Dutch law enforcement intercepted the communications of Mexican drug suspected drug lord and former leader of the Sinaloa Cartel Joaquín Guzmán, also known as “El Chapo,” after his IT consultant turned informant. Between April 2011 and January 2012 U.S. authorities captured a total of 1,500 calls, many of which originated from El Chapo, after his…
A data breach of an third-party online payment system has compromised the personal information of Hanover County, Virginia, residents. In an official online notification, county officials have disclosed that an unauthorized party stole credit card information processed by the Click2Gov payment portal between Aug. 1, 2018 and Jan. 9, 2019. Exposed information includes customer names,…
The recently disclosed cyber attack on the Chilean interbank network Redbanc which took place in December 2018, may have been carried out by North Korea-linked advanced persistent threat (APT) group Lazarus. The attack involved PowerRatankba, a malware toolkit with ties to APT group represents the latest known example of Lazarus-affiliated tools being deployed within financially…
The National Security Agency (NSA) will demonstrate a free and open-source tool for reverse engineering malware with the hopes of improving security rather than undermining it. The agency is advertising the free tool, GHIDRA, as part of its presentation at The 2019 RSA Conference on March 5. “An interactive GUI capability enables reverse engineers to…
Several German politicians, journalists, and entertainers were targeted in a massive data breach that emerged on Twitter in the form of an advent calendar last month. Chancellor Angela Merkel, Greens leader Robert Habeck, TV satirist Jan Böhmermann, rapper Marteria, the rap group K.I.Z. and main parliamentary groups including the ruling center-right and center-left parties, as…
The FBI seized 15 internet domains associated with DDoS-for-hire services and announced criminal charges against three individuals charged with operating the platforms. On Dec. 19 the FBI seized the domains of 15 “booter” services, named as such because they result in “booting” or dropping the targeted sites from the internet, that allowed paying users to…
NASA yesterday alerted its employees of a possible compromise of NASA servers containing personally identifiable information. A Dec. 18 advisory posted to the SpaceRef website warns that one of the servers contained Social Security numbers and other sensitive information belonging to current and former NASA employees. More specifically, the breach affects NASA Civil Service employees who…
Hackers believed to be associated with Charming Kitty has ramped up their activities with a phishing campaign against American officials charged with enforcing economic sanctions imposed on Iran by President Trump. Citing research from Certfa, which discovered an open server listing Gmail and Yahoo email addresses in the hackers’ sights, AP said that the Iranian hacking group…
FBI counterintelligence division head E.W. “Bill” Priestap Wednesday said Chinese cyberespionage poses the “most severe” threat to American security at a Senate Judiciary Committee hearing on “Non-Traditional Espionage Against the United States.” Priestap said China’s Communist Party “dominates every facet of Chinese life,” from religion to freedom of expression and business and that “it is…
A global phishing campaign called Operation Sharpshooter was discovered using fake job recruitment documents to infect defense, government and critical infrastructure organizations with a malicious backdoor implant, presumably for cyber espionage purposes. The implant, nicknamed Rising Sun, was observed in least 87 impacted organizations over the course of October and November, McAfee Labs reported today…
