September 2024: Major Cyber Attacks, Data Breaches, Ransomware Attacks
Date: 1 October 2024
TFL, Planned Parenthood, Florida-based Slim CD, Fortinet, E-commerce platform Temu are just some of the major organisations that have suffered massive cyber attacks, data breaches and ransomware attacks in September 2024.
Don't miss out our comprehensive list of all instances of cyber crime that occurred in the month gone by. Remember, knowledge is power and when it comes to cybersecurity, nothing prepares you better than learning from past cyber attacks.
- Ransomware Attacks in September 2024
- Data Breaches in September 2024
- Cyber Attacks in September 2024
- New Malware and Ransomware Discovered
- Vulnerabilities Discovered and Patches Released
- Advisories issued, reports, analysis etc. in September 2024
Apart from the organisations that were severely impacted by cyber crime, several others made news in September, 2024 for the large penalties and fines they have had to pay as a result of cyber attacks.
Lehigh Valley Health Network has agreed to a $65 million settlement after hackers leaked nude photos of cancer patients. DNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit following a massive data breach. AT&T has to pay $13 million to resolve a Federal Communications Commission (FCC) investigation.
These figures just go to show how debilitating a cybersecurity incident can be - financially and from a reputation standpoint. The only real protection today is preparation.
Understanding threat actors' latest attack tactics, taking a critical look at your cybersecurity controls and truly evaluating your cyber resilience are the essential steps forward.
Cyber attacks are no longer a matter of "if" but "when". You need to have strong cyber defences with a solid Cyber Incident Response Plan. Test the efficacy of this plan with attack simulation-based Cyber Tabletop Exercises. Provide robust cybersecurity training to your staff. Empower everyone to understand their roles and responsibilities during a cyber crisis. Equip them with skills to make better decisions and practise incident response plans and playbooks so that they become a part of their muscle memory.
By prioritising these measures and studying past attacks, you can significantly mitigate the risks and impacts of cyber threats, ensuring a more secure and resilient future.
Ransomware Attacks in September 2024
Date |
Victim |
Summary |
Threat Actor |
Business Impact |
Source Link |
September 04, 2024 |
Microchip Technology |
Microchip Technology confirms personal information stolen in ransomware attack |
Play Ransomware |
US-based semiconductor supplier Microchip Technology has confirmed that personal information and other types of data was stolen from its systems during a recent ransomware attack. The company disclosed the incident on August 20, when it informed the US SEC that certain servers and business operations had been disrupted, but the company isolated the impacted systems to contain the attack. |
|
September 04, 2024 |
Planned Parenthood |
Ransomware gang claims cyber attack on Planned Parenthood |
RansomHub Ransomware |
RansomHub ransomware group listed Planned Parenthood on its Tor-based leak site, threatening to leak 93 Gb of data supposedly exfiltrated from the nonprofit organisation. |
Source: Security Week |
September 06, 2024 |
Charles Darwin School |
Charles Darwin School Bromley closes due to cyber attack |
Unknown |
Charles Darwin School, based in Jail Lane, had been experiencing IT issues but has now found the problem to be “worse than hoped” - a cyber attack. In a letter on its website, headteacher of the school Aston Smith has outlined that it is not yet known what data has been accessed. |
Source: News Shopper UK |
September 10, 2024 |
Japanese media giant Kadokawa |
Japanese media giant investigating another reported data leak by BlackSuit hackers |
BlackSuit Ransomware |
A major Japanese media company known for producing manga, anime and video games was investigating a cyber attack on its systems following reports that a ransomware group leaked a new batch of its information on the dark web. Kadokawa was hit by a ransomware attack in June. Several researchers observed that the ransomware gang BlackSuit uploaded new data allegedly stolen from Kadokawa to its darknet site. |
Source: The Record |
September 12, 2024 |
Kawasaki’s European arm |
Kawasaki’s European arm restores operations after cyber attack claimed by Ransomhub |
RansomHub Group |
Japanese motor vehicle giant Kawasaki said its European offices are in the process of recovering from a cyber attack that has caused a range of issues as the company posted a statement confirming it was “the subject of a cyber attack” which was not successful but “resulted in the company’s servers being temporarily isolated until a strategic recovery plan was initiated later on the same day.” In its dark web post, the RansomHub operation said it stole 487 gigabytes of data from Kawasaki Motors Europe. |
Source: The Record |
September 12, 2024 |
23andMe |
23andMe to pay $30 million in genetics data breach settlement |
Hacker known as Golem |
DNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. Starting in October, threat actors leaked data profiles belonging to 4.1 million individuals in the United Kingdom and 1 million Ashkenazi Jews on the unofficial 23andMe subreddit and hacking forums like BreachForums. 23andMe said in December that data for 6.9 million customers, including information on 6.4 million U.S. residents, was downloaded in the breach. |
Source: Bleeping Computer |
September 12, 2024 |
Lehigh Valley Health Network |
Hospital system to pay $65 million for dark web data leak, including images of nude cancer patients |
BlackCat Ransomware |
Lehigh Valley Health Network has agreed to a $65 million settlement in a class action suit tied to a massive data leak, including the publication of images of 600 nude cancer patients. The lawsuit, filed in March 2023, followed the discovery that LVHN data security allowed a hacker to break into its systems and obtain personal data on at least 134,000 people, including cancer patients. The proposed settlement was announced by plaintiffs' lawyer Patrick Howard as he said the nude images and other data were posted to the dark web by BlackCat after LVHN declined to pay the ransom. |
Source: The Record |
September 14, 2024 |
Port of Seattle |
Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack |
Rhysida Ransomware |
The Port of Seattle confirmed that the Rhysida ransomware group was behind the cyber attack in August. The Port confirmed that an unauthorised actor accessed and encrypted parts of their computer systems, disrupting key services like baggage handling, check-in kiosks, ticketing, Wi-Fi, and parking. The company also said that it has refused to pay the ransom, for this reason the ransomware group may publish stolen data. |
Source: Security Affairs |
September 16, 2024 |
NHS London |
Data on nearly 1 million NHS patients leaked online following ransomware attack on London hospitals |
Qilin Ransomware |
CaseMatrix, a company that works with legal firms to support claimants in data breach lawsuits said more than 900,000 individuals have been caught up in the extortion attempt as people with symptoms of sensitive medical conditions, including cancer and sexually transmitted infections, were among almost a million individuals who had their personal information published online following a ransomware attack. |
Source: The Record |
September 16, 2024 |
Stillwater Mining Company |
Owner of only US platinum mine confirms data breach after ransomware claims |
RansomHub Ransomware |
Stillwater Mining Company confirmed that it experienced a cyber attack this summer that exposed the sensitive information of thousands of employees. It told regulators that hackers breached company systems in the middle of June but the incident was only discovered on July 8. It took more than a month for investigators to realise that the personal information of 7,258 employees was stolen. |
Source: The Record |
September 17, 2024 |
AT&T |
AT&T to pay $13 million FCC settlement for 2023 data breach |
ShinyHunters |
AT&T has agreed to pay $13 million to resolve a Federal Communications Commission (FCC) investigation into whether the telecom giant was adequately protecting customer data. |
Source: The Record |
September 20, 2024 |
Blackpool Trust Schools |
Schools threatened by hackers in cyber attack |
Unknown |
Schools across Lancashire have been hit by a cyber attack with the majority of computer systems affected. Dean Logan, CEO of Fylde Coast Academy Trust, confirmed the Blackpool trust had been subjected to ransomware, which infected the organisation's IT infrastructure and resulted in limited accessibility to systems. |
Source: The BBC |
September 22, 2024 |
Kansas’ Franklin county |
Ransomware attack on Kansas county exposed sensitive information of nearly 30,000 residents |
Unknown |
A county in Kansas warned regulators that a ransomware attack earlier this year leaked personal data found in county records. Franklin County, which is about an hour outside of Kansas City, warned 29,690 residents that hackers breached the County Clerk’s Office on May 19 and took data from the network. |
Source: The Record |
Data Breaches in September 2024
Date |
Victim |
Summary |
Threat Actor |
Business Impact |
Source Link |
September 02, 2024 |
Management consulting firm, CBIZ |
CBIZ Benefits & Insurance Services discloses data breach affecting client information |
Unknown |
Benefits & Insurance Services (CBIZ) reported a significant data breach involving the unauthorised access of sensitive client information stored in its databases. The breach that occurred between June 2 and June 21, 2024, was caused by a vulnerability in one of CBIZ’s web pages, exploited by a threat actor to steal the data of nearly 36,000 individuals. |
Source: teiss.co.uk |
September 09, 2024 |
Florida-based Slim CD |
Massive credit card breach hits 1.7 million people after hackers access payment processing service |
Unknown |
Almost 1.7 million consumers in the US and Canada may have had their data exposed in a massive credit card database breach. Florida-based Slim CD, a payment processor, sent emails to customers that their information may have been accessed anytime from August 2023 to June 2024. |
|
September 09, 2024 |
Fortinet |
Fortinet says hackers accessed ‘limited’ number of customer files on third-party drive |
