Security News

The latest news covering cyber security, network security, cyber threat and data breaches.

- A group of Iranian hackers have been attacking the  the US private and government sector, according to a security alert sent by the FBI last week. ZDNet reports that the Private Industry Notification didn't identify the hackers by name, sources have told  ZDNet  that the group is tracked by the larger cybersecurity community under codenames such as Fox Kitten or Parisite. The group, says ZDNet , "operates by attacking high-end and expensive network equipment using exploits for recently disclosed vulnerabilities, before companies had enough time to patch devices. Due to the nature ... [Read More]

- British cybersecurity company Sophos offers insights into five indicators of ransomware that organizations can use to determine if a cyberattack is imminent. Ransomware can be difficult to detect, but there often are warning signs associated with ransomware attacks, according to British cybersecurity company Sophos . Sophos stated the following signs indicate that a ransomware attack may be imminent : 1. Network Scanner: Cybercriminals often start a ransomware attack by accessing one machine where they learn about an organization’s network and the information they can access, Sophos ... [Read More]

- Threat Alert! Attackers Use Malicious Email Accounts to Launch BEC Attacks Researchers at Barracuda, a provider of cloud-enabled security solutions, has warned users about threat actors who create accounts with legitimate email services and use them to launch business email compromise (BEC) attacks. The researchers identified 6,170 malicious accounts that use Gmail, AOL, and other email service providers and were responsible for more than 100,000 BEC attacks on nearly 6,600 organizations since the beginning of 2020. The number of organizations attacked by a malicious email account ranged from ... [Read More]

- What types of cyberattacks were carried out this week, August 10, 2020? Read on to find out about the latest cyberattacks and who got hacked this week. Each week, TechDecisions brings you the latest cyber security news on cyberattacks and who got hacked from around the internet. Cyber security is becoming a main issue for many companies, and our weekly feature is a good example of why. Every week there are multiple stories of people, businesses, and products being hacked for fun, for money, and sometimes for evil. Luckily for you, knowing the enemy is half the battle. In order to prevent ... [Read More]

- Researchers observed an increase in business email compromise phishing campaigns able to bypass MFA, while Trend Micro found an uptick in BEC scams targeting executive Office 365 accounts. August 10, 2020 - Entitie s should be on the alert for an increase in two business email compromise campaigns.  One report found  an increase in BEC phi shing campaigns targeting the Microsoft Office 365 accounts of  executives, while the other reported a spike in phishing campaigns bypassing multi-factor authentication and conditional access.   The first   from Trend Micro sheds light on a phishing ... [Read More]

- A campaign targeting Office 365 customers used a compromised internal email for phishing messages, giving much more credence to an email that people would otherwise dismiss immediately. Phishing emails are a fact of life. Most are caught by corporate security nets and even by commonly used email services. They are also easier to spot, especially if the recipient pays attention to the sender’s real address. Unfortunately, spotting a phishing email becomes much more difficult when it originates from an internal email address. It looks credible and bypasses security measures. Even trained ... [Read More]

- A group of elite hackers associated with the Iranian government has been detected attacking the US private and government sector, according to a security alert sent by the FBI last week. While the alert, called a Private Industry Notification, didn't identify the hackers by name, sources have told  ZDNet  that the group is tracked by the larger cyber-security community under codenames such as  Fox Kitten  or  Parisite . Iran's cyber operations "spear tip" A former government cyber-security analyst, now working for a private security firm, called the group as Iran's "spear tip" when it ... [Read More]


- Postmortem Remains Pending, But Social Engineering and Credential Stuffing Likely ) •     More that 70 subreddits, including this one, were defaced on Friday with messages in support of President Donald Trump. Reddit had a very "make America Great again" weekend. On the social news aggregation service, which hosts numerous discussion forums, more than 70 specific online communities - known as subreddits - were temporarily hijacked and used to post messages in support of U.S. President Donald Trump over the weekend. While Reddit has yet to publish a full postmortem on the incident, it says ... [Read More]

- A recently uncovered business email compromise scam has targeted the Office 365 accounts of business executives at over 1,000 companies worldwide, collecting more than 800 sets of credentials in an attempt to commit payment fraud, according to the security firm The group behind the campaign, which Trend Micro researchers call "Water Nue," is not technically sophisticated, but the fraudsters appear extremely proficient. Since March, the gang apparently has targeted companies worldwide with spear-phishing attacks, according to the Trend Micro report. The goal of this scam is to capture the ... [Read More]

- Depending on whose version of the story is correct, a 20 GB data leak affecting Intel presents an important lesson on either the perils of default credentials and insecure server misconfigurations, or the risks of sharing proprietary secrets with third-party business partners and customers. Software engineer Tillie Kottmann, whose Twitter account looks to have been suspended , last week tweeted that an anonymous hacker shared with him a spate of internal Intel documents – the first of might be a series of leaks. Kottmann uploaded these confidential assets – including source code, product ... [Read More]

