Saturday, December 5, 2020

Hackers are targeting the COVID-19 vaccine supply chain, IBM finds - The Verge

A global phishing campaign has been targeting organizations associated with the distribution of COVID-19 vaccines since September 2020, IBM security researchers say.

In a blog post , analysts Claire Zaboeva and Melissa Frydrych of IBM X-Force IRIS announced that the phishing campaign spans six regions: Germany, Italy, South Korea, Czech Republic, greater Europe, and Taiwan.

The campaign appears to be focused on the "cold chain," the segment of the vaccine supply chain that keeps doses cold during their storage and transportation. Some vaccines need to stay at extremely low temperatures in order to remain potent. Pfizer, for example, recommends that their COVID-19 vaccine be stored at negative 70 degrees Celsius ( colder than winter in Antarctica ).

Publisher: The Verge
Date: 2020-12-03T18:53:20-05:00
Author: Monica Chin
Twitter: @verge
Reference: (Read more) Visit Source



And here's another article:

North Korean Hackers Are Said to Have Targeted Companies Working on Covid-19 Vaccines - WSJ

SEOUL—North Korean hackers have targeted at least six pharmaceutical companies in the U.S., the U.K. and South Korea working on Covid-19 treatments, according to people familiar with the matter, as the regime seeks sensitive information it could sell or weaponize.

North Korea had also tried infiltrating U.K.-based AstraZeneca PLC, whose vaccine co-developed with the University of Oxford, has been shown to be as much as 90% effective and is seeking emergency approval, the people said. On Friday, Reuters reported that suspected North Korean hackers had tried to break into the systems of AstraZeneca, citing unnamed sources.

Publisher: WSJ
Date: 2020-12-02T09:17:00.000Z
Author: Andrew Jeong
Twitter: @WSJ
Reference: (Read more) Visit Source



Subscribe to read | Financial Times
logo
Twitter: @FinancialTimes
Reference: (Read more) Visit Source



Hackers Are Targeting US Think Tanks - Infosecurity Magazine

Think tanks in the United States have been cautioned that they are being actively targeted by advanced persistent threat (APT) actors.

The  warning  was issued yesterday by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI).

CISA and the FBI advised America's think tanks to develop network defense procedures after observing APT actors performing "persistent continued cyber intrusions."

Publisher: Infosecurity Magazine
Date: 2020-12-02T15:58:00
Author: Sarah Coble
Twitter: @InfosecurityMag
Reference: (Read more) Visit Source



Quite a lot has been going on:

Meet the hackers who earn millions for saving the web, one bug at a time | ZDNet

One of her friends had signed her up for an event in London, where hackers aim to find the vulnerabilities in a particular piece of software.

Without any experience of cybersecurity, beyond being a programmer and developer, she found one bug - and then another. "To be fair, I thought it was a fluke," she says. But since then she's found 30 more security bugs.

* * *

"You feel like a detective, going in rooting around and saying, 'That looks interesting', and having a stream of clues," she says. "And, when you get all the pieces neatly together, and it works and there's a bug there – it's the most thrilling experience ever."

logo
Publisher: ZDNet
Author: Steve Ranger
Twitter: @ZDNet
Reference: (Read more) Visit Source



Account Hijacking Site OGUsers Hacked, Again — Krebs on Security

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked.

An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange for payment.

But unlike in previous breaches at OGUsers, the perpetrators of this latest incident have not yet released the forum database. In the meantime, someone has been taunting forum members, saying they can have their profiles and private messages removed from an impending database leak by paying between $50 and $100.

Twitter: @briankrebs
Reference: (Read more) Visit Source



'Hacker collective' member sentenced to nearly 8 years

A North Carolina man who was part of a "hacker collective" and involved in threats to dozens of school districts and other crimes was sentenced to nearly eight years in prison Monday, officials said .

Timothy Dalton Vaughn, 22, was a member of "Apophis Squad," which prosecutors described as a group of computer hackers and swatters, and went by online names that included "WantedbyFeds."

He and others sent threats to more than 80 school districts; Vaughn helped report a fake hijacking of a London-to-San Francisco plane; he also tried to extort around $20,000 in the cryptocurrency bitcoin from a California business and when he was refused he made the company's website inaccessible, federal prosecutors said.

Publisher: NBC News
Date: Tue Dec 01 2020 02:02:00 GMT 0000 UTC
Twitter: @NBCNews
Reference: (Read more) Visit Source



This incredible exploit could have let hackers remotely own iPhones without even touching them -

While Beer says he has "no evidence that these issues were exploited in the wild" and admits it took him six whole months to sniff out, verify and demonstrate this exploit — and while it's been patched as of May — he suggests we shouldn't take the existence of such a hack lightly:

Instead, it should be: one person, working alone in their bedroom, was able to build a capability which would allow them to seriously compromise iPhone users they'd come into close contact with.

Publisher: The Verge
Date: 2020-12-01T20:03:42-05:00
Author: Sean Hollister
Twitter: @verge
Reference: (Read more) Visit Source



Happening on Twitter

No comments:

Post a Comment