July 12, 2024 at 09:42AM AT&T experienced a major data breach, with threat actors stealing call logs for nearly all mobile customers, involving around 109 million customers. The breach occurred in April 2024, compromising call and text records for a specific period. Although no sensitive personal information was exposed, potential identity correlation is a concern. … Read more
July 11, 2024 at 10:24AM Advance Auto Parts has notified over 2.3 million people about a data breach of personal information during Snowflake data theft attacks. This incident affected current and former employees and job applicants, with stolen data including names, Social Security numbers, and driver’s licenses. Advance is providing complimentary identity theft protection and … Read more
July 10, 2024 at 09:58AM Fujitsu Japan confirmed an “advanced” malware strain, not ransomware, was responsible for a March data theft affecting individuals with personal and customer information. Despite isolating infected machines and enhancing monitoring, the company didn’t disclose the scale but notified affected individuals. It aims to further bolster information security following the incident. … Read more
July 10, 2024 at 06:08AM Ransomware groups are evolving beyond encrypting and demanding payments to stealing sensitive information with custom malware. Cisco Talos revealed key tactics and identified 14 prominent ransomware groups, emphasizing their unique goals and activities. These groups employ double-extortion tactics and offer bespoke malware for data exfiltration. They utilize social engineering and … Read more
July 9, 2024 at 05:13PM July’s Microsoft security update addresses 139 CVEs, including actively exploited vulnerabilities and a public Intel microprocessor issue. Notably, two zero-day bugs were identified, posing a moderate threat. Additionally, critical vulnerabilities affecting Windows Remote Desktop Licensing Service require immediate attention, with a recommendation to disable the service if not in use. … Read more
July 8, 2024 at 05:41PM Threat actors leaked 39,000 print-at-home tickets for 150 upcoming concerts and events, including artists like Pearl Jam and Foo Fighters. This was part of an ongoing extortion campaign against Ticketmaster, demanding millions in ransom. Ticketmaster claims their anti-fraud measures make the leaked data useless, but hackers argue that the barcodes … Read more
July 8, 2024 at 04:39PM In May 2024, luxury retailer Neiman Marcus experienced a data breach, exposing over 31 million customer email addresses. The breach also compromised sensitive information including names, contact details, and gift card details. Neiman Marcus linked the incident to the Snowflake data theft attacks and negotiations with the threat actor are … Read more
July 3, 2024 at 10:51AM Europol’s Operation Morpheus led to the takedown of nearly 600 Cobalt Strike servers used by cybercriminals to infiltrate networks. Coordinated across multiple countries, the operation involved identifying and targeting criminal infrastructure. The software, originally intended for security testing, has become a primary tool in ransomware and cyberespionage attacks, used by … Read more
July 2, 2024 at 08:28PM Summary: Over 500 credentials were stolen from Snowflake environments, impacting at least 165 customers. The cybersecurity investigation labeled it an information-stealing malware incident, urging enhanced security measures. Experts advise collecting and analyzing account data, using a single sign-on provider, and limiting the blast radius of a breach to enhance security. … Read more
July 2, 2024 at 12:49AM An Australian man has been charged with creating fake Wi-Fi access points during a domestic flight to steal user data. The suspect impersonated legitimate networks, prompting victims to enter personal information. He faces multiple charges and potentially 23 years in prison if convicted. Authorities advise using reputable VPNs for public … Read more