Unknown |
Fortinet said that someone gained unauthorised access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive. The file drive “included limited data related to a small number of Fortinet customers”. |
|
September 09, 2024 |
Avis Car Rental |
Avis Car Rental suffers a data breach impacting nearly 300,000 customers |
Unknown |
Car rental company Avis has suffered a data breach impacting nearly 300,000 customers after an unauthorised third party accessed a business application. Avis said the attacker breached the company’s business application between August 3 and August 6, 2024, and was detected on August 5, 2024. |
Source: CPO Magazine |
September 11, 2024 |
Boulanger, Cultura, Truffaut |
Popular French retailers confirm hackers stole customer data |
A threat actor using the nickname "horrormar44" on BreachForums |
Several well-known French retail brands reported having data stolen by a cyber attack as hackers targeted Boulanger, which specialises in electronics and home appliances, and the retailer Cultura, gardening supplier Truffaut. Several French media outlets reported the list of victims could be even longer. |
Source: The Record |
September 17, 2024 |
E-commerce platform, Temu |
Temu denies breach after hacker claims theft of 87 million data records |
A threat actor using the moniker 'smokinthashit' |
Temu denied it was hacked or suffered a data breach after a threat actor claimed to be selling a stolen database containing 87 million records of customer information. The threat actor put the alleged data up for sale on the BreachForums hacking forum, along with a small sample to serve as proof of the stolen data. |
|
September 20, 2024 |
Dell |
Dell investigates data breach claims after hacker leaks employee information |
BreachForums hacker "grep" |
Dell has confirmed that they were investigating recent claims that it suffered a data breach after a threat actor leaked data for over 10,000 employees. The allegations were published by a threat actor named "grep," who alleges that the computing vendor suffered a "minor data breach" in September 2024, exposing internal employee and partner information. |
Source: BleepingComputer |
Cyber Attacks in September 2024
Date |
Victim |
Summary |
Threat Actor |
Business Impact |
Source Link |
September 02, 2024 |
German air traffic control |
Cyber attack paralyses office communications at German air traffic control |
APT28-(Fancy Bear) |
Deutsche Flugsicherung (DFS), the state-owned agency responsible for air traffic control in Germany confirmed that it was the target of a cyber attack that has disrupted its office communications. |
|
September 02, 2024 |
Transport for London (TfL) |
TfL faces sophisticated cyber security incident |
Unknown |
Transport for London's (TfL) computer systems were hit with an ongoing cyber attack as the transport company said there was no evidence customer data had been compromised and there was no impact on TfL services. Insiders have told BBC London they have been asked to work at home if possible, and that it is the transport provider's backroom systems at the corporate headquarters that are mainly affected. |
|
September 02, 2024 |
Canvey Infant School |
Canvey Infant School in Essex deals with a significant cyber incident |
Unknown |
Canvey Infant School, an Essex-based primary school, experienced a significant cyber attack that disrupted access to IT systems and forced school authorities to delay school reopening. |
Source: teiss.co.uk |
September 04, 2024 |
Latvian government and critical infrastructure websites |
Hackers linked to Russia and Belarus increasingly target Latvian websites, officials say |
Russia-linked hacktivist groups such as NoName057(16) and Anonymous Guys |
Politically motivated hackers linked to Russia and Belarus are targeting Latvian government and critical infrastructure websites in a new wave of cyber attacks, according to Latvian cybersecurity officials. The goal of the attacks was to disrupt access to websites rather than to steal sensitive data, said Baiba Kaskina, head of the Latvian сomputer emergency response team (CERT). |
Cyber attack on Latvian government and critical infrastructure websites |
September 04, 2024 |
Tewkesbury Borough Council in Gloucestershire, England |
Services disrupted as local council near GCHQ’s headquarters hit by cyberattack |
Unknown |
Tewkesbury Borough Council in Gloucestershire, England, warned residents that it had discovered it was being targeted by a cyber attack, and assumed that the perpetrators had been able to penetrate its systems. “We are having to assume that our systems have been compromised, and we are taking the necessary cyber response steps, including shutting down our systems,” said a banner statement on the council’s website. |
Source: The Record |
September 04, 2024 |
Penpie DeFi |
Penpie DeFi platform files reports with FBI, Singapore police after $27 million crypto theft |
Unknown |
Hackers stole about $27 million worth of cryptocurrency from the Penpie decentralised finance (DeFi) protocol. Penpie confirmed in a statement that $27,348,259 worth of ethereum was taken, and they have shut down withdrawals as well as deposits. |
Source: The Record |
