July 12, 2024 at 11:27AM
SecurityWeek’s cybersecurity news roundup provides a curated collection of noteworthy developments in the cybersecurity landscape. This week’s stories include Apple issuing spyware warnings, a data breach affecting 200,000 individuals in Dallas County, and a cyberattack on Sibanye-Stillwater. Additionally, Nasuni announces a significant growth investment and Google enables passkey support for its Advanced Protection Program users.
Here are the key takeaways from this week’s cybersecurity news roundup:
1. Apple issued spyware warnings to iPhone users in 98 countries to alert them of potential mercenary spyware attacks, showing a pattern of remote compromise attempts.
2. Dallas County, Texas, disclosed a data breach affecting over 200,000 individuals, compromising a range of personal information including Social Security numbers and medical data.
3. Snowflake now allows administrators to enforce mandatory multi-factor authentication (MFA) for all users following a campaign that impacted over 165 Snowflake customers.
4. Sibanye-Stillwater, a precious metals producer, faced a cyberattack that caused limited disruptions to its global operations, with isolated systems indicating potential ransomware involvement.
5. Nasuni received a strategic growth investment led by Vista Equity Partners, valuing the enterprise data platform at approximately $1.2 billion.
6. Financial Business and Consumer Solutions (FBCS) reported a data breach impacting over 4 million individuals, with names, Social Security numbers, and driver’s license numbers being compromised.
7. Google announced passkey support for users enrolled in its Advanced Protection Program (APP), designed for individuals at high risk of cyberattacks.
8. North Korean hackers targeted Japanese organizations, and the Japan Aerospace Exploration Agency (JAXA) reported a data breach compromising employee information from unauthorized access to its Microsoft 365 services and VPN devices.
9. CDK Global reportedly paid a $25 million ransom to end system disruptions impacting car dealerships across the US.
10. Legal support services company Rapid Legal left a vast database accessible from the internet, containing millions of records, leading to data exposure until it was secured.
11. An access token leaked in a public Docker container provided unauthorized access to GitHub repositories, prompting actions by PyPI to revoke the token.
This summary captures the significant cybersecurity developments for the week, providing insights into data breaches, ransomware incidents, and targeted attacks.