Chinese hackers used a Windows-hacking tool created by the Equation Group, a security industry name for the highly sophisticated hackers widely understood to be a part of the NSA. The Chinese hackers then used that tool, which Check Point has named "Jian" or "double-edged sword," from 2015 until March 2017, when Microsoft patched the vulnerability it attacked. Only in early 2017 did Lockheed Martin discover China's use of the hacking technique, which Lockheed Martin has largely US customers, speculates that it may have been used against American entities.
Read MoreCybersecurity firm Kela released screenshots of a post on the hacking forum Exploit that were allegedly posted by the attackers. Kela added that they ended the auction at the request of the buyer. Cybersecurity Twitter account vx-underground subsequently confirmed that the auction had closed. The auction was thought to have included source code for Thronebreaker: The Witcher Tales spinoff, The Witcher 3, a ray-traced version of Cyberpunk 2077, and copies of company's internal documents. CDPR disclosed it had been the victim of a ransomware attack in which hackers collected "certain data" from the company.
Read MoreRansomware is a type of malicious software that is used to infect computer systems, which are then held for ransom. The Justice Department also helped seize computers related to a custom ransomware known as NetWalker. In recent months NetWalker was used to extort victims from Lorien Health Systems, a Maryland assisted-living facility for seniors; Crozer-Keystone Health System, a chain of four hospitals in Pennsylvania, Delaware, and New Jersey; and the University of California, San Francisco. The charges indicate how much of an uphill battle the U.S. faces in combating hackers.
Read MoreBrave browser, which emphasizes privacy and security, has been leaking data for months, according to security researchers. On Friday, Reddit user " py4YQFdYkKhBK690mZql" posted on a forum that Brave's Tor mode, introduced in 2018, was sending requests for .onion domains to DNS resolvers, rather than private Tor nodes. This means that the.onion sites people searched for, with the understanding those searches would be private, were not. In fact, they could be observed by centralized internet service providers (ISPs).
Read MoreA threat group has been emailing victims with threats to carry out distributed denial of service (DDoS) attacks unless they pay hefty ransom fees in the Monero (XMR) cryptocurrency. The threats received by Australian organizations over the past week are part of a global extortion campaign that began in October 2019. The Australian Signals Directorate's Australian Cyber Security Centre has sent out a security threat advice today about this ongoing campaign. The ACSC said that based on current evidence, the attackers have not followed through on any of their threats.
Read MoreA hacker gained remote access to a Florida city's water treatment plant in an attempt to contaminate the city's supply of water with a harmful chemical, authorities say. The amount of sodium hydroxide in the water supply briefly increased from about 100 parts per million to 11,100. The FBI and Secret Service have joined the Pinellas County Sheriff's Office in onsite response to the attack. Officials say the hacker likely exploited cybersecurity weaknesses, including poor password security and an outdated computer operating system.
Read More