Apr 162019
 

Sebastian McCarthy reports:

Morrisons has been granted permission to appeal to the Supreme Court after losing a major court case over a data leak.

In October the UK’s fourth-biggest supermarket lost an appeal against a High Court ruling that concluded the firm was legally liable for a former employee leaking personal information about 100,000 staff members, meaning it could face a mass payout to staff.

However, today the Bradford-based chain won approval to appeal the judgment at Britain’s highest court.

Read more on City A.M.

Apr 162019
 

John Hultquist, Ben Read, Oleg Bondarenko, and Chi-en Shen of FireEye explain:

In early 2019, FireEye Threat Intelligence identified a spear phishing email targeting government entities in Ukraine. The spear phishing email included a malicious LNK file with PowerShell script to download the second-stage payload from the command and control (C&C) server. The email was received by military departments in Ukraine and included lure content related to the sale of demining machines.

This latest activity is a continuation of spear phishing that targeted the Ukrainian Government as early as 2014. The email is linked to activity that previously targeted the Ukrainian Government with RATVERMIN. Infrastructure analysis indicates the actors behind the intrusion activity may be associated with the so-called Luhansk People’s Republic (LPR).

Read more on FireEye.

Apr 152019
 

Sergiu Gatlan reports:

Malicious DICOM files can be crafted to contain both CT and MRI scan imaging data and potentially dangerous PE executables, a process which can be used by threat actors to hide malware inside seemingly harmless files.

Cylera’s Markel Picado Ortiz achieved this by taking advantage of a DICOM format design flaw which allows for the “128-byte section at the beginning of the file, called the Preamble,” to be modified to add compatibility with non-DICOM image viewers.

Read more on BleepingComputer.

h/t,@MRJDWoodard

Apr 152019
 

Catalin Cimpanu reports:

A hacker who spoke with ZDNet in February about wanting to put up for sale the data of over one billion users is getting dangerously close to his goal after releasing another 65.5 million records last week and reaching a grand total of 932 million records overall.

The hacker’s name is Gnosticplayers, and he’s responsible for the hacks of 44 companies, including last week’s revelations.

Since mid-February, the hacker has been putting batches of hacked data on Dream Market, a dark web marketplace for selling illegal products, such as guns, drugs, and hacking tools.

Read more on ZDNet.

Apr 152019
 

Catalin Cimpanu reports:

Microsoft Office products are today’s top target for hackers, according to attack and exploitation data gathered by Kaspersky Lab.

In a presentation at its security conference –the Security Analyst Summit– the company said that around 70 percent of the attacks its products have detected in Q4 2018 are trying to abuse a Microsoft Office vulnerability.

Read more on ZDNet.