Chinese APT Group Is Ransacking Japan's Secrets
Since 2019, MirrorFace has been stealing information from myriad Japanese organizations to gain leverage over Japan in the event of hostilities between the two countries, experts said.
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
Since 2019, MirrorFace has been stealing information from myriad Japanese organizations to gain leverage over Japan in the event of hostilities between the two countries, experts said.
The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple's own antivirus product.
The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department's Office of Foreign Assets Control.
Cyberattackers injected the NFL Wild Card team's online Pro Shop with malicious code to steal credit-card data from 8,500 fans.
The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites.
A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.