September 09, 2024 |
Highline Public Schools |
Highline Public Schools closed in WA after possible cyber threat |
Unknown |
The attack hit the technology systems of the schools and forced the educational bodies to remain closed. |
Source: Fox 13 Seattle |
September 09, 2024 |
Highline Public Schools in Washington |
Washington state school district closed for second day after cyber attack |
Unknown |
A Seattle-area school system serving more than 17,000 students remained closed on September 10 for a second day to start the school year after a cyber attack caused network outages. Highline Public Schools in Washington, released a new notice on September 9 confirming that that facilities would remain closed after all activities, sports and meetings were cancelled. “Our investigation into unauthorised activity on our technology systems is ongoing, and critical systems are still offline,” the school said. “We understand cancelling school is a significant disruption for our families and staff, but student safety remains our top priority.” |
Source: The Record |
September 12, 2024 |
Jakarta-based crypto exchange Indodax |
Largest crypto exchange in Indonesia pledges to reimburse users after $22 million theft |
Unknown |
A major cryptocurrency exchange in Southeast Asia has paused operations after $22 million in coins was stolen. Jakarta-based Indodax, which says it has more than 6 million users, told customers that it discovered a security issue on its platform and has shut down its service while it “completes maintenance to ensure the entire system is operating properly.” |
Source: The Record |
September 13, 2024 |
Tennessee school district, Johnson County Board of Education |
Tennessee school district loses $3.4 million to a fake curriculum vendor |
Unknown |
A school district in the northeast corner of Tennessee lost more than $3 million earlier this year after an employee was tricked into sending funds intended for online curriculum materials to a fraudster. |
Source: The Record |
September 16, 2024 |
Germany’s Radio Geretsried |
German radio station forced to broadcast 'emergency tape' following cyber attack |
Unknown |
Radio Geretsried, a local station in Germany, has blamed “unknown attackers from Russia” after an apparent ransomware incident left it broadcasting music from emergency backups. According to a statement on Radio Geretsried’s website, the cyber attack took place on the night of September 15, with the hackers encrypting “all music files and are demanding a large ransom from the station.” |
Source: The Record |
September 17, 2024 |
Russian organisation Osnovanie |
Pro-Ukraine hackers claim attack on agency that certifies digital signatures in Russia |
Osnovanie ("Foundation" in Russian) |
The Russian federal organisation that certifies digital signatures used by local businesses and individuals is still recovering from a cyber attack that disrupted its services as Osnovanie said it had suspended its operation while the investigation into the attack is ongoing. It had promised to resume its work on September 12 after “changing security policies, access rights, and account settings.” The hackers claimed to compromise the infrastructure of the agency, known as Osnovanie ("Foundation" in Russian), and defaced its websites. |
Source: The Record |
September 17, 2024 |
Russian anti-virus company Dr.Web |
Russian cyber firm Dr.Web says services are restored after ‘targeted cyber attack’ |
Unknown |
Popular Russian antivirus developer Dr.Web said it has resumed operations after suffering a security breach over the weekend. In a statement, the company said that the cyber attack was successfully “repelled” and “none of the Dr.Web users were affected.” |
Source: The Record |
September 21, 2024 |
Asian crypto platform BingX |
Hackers stole over $44 million from Asian crypto platform BingX |
Unknown |
Singaporean crypto platform BingX reported a cyber attack as threat actors stole over $44 million worth of cryptocurrency. The crypto platform discovered unauthorised transfers of funds on Thursday night, shortly before BingX announced a shutdown for “wallet maintenance” on social media. |
Source: Security Affairs |
September 24, 2024 |
MoneyGram |
MoneyGram says cyber incident causing network outages |
Unknown |
Digital payment giant MoneyGram said a recent cybersecurity incident has caused network outages and other issues for those trying to send money. The company released messages on social media acknowledging that it is dealing with network outages after users complained about being unable to use the service. |
Source: The Record |
New Ransomware/Malware Discovered in September 2024
New Ransomware |
Summary |
A new ransomware-as-a-service (RaaS) operation impersonates the legitimate Cicada 3301 |
A new ransomware-as-a-service (RaaS) operation is impersonating the legitimate Cicada 3301 organisation and has already listed 19 victims on its extortion portal, as it quickly attacked companies worldwide. |
WhisperGate malware |
Federal agencies continued to confront Russian cyber-operations, unsealing an indictment against members of a Russian military intelligence unit involved with the destructive WhisperGate malware and other hacking campaigns. |
