Hackers try to penetrate the vital ‘cold chain’ for coronavirus vaccines, security team reports

The hackers took measures to hide their tracks, and the cyber-sleuths did not name which state might be behind the campaign.

The IBM team said it was not known why the hackers were trying to penetrate the systems. It suggested that the intruders might want to steal information, glean details about technology or contracts, create confusion and distrust, or disrupt the vaccine supply chains.

The hackers probably sought “advanced insight into the purchase and movement of a vaccine that can impact life and the global economy,” the IBM team said.

Because there was “no clear path to a cash-out” as there is in a ransomware attack, there was an increased likelihood of a state actor’s being involved, IBM said. However, the IBM investigators cautioned, it was still possible that criminals could be looking for ways to illegally obtain “a hot black-market commodity” such as an initially scarce vaccine.

The new

Read More

Hackers targeting supply chain that keeps coronavirus vaccines cold, experts warn

Hackers backed by foreign governments are targeting companies involved in the shipping and storing the coronavirus vaccine at a low enough temperature to keep it from spoiling, IBM said in research released Thursday.

The announcement is the latest in a series of cybersecurity research reports that point to foreign governments employing hackers to break into the networks of groups working to rush out a vaccine, and comes as the U.S. prepares to ship refrigerated boxes of vaccines across the country this month.

While not every potential vaccine requires the same refrigeration, the one developed by Pfizer-BioNTech, which was approved Wednesday in the U.K. and may soon become the first coronavirus vaccine approved for distribution in the U.S., has to be shipped in special boxes of dry ice that must be opened quickly before use. The White House has claimed that as many as 20 million doses of the vaccine could

Read More

Hackers Are Targeting the Covid-19 Vaccine ‘Cold Chain’

Since the Covid-19 pandemic began, hackers and scammers have focused extraordinary attention on it, whether for espionage or for grift. Now, as pharmaceutical companies prepare to ship long-awaited vaccines, a new round of sophisticated phishing attacks is focused on the complex supply chain that will get them to people in need.

Two of the leading Covid-19 vaccine candidates, by Pfizer and Moderna, have been submitted to the FDA for emergency authorization; the agency is scheduled to evaluate Pfizer’s application on December 10, and Moderna’s one week later. UK regulators approved Pfizer’s vaccine on Wednesday. Which means that the next challenge for both vaccines is transporting them. They must be kept at frigid temperatures—minus 4 degrees Fahrenheit for Moderna, and 94 degrees below for Pfizer—requiring a network of specialists known as the “cold chain.” Today, security researchers at IBM are releasing findings that a campaign has for months targeted a significant

Read More

iOS Wi-Fi Exploit Could Have Let Hackers Remotely Access Nearby iPhones

Earlier this year, Apple patched an iOS vulnerability that potentially could have allowed hackers to remotely access nearby iPhones and gain control of their entire device.

awdl ios hack beer


Devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research team, the exploit used a vulnerability in Apple Wireless Direct Link (AWDL), Apple’s proprietary mesh networking protocol that enables things like AirDrop and Sidecar to work.

Beer revealed the stunning exploit on Tuesday in a 30,000-word blog post, which shows in detail how a memory corruption bug in AWDL could give attackers remote access to a user’s personal data, including emails, photos, messages, and passwords and crypto keys stored in the keychain.

The vulnerability was discovered by Beer in a 2018 iOS beta that Apple accidentally shipped without stripping function name symbols from the kernelcache, offering a wealth of missing context about how bits of code fit together.

After lengthy investigative work,

Read More

Hackers are targeting MacOS users with this updated malware

A newly discovered form of malware is targeting Apple MacOS users in a campaign which researchers say is tied to a nation-state backed hacking operation.

The campaign has been detailed by cybersecurity analysts at Trend Micro who’ve linked it to OceanLotus – also known as APT32 – a hacking group which is thought to have links to the Vietnamese government.

OceanLotus is known to target foreign organisations working in Vietnam including media, research and construction and while the motivation for this isn’t fully understood, the aim is thought to be to using espionage to aid Vietnamese-owned companies.

The MacOS backdoor provides the attackers with a window into the compromised machine, enabling them to snoop on and steal confidential information and sensitive business documents.

The security company’s researchers have linked it to OceanLotus because of the similarities in code and behaviour of the malware, compared with samples used in previous campaigns

Read More

Vaccine Maker AstraZeneca’s Computer Systems Targeted by Hackers

As the race to develop the COVID-19 vaccine continues, it appears that suspected North Korean hackers attempted to access AstraZeneca’s systems in the last weeks.

Reuters reports that the hackers pretended to be job recruiters and used LinkedIn and WhatsApp to contact AstraZeneca employees with false job offers. Sources told the news outlet that the hackers then sent documents that they claimed were job descriptions but instead were written with harmful code to gain entry into the victims’ computers.

The hackers targeted a “broad set of people” like COVID-19 researchers, but it doesn’t appear that their break-in attempts were successful. AstraZeneca, Pfizer, and Moderna have become the top three COVID-19 vaccine developers.

Sources told Reuters that the hackers’ tools and techniques seemed to be that of a current hacking campaign that has been assigned to North Korea. Cyberattacks targeting drugmakers, health bodies, and vaccine scientists have escalated since the outset

Read More

Delco Computer Network Hackers Reportedly Demand $500K



Authorities are investigating a disruption to Delaware County's computer network, and the perpetrators are reportedly demanding $500,000.


© Shutterstock
Authorities are investigating a disruption to Delaware County’s computer network, and the perpetrators are reportedly demanding $500,000.

DELAWARE COUNTY, PA — The case of the computer network “hack” in Delaware County had its stakes raised recently, as the perpetrators are reportedly demanding thousands from the county.

Earlier this week, Delaware County officials said part of the county’s computer network experienced a disruption.

Authorities launched an investigation into the disruption.

Part of the investigation included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event.

Later, the FBI was reported to have joined the investigation.

Action News now reports the hackers are demanding $500,000 in cryptocurrency from the county to release the systems from their clutches.

According to the outlet the county will pay the $500,000 as it has insurance to cover such situations.

The county said its Bureau of

Read More

Xbox Live Bug Let Hackers Access Gamertag Email Addresses

A bug in Xbox Live allowed hackers to find any email associated with a registered gamertag. The site used to report bad behavior in the Xbox online community was hiding a vulnerability that allowed hackers to snag user email addresses.

that last week an anonymous hacker reached out to them claiming to be able to find the email attached to any Xbox gamertag. Motherboard verified the hacker’s claims by sending them two gamertags, one of which was created specifically for this testing. Within seconds the hacker sent back the email addresses these tags were registered with. Normally, these email addresses are supposed to be private. Another anonymous hacker told Motherboard that the bug could be found in the . This page is where players can contact the Microsoft team that monitors Xbox’s online communities.

Despite the apparent threat to customer security, Microsoft’s original response to this security breach was not

Read More