- At one point, the group ran almost a quarter of all Tor exit nodes. Group still controls 10% of all Tor exit nodes today. Since January 2020, a mysterious threat actor has been adding servers to the Tor network in order to perform SSL stripping attacks on users accessing cryptocurrency-related sites through the Tor Browser. The group has been so prodigious and persistent in their attacks, that by May 2020, they ran  a quarter of all Tor exit relays  — the servers through which user traffic leaves the Tor network and accesses the public internet. According to a  report  published on ... [Read More]


- This year has been a bumper year for ransomware and its operators. Ransomware gangs are demanding millions; if those millions are not paid in time, then data stolen before encryption is either released to the public or sold to the highest bidder. Big names in the cybercriminal underground have returned with an entirely new ransomware family—namely Evil Corp and its new creation WastedLocker . Not only is there a return to form for old hands, but new ransomware strains also seem to be bursting up like mushrooms after a spell of rain. NetWalker and Exorcist immediately come to mind. The ... [Read More]

- Reports based on an internal memo suggest an external security firm has been hired to investigate. Ransomware: Hackers strike and football club defences are exposed Watch Now A reported ransomware attack suffered by Canon appears to have been confirmed by an internal memo, with Maze threat actors taking the credit.  As reported by Bleeping Computer , a six-day outage beginning July 30 on the website, a service for uploading and storing photos through Canon's mobile applications, led to suspicions that a cyberattack may have taken place.  While now service has resumed, in the ... [Read More]


- Share this article on: The Freeport, IL-based healthcare system FHN is notifying certain patients that some of their protected health information has potentially been obtained by an unauthorized individual who gained access to the email accounts of several employees between February 12 and February 13, 2020. FHN announced on April 20, 2020 that the investigation had confirmed that a breach occurred, but it took time to determine the information that may have been viewed or obtained. It was not possible to determine whether patient information contained in the accounts was viewed or obtained, ... [Read More]

- The U.S.-based online food ordering and delivery platform UberEATS is the latest victim of a data breach. Security researchers from cybersecurity firm Cyble came across unknown hackers leaking personal records of UberEATS customers and employees on darknet forums. “During our research process, the Cyble Research Team got hold of some informative details related to this leak,” Cyble said in a release . What Information Was Exposed 9 TXT files leaked, which contained details of UberEATS delivery drivers, delivery partners, and customers. Around 579 UberEATS customers’ files and login ... [Read More]

- Earlier today, a Twitter user leaked 20GB worth of confidential Intel documents stored on a file-sharing service—documents that the Twitter user claims they received from an anonymous hacker. According to the leaker, the folder contains classified information under NDA, and the hacker who provided the documents to the leaker said they had obtained the files earlier this year. The files have not been posted publicly anywhere before; the hacker is supposedly prepared to release more Intel data. While Gizmodo does not know what specific information is in the folder, we were able to confirm ... [Read More]


- Canon Inc., a Japanese multinational corporation specialized in optical and imaging products, has allegedly fallen victim to a ransomware attack deployed by the infamous Maze group. According to BleepingComputer, which broke the story, Canon’s IT department sent out a company-wide notice informing workers that “Canon USA is experiencing wide spread system issues, affecting multiple applications, Teams, Email and other system may not be available at this time.” Multiple Canon-related websites are also down, including,,,, ... [Read More]

- Garmin reportedly paid cyber extortionists millions of dollars for access to a decryptor so that the company could restore its services to customers following a July 23 WastedLocker ransomware attack . Meanwhile, a separate ransomware outfit this week reportedly leaked sensitive data lifted from LG and Xerox’s internal networks after attempted negotiations with the two tech companies apparently did not bear any fruit. Which leads to the question: Who made out better in the short term and the long term, Garmin or LG and Xerox? Does it make more business sense to pay a high financial price ... [Read More]

- Outage Happened After Data Disappeared From Company's Cloud Platform Several Canon USA corporate websites remained offline Thursday after the company reportedly sustained a The website outage began Wednesday, two days after the imaging company issued a statement reporting that user data was missing from a Brett Callow, a threat analyst with the security firm Emsisoft, says the ransomware group Maze has claimed responsibility for the security incident. So far, however, Maze has not posted to its website any exfiltrated data or updates on the attack, he adds. Bleeping Computer reports Maze's ... [Read More]

- Just one week after Garmin recovered from a ransomware attack, data and systems belonging to Japanese tech firm Canon are reportedly now being held hostage. BleepingComputer reports that 10TB of company data has been stolen as Canon suffers widespread ongoing system outages. USA website currently says it’s down for maintenance although its global and Japanese websites seems unaffected. An internal email from Canon IT reportedly said that the company is experiencing “wide spread system issues affecting multiple applications, Teams, Email, and other systems may not be available at this ... [Read More]