China ‘compromised’ Canadian government networks and stole valuable info: spy agency
Threat actors sponsored by China “compromised” Canadian government networks over the past five years and collected valuable information, says a new report from Canada’s cyber spy agency. The Communications Security Establishment, responsible for foreign signals intelligence, cyber operations and cyber security, released its updated national cyber threat assessment on Wednesday. The assessment flags threats the agency sees as the most pressing ones facing individuals and organizations in Canada. “We’re often asked, what keeps up at night? Well, pick the page,” Caroline Xavier, CSE chief, told a news conference in Ottawa.
US judge finds Pegasus spyware maker liable over WhatsApp hack
WhatsApp claimed legal victory over the maker of Pegasus spyware late on Friday. The Israeli company, NSO Group Technologies, was accused in a lawsuit by Meta’s messaging app of infecting and surveilling the phones of 1,400 people over a two-week period in May 2019 via its notorious Pegasus software. The judge in the case, Phyllis Hamilton, found the company had violated state and federal US hacking laws as well as WhatsApp’s own terms of service. NSO Group will face a separate jury trial in March 2025 to determine the damages it owes WhatsApp, the world’s most popular messaging service.
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless. Users who visit the fake Cloudflare Workers websites are prompted to download a Windows executable of Army+, which is created using Nullsoft Scriptable Install System (NSIS), an open-source tool used to create installers for the operating system.
BeyondTrust says hackers breached Remote Support SaaS instances
Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances. BeyondTrust is a cybersecurity company specializing in Privileged Access Management (PAM) and secure remote access solutions. Their products are used by government agencies, tech firms, retail and e-commerce entities, healthcare organizations, energy and utility service providers, and the banking sector. The company says that on December 2nd, 2024, it detected “anomalous behavior” on its network. An initial investigation confirmed that threat actors compromised some of its Remote Support SaaS instances.
Ransomware attack on health giant Ascension hits 5.6 million patients
A May ransomware attack on Ascension, a U.S. healthcare giant with more than 140 hospitals and dozens of senior living facilities, allowed hackers to steal personal and sensitive health information on 5.6 million patients, according to a new filing with Maine’s attorney general. The cyberattack caused widespread disruption across its hospital system, with some staff describing harrowing lapses in healthcare as a result, including delayed or lost lab results, and medication errors.
Italy’s Privacy Watchdog Fines OpenAI for ChatGPT’s Violations in Collecting Users Personal Data
Italy’s data protection watchdog said Friday it has fined OpenAI 15 million euros ($15.6 million) after wrapping up a probe into the collection of personal data by the U.S. artificial intelligence company’s popular chatbot ChatGPT. The country’s privacy watchdog, known as Garante, said its investigation showed that OpenAI processed users’ personal data to train ChatGPT “without having an adequate legal basis and violated the principle of transparency and the related information obligations towards users”. OpenAI dubbed the decision “disproportionate” and said it will appeal.