In early 2014, Anthem was a victim of an attack that exposed 80 million patient records. The breach, which came to light in February 2015, is believed to be the work of a well- resourced cyberespionage group which Symantec calls Black Vine.
Anthem wasn’t Black Vine’s only target. Black Vine has been actively conducting its campaigns since 2012 and has been targeting several industries, including aerospace, energy, and healthcare. The group has access to zero-day exploits distributed through the Elderwood framework and has used these exploits as the same time that other advanced attack groups have, such as Hidden Lynx.
Black Vine typically conducts watering-hole attacks against websites that are relevant to its targets’ interests and uses zero-day exploits to compromise computers. If the exploits succeed, then they drop variants of Black Vine’s custom-developed malware: Hurix and Sakurel (both detected as Trojan.Sakurel), and Mivast (detected as Backdoor.Mivast). These threats open a back door on the compromised computers and allow the attackers to steal valuable information.
Based on our own analysis of the campaigns, along with support from open-source data, Symantec believes that some actors of Black Vine may be associated with an IT security organization based in Beijing called Topsec.
The hackers who stole data on tens of millions of U.S. insurance holders and government employees in recent months breached another big target at around the same time — United Airlines.
United, the world’s second-largest airline, detected an incursion into its computer systems in May or early June, said several people familiar with the probe. According to three of these people, investigators working with the carrier have linked the attack to a group of China-backed hackers they say are behind several other large heists — including the theft of security-clearance records from the U.S. Office of Personnel Management and medical data from health insurer Anthem Inc.
A group of suspected Russian hackers are using Twitter in a clever way to mask their data-stealing malware, according to computer security firm FireEye.
Hackers have long used social networking services for relaying commands to their malware. But FireEye says this group — which it calls APT 29 — has taken it to a new level that makes it very hard for companies to figure out if they’ve been hacked.
FireEye analysts found the malware, nicknamed Hammertoss, on one of its client’s networks earlier this year. APT 29 has taken several steps to try to mask its communication with Hammertoss to avoid detection, according to a new report.
Canadian government and law enforcement officials are scrambling to figure out how Anonymous got their hands on what the hacker collective calls cabinet-level secrets.
On Monday, individuals associated with (sic) released to the media the first in what they call a series of sensitive government documents.
They will continue to release documents until the RCMP officers who shot dead an Anonymous protester in Dawson’s Creek, B.C., are arrested, they said in a video.
Controversy surrounds the school district’s decision to monitor students’ and teachers’ social media posts.
Orange County Public Schools has started monitoring students’ and teachers’ social media posts with a new software program called “Snaptrends.” It allows the school district to search thousands of posts on sites like Twitter and Instagram to hunt for keywords that might indicate trouble. School officials said the goal is to flag potential dangers, including cyberbullying, suicide and crime.
“If they are sitting in a classroom and they are tweeting because they are mad at their teacher or their girlfriend for whatever reason, and there are some threatening words there, we need to be able to know if it is credible,” said Joie Cadle of the Orange County School Board.
I found my user details on already old, leaked account information list
I came across an old (>3 years) accounts information list which has been leaked to the web. The list included thousands (>10.000) of account details from a service or services. Apparently the event was a small-scale news item back in the days, so there’s not too much to do now, even if the one page I found would be removed from the web right now.