#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

data stolen | Breaking Cybersecurity News | The Hacker News

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

COVID-Themed Lures Target SCADA Sectors With Data Stealing Malware

Apr 20, 2020
A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans (RAT) capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word documents as droppers to deploy a previously unknown Python-based RAT dubbed "PoetRAT" due to various references to sonnets by English playwright William Shakespeare. "The RAT has all the standard features of this kind of malware, providing full control of the compromised system to the operation," said Cisco Talos in an analysis published last week. According to the researchers, the malware specifically targets supervisory control and data acquisition (SCADA) systems in the energy industry, such as wind turbine systems, whose identities are currently not known. The development is the latest in a surge in cyberattacks exploiting the ongoing coronavirus pandemi
Edward Snowden obtained classified NSA documents by stealing Coworker’s Password

Edward Snowden obtained classified NSA documents by stealing Coworker's Password

Feb 13, 2014
We are quite aware of the leaks that the Whistleblower Edward Snowden carried out against the US National Security Agency (NSA) and after reading every related update, watching every document that he provided to various news websites, you all are left with a question in mind that,  How he could carry out this whole operation without any helping hand? Yes, you are right! The former NSA contractor Edward Snowden allegedly managed to access thousands of the classified documents by stealing one of his coworker's passwords, according to an unclassified NSA memorandum obtained by the NBC News . Three Members, one NSA's civilian employee, an active duty member of the U.S. Military and a contractor were found involved in the actions that may have aided Snowden's operation; from which NSA 's civilian employee has been stripped of his security clearance and has resigned. Other two has been obstructed from accessing National Security Agency (NSA) facilities, th
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
26 Million Veterans data breached by eight state sponsored organizations

26 Million Veterans data breached by eight state sponsored organizations

Jun 05, 2013
Since 2010, foreign state sponsored organizations have repeatedly compromised an unencrypted database maintained by the Veterans Affairs Department that contains personally identifiable information on roughly 26 million veterans. Including at least eight foreign-sponsored organizations, mostly connected to the Chinese military had successfully compromised VA networks and data.  Other than this, possibly Russia were identified as likely culprits in the attempts to steal VA data. Details regarding exactly what information has been compromised are sparse, but unencrypted data included names, dates of birth and Social Security numbers of veterans that could be used to commit credit and identity fraud. Lack of basic security controls, such as encryption of data, make VA an easy target. The 2006 breach was caused by the theft of a VA employee's laptop, which contained personal information on about 26 million veterans and military personnel. From another report, The Marc
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Chinese Hackers Steal Info from top secret U.S military data

Chinese Hackers Steal Info from top secret U.S military data

May 03, 2013
QinetiQ , a UK-based defense contractor  suffers humiliation as intelligence officials confirmed that China was able to steal the U.S. classified documents and pertinent technological information all this because of QinetiQ's faulty decision-making. QinetiQ North America (QQ) a world leading defense technology and security company providing satellites, drones and software services to the U.S. Special Forces deployed in Afghanistan and Middle East. The hacking was so extensive that external consultants ended up more or less working permanently inside the firm to root out malicious software and compromises on an ongoing basis. In one of the attacks, that took place in 2009, the hackers raided at least 151 machines of the firm's Technology Solutions Group (TSG) over a 251-day period, stealing 20 gigabytes of data before being blocked.  As the White House moves to confront China over its theft of U.S. technology through hacking, policy makers are faced with the questi
Hacker charged for funding terrorist groups

Hacker charged for funding terrorist groups

Feb 07, 2013
A hacker 'Cahya Fitrianta' sentenced to eight years in prison by the West Jakarta District Court judges for hacking into many economic websites to steal money and funding that money to terrorist groups. He is also ordered to pay a Rp 500 million ($51,000) fine. He is charged with breaking into many sites, for running online fraud of billions of dollars and fund that money to terrorist training in Poso, Central Sulawesi. Cahya was arrested in May last year in a Bandung hotel. The defendant, along with another man, Rizki Gunawan. Police in May arrested Rizki, accusing him of hacking a marketing firm's website to steal money in order to fund militant training. They both accused of channeling money to terrorism suspect Umar Patek , who was sentenced this year to 20 years for his role in the 2002 Bali bombing. " Aside from engaging in a vicious conspiracy, the defendant was also found guilty of laundering money, which he obtained from hacking the www.speedline.co
Dutch Hacker Sentenced for selling 100,000 credit cards

Dutch Hacker Sentenced for selling 100,000 credit cards

Feb 04, 2013
A Dutch hacker was sentenced to 12 years in a US prison on Friday for trafficking over 100,000 credit card numbers stolen in a computer hacking conspiracy. David Benjamin Schrooten , 22,  known as "Fortezza" in the hacker world, pleaded guilty in November to criminal charges related to hacking, bank fraud, and identity theft, according to Western District of Washington US Attorney Jenny Durkan. At sentencing U.S. District Judge Ricardo S. Martinez asked him, " I don't think you would ever consider walking into someone's home, pulling out a gun and robbing them… Did it ever occur to you that you were doing that to all your victims? " Investigators estimate that tens of thousands of people were affected. The damage amounted to more than 63 million dollars. He is Sentenced to 12 years in prison for a computer hacking and credit card fraud scheme that victimized people around the world. A California man is set to go on trial by the middle of the year for his purported rol
Anonymous leaks personal information of 5000 Israeli officials

Anonymous leaks personal information of 5000 Israeli officials

Nov 19, 2012
Internet hacktivist group Anonymous has declared cyberwar on Israel, posting personal data of five thousand Israeli officials online. " It has come to our attention that the Israeli government has ignored repeated warnings about the abuse of human rights, shutting down the internet in Israel and mistreating its own citizens and those of its neighboring countries ," the hackers wrote in a statement. The document contains names, email addresses and ID numbers apparently belonging to Israeli officials. The group also said " Israeli Gov. this is/will turn into a cyberwar. " Earlier, the group hacked over 700 hundred Israeli websites, including the Bank of Jerusalem, the Israeli Defence Ministry, the IDF blog, the President's official website and many others. The Israel's finance minister has acknowledged the recent wave of attacks, saying the government is now waging a war on a "second front."
Chinese hackers target Coca-Cola and Files of Chinese Huiyuan acquisition stolen

Chinese hackers target Coca-Cola and Files of Chinese Huiyuan acquisition stolen

Nov 05, 2012
According to the report from Bloomberg, In 2009, the FBI told Coca-Cola executives that hackers had broken into their computer systems, when a malicious link was emailed to a senior executive, but never revealed the incident. Hackers were able to spend a month operating undetected, logging commercially sensitive information. " Hackers had broken into the company's computer systems and were pilfering sensitive files about its attempted $2.4 billion acquisition of China Huiyuan Juice Group (1886), according to three people familiar with the situation and an internal company document detailing the cyber intrusion. " Bloomberg said . Coca-Cola, the world's largest soft-drink maker, has never publicly disclosed the loss of the Huiyuan information, despite its potential effect on the deal. Although the report claimed state-sponsored actors were involved, experts interviewed by the news wire said the attack had all the hallmarks of Comment a prolific Chinese hacking group. Recent
Cybersecurity Resources