New PIXHELL acoustic attack |
A novel acoustic attack named ‘PIXHELL’ can leak secrets from air-gapped and audio-gapped systems, and without requiring speakers, through the LCD monitors they connect to. |
Ajina Banker malware |
A new Android malware is being used to steal information from bank customers in Central Asia, researchers have found. |
CosmicBeetle’s new malware, ScRansom |
A group that researchers are calling CosmicBeetle has developed new ransomware and deployed it against small and medium-sized businesses, mostly in Europe and Asia, according to a new report. |
Android malware 'Necro' |
A new version of the Necro malware loader for Android was installed on 11 million devices through Google Play in malicious SDK supply chain attacks. |
Source: BleepingComputer & The Record
Vulnerabilities/Patches Discovered in September 2024
Date |
New Malware, Flaws & Fixes |
Summary |
September 03, 2024 |
CVE-2024-7261 |
Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command injection. |
September 09, 2024 |
CVE-2024-40766 |
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks. |
September 10, 2024 |
CVE-2024-38217 |
Microsoft has fixed a Windows Smart App Control and SmartScreen flaw that has been exploited in attacks as a zero-day since at least 2018. |
September 16, 2024 |
CVE-2024-29847 |
A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. |
September 16, 2024 |
CVE-2024-43461 |
CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group. |
September 17, 2024 |
CVE-2024-38812 |
Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. |
September 19, 2024 |
CVE-2024-27348 |
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalogue, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. |
September 19, 2024 |
CVE-2024-8963 |
Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. |
Source: BleepingComputer
Warnings/Advisories/Reports/Analysis
News Type |
Summary |
Source Link |
Report |
The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023. |
Source: Bleeping Computer |
Warning |
The FBI warned of North Korean hacking groups aggressively targeting cryptocurrency companies and their employees in sophisticated social engineering attacks to deploy malware designed to steal their crypto assets. |
Source: Bleeping Computer |
Report |
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5m ($33.7m) on Clearview AI over illegal data collection for facial recognition. |
Clearview AI Fined €30.5m by Dutch Watchdog Over Illegal Data Collection |
Report |
Nykaa Fashion, a leading Indian beauty and fashion retailer platform and a subsidiary of Nykaa, has taken legal action against its former Chief Business Officer (CBO), Gopal Asthana, accusing him of breaching confidentiality agreements, misappropriating proprietary data, and attempting to harm the company by poaching employees. |
Nykaa Fashion initiates legal proceedings against former CBO over alleged data theft |
Report |
A privacy flaw in WhatsApp is being exploited by attackers to bypass the app's "View once" feature and view messages again. According to WhatsApp, a fix is coming to WhatsApp Web, but it is unclear if the privacy flaw could still be exploited using custom WhatsApp apps. |
Source: Bleeping Computer |
Report |
The National Crime Agency (NCA), once heralded as British law enforcement’s elite answer to the questions posed by serious and organised crime, including cybercrime, is “on its knees” according to a new report. |
Source: The Record |
Report |
Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to be blocked and their websites taken down. |
Source: Bleeping Computer |
Report |
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to disable endpoint detection and response (EDR) services on target systems. |
Source: Bleeping Computer |
Report |
A high-stakes cat and mouse game between defenders and a sophisticated trio of Chinese cyberespionage groups has continued this year, with the hackers launching a string of attacks on government organisations in Southeast Asia despite attempts to disrupt their activity. |
Source: The Record |
Analysis |
A suspected Iranian state-sponsored threat actor, APT34, also tracked as OilRig has targeted Iraqi government organisations and other entities in the country as part of a new espionage campaign, researchers have found. |
Source: The Record |
Warning |
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks. |
Source: Bleeping Computer |
Warning |
Binance is warning customers that malware is being used to manipulate withdrawal addresses in order to steal cryptocurrency, in a campaign that has led to “significant financial losses for victims.” |
Source: The Record |
Report |
The Justice Department indicted a Chinese national for attempting to hack several aviation agencies across the U.S. government in order to steal software and code created by the National Aeronautics and Space Administration (NASA) and others. |
Source: The Record |
Report |
A rolling Cloudflare outage is impacting access to web sites worldwide, including BleepingComputer, with sites working in some regions and not others. While Cloudflare said they were currently conducting scheduled maintenance in Singapore and Nashville, its status page does not indicate any problems. |
