Cybercrime

Security experts have warned about the emergence of previously unknown spyware with hacking capabilities comparable to NSO Group’s Pegasus that has already been used by clients to target journalists, political opposition figures and an employee of an NGO.

Researchers at the Citizen Lab at the University of Toronto’s Munk School said the spyware, which is made by an Israeli company called QuaDream, infected some victims’ phones by sending an iCloud calendar invitation to mobile users from operators of the spyware, who are likely to be government clients. Victims were not notified of the calendar invitations because they were sent for events logged in the past, making them invisible to the targets of the hacking. Such attacks are known as “zero-click” because users of the mobile phone do not have to click on any malicious link or take any action in order to be infected.

An ‘Amazon for crime’ online marketplace selling millions of sets of stolen personal information for 56p each has been blown open by UK and international investigators.

A sting on the site – which was called Genesis Market – unfolded last night and saw raids on users across the globe.

It was led by the FBI and Dutch police forces and 17 other countries, including the UK’s National Crime Agency (NCA), which made 24 arrests in and around Grimsby.

The “cyber incident” that was responsible for knocking the National Research Council (NRC) offline last year was of foreign origin, according to a news report.

The federal agency said in a recent statement that the audit report on the incident won’t be published due to security concerns.

Ontario’s privacy commissioner is investigating a sweeping data project at the University of Toronto that is alleged to have collected over 600,000 electronic medical records without patient consent or knowledge.

… Access to that giant database is then sold or shared with researchers and other “third parties,” according to a copy of the complaint obtained by Global News.

Canada Post is having delivery problems — and for once, it’s not your mail.

New applications for the crown corporation’s MyMoney consumer loan program, launched nationally in late September, have been put “on pause” indefinitely after security monitoring detected an apparent cyber attack.

A Russian-Canadian man from Ontario is in police custody and awaiting extradition to the United States for his alleged participation in a global ransomware campaign, the U.S. Department of Justice announced Thursday.

Mikhail Vasiliev, a 33-year-old dual Russian and Canadian national from Bradford, Ont., is charged with conspiracy to intentionally damage protected computers and to transmit ransom demands in connection with his alleged role in the LockBit global ransomware scheme, the department said in a press release.

Some stores across Canada owned by Empire Company Ltd., including Sobeys, Safeway and affiliated pharmacy services, continue to experience disruptions due to an information technology systems issue.

Empire, which owns Sobeys, Lawtons, IGA, Safeway, Farm Boy, Foodland and FreshCo, among other brands, announced Monday an IT problem is preventing some of its pharmacies from filling prescriptions.

The issue has also caused some services to be delayed or to function only intermittently.

NYPost Hacked

@nypost hacked. Here you go 🥰 pic.twitter.com/mpFlDCWKPL

— justme🌵 (@sceeneey) October 27, 2022