Source: Bleeping Computer |
Report |
A prolific cybercrime group known as Marko Polo has compromised “tens of thousands of devices” worldwide through cryptocurrency and gaming-related scams, researchers said. |
Source: The Record |
Report |
Unidentified hackers have targeted companies in the construction industry through accounting software known as Foundation, researchers said. The attackers go looking for installations of Foundation that are publicly accessible on the internet, then try combinations of default usernames and passwords that can allow for administrative access. |
Source: The Record |
Report |
Microsoft has identified a financially driven hacking group that is deploying INC ransomware to attack the U.S. healthcare sector. The hacking group has targeted the healthcare, IT, and manufacturing sectors, using ransomware variants such as BlackCat, Rhysida, Quantum Locker and Zeppelin. |
|
Report |
Russia has fully pivoted its disinformation efforts to focus on Vice President Kamala Harris, releasing several fake, widely-seen videos designed to harm her campaign. Microsoft published a new report warning that two Russian groups have used X (formerly Twitter), Telegram and several fake news websites to disseminate controversial and fictitious videos about Harris. |
Source: The Record |
Report |
The Walt Disney Company will no longer use Slack for in-house company communication months after a hack that involved more than a terabyte of company data being leaked to the public. |
|
Report |
A Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children and teens, with insufficient privacy protections and earning billions of dollars annually by monetizing their data. |
Source: Bleeping Computer |
Report |
LinkedIn recently began harnessing its users’ content and data to train artificial intelligence models, opting all platform participants into the program without formal notice - except for users in the United Kingdom and Europe. |
Source: The Record |
Report |
A cyber operation within Iran’s Ministry of Intelligence and Security (MOIS) has evolved into a highly sophisticated access broker for Iranian hackers, enabling persistent intrusions into telecommunications and government systems across the Middle East. |
Iranian Backdoors Spread Across Middle East Telecoms and Government Agencies, Google Reports |
Report |
The U.S. DoJ arrested two people, Malone Lam (20) and Jeandiel Serrano (21) in Miami and charged them with stealing more than $230 million worth of cryptocurrency as the duo attempted to launder the stolen cryptocurrency through crypto exchanges and mixing services. |
US DoJ charged two men with stealing and laundering $230 Million worth of cryptocurrency |
Report |
Ukraine has banned the use of the Telegram messaging platform on official devices issued to government and military personnel, as well as defence sector and critical infrastructure employees. |
|
Report |
German law enforcement has shut down 47 cryptocurrency exchange services that ransomware gangs and other cybercriminals used for money laundering. |
Source: The Record |
Report |
Missouri-based aviation executive Farhad Azima said that he had settled with the law firm Dechert and two of its former senior attorneys over allegations they took part in a scheme to hack his emails and use them in court to destroy his business. |
Aviation executive Farhad Azima settles with law firm Dechert over hacking claim |
Report |
The Chaser, a news website run by Hong Kong journalists in Britain, says Google informed the diaspora media outlet that its company email was being targeted by "government-backed attacks." |
Hong Kong diaspora media in Britain reports 'government-backed attacks' |
Report |
Russian cybersecurity company Kaspersky deleted its anti-malware software from customers' computers across the United States and automatically replaced it with UltraAV's antivirus solution. This came after Kaspersky decided to shut down its U.S. operations and lay off U.S.-based employees. |
Source: Bleeping Computer |
Report |
The U.S. Commerce Department proposed prohibiting key Chinese software and hardware in connected vehicles on American roads due to national security concerns, a move that would effectively bar Chinese cars and trucks from the U.S. market. |
Source: Reuters |
Report |
The popular messaging service Telegram has updated its terms of service to discourage “bad actors” from “jeopardising the integrity” of the platform, according to its founder Pavel Durov. |
Source: The Record |
Report |
Google said it has been contacted by several major U.S. companies recently who discovered that they unknowingly hired North Koreans using fake identities for remote IT roles. |
Source: The Record |
Report |
Sweden’s domestic intelligence agency announced that hackers acting on behalf of the Iranian government were behind a cyberattack last year aimed at provoking divisions in the country following a stunt by a far-right political figure. |
Source: The Record |
Report |
The cybercriminal group known as DragonForce has been attacking the manufacturing, real estate and transportation industries worldwide using modified versions of two notorious ransomware variants, researchers said. |
Source: The Record |