Latest Cybersecurity News

The page lists the latest important events and incidents reported in the cyber security field. For full stories, you can refer to the provided links to the source.

The Government of Poland announced that it is increasing its cybersecurity spending to almost $760 million to improve digital security. The increased budget for cybersecurity has been necessitated due to recent cyber attacks targeting Poland. Deputy Prime Minister Krzysztof Gawkowski said that the recent cyber attack on the website of the Polish Press Agency (PAP) on 31 May 2024 was a bid to interfere in the election process of Poland. Read the full story at Security Intelligence.

A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data. By exploiting this vulnerability, attackers can extract information beyond what is visible in the reports, including additional data attributes, records, and details behind aggregated or anonymized data. The vulnerability was reported to Microsoft by Nokod Security, but they consider it a feature rather than a security issue. Read the full story at GB Hackers.

The Levi company has reported a data breach affecting 72,231 individuals, including 75 residents of Maine. The data breach happened on 13 June 2024 and it was detected the same day. According to the Office of the Maine Attorney General reports, Levi Strauss & Co. promptly notified affected customers electronically on June 21, 2024. However, the company has not offered any identity theft protection services to the affected individuals. Read the full story at Cybersecurity News.

Retail technology and software provider CDK Global was struck by a severe ransomware attack on June 19, causing a significant disruption to nearly 15,000 car dealerships in the U.S. The group claims the hack demanded tens of millions of dollars in ransom. As the attack on the company’s systems continues, CDK Global is planning to make the payment in a bid to restore normalcy, according to Bloomberg. Read the full story.

The Lockbit ransomware group announced that it had breached the systems of Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” The Lockbit ransomware group added the Federal Reserve to the list of victims on its Tor data leak site and threatened to leak the stolen data on 25 June, 2024 20:27:10 UTC. Read the full story at Security Affairs.

A CRITICAL security vulnerability has been disclosed in the premium Facebook module for Prestashop. This vulnerability is a SQL injection threat with a CVSS score of 9.8. The module pkFacebook is affected by this vulnerability. All versions prior to 1.0.1 are impacted. The attacker could use the SQL injection vulnerability in facebookConnect.php Ajax script to forge SQL injection attacks and gain unauthorised access to the associated PrestaShop database. Read the full story on CSA Singapore.

A suspected Chinese state-sponsored hacking group, RedJulliett, has reportedly targeted Taiwanese organisations, particularly those in sectors such as government, education, technology and diplomacy. Between November 2023 to April 2024, there has been an increase in cyber attacks on the Taiwanese organizations. These attacks could relate to the Presidential elections in Taiwan. RedJulliett has targeted 24 organisations, including government agencies in places like Laos, Kenya and Rwanda, as well as Taiwan. Read the full story.

Lockbit 3.0 has attacked the National Data Centre of Indonesia. The ransomware attack has crippled immigration services in Indonesia. The ransomware operator has sought a ransom of $8 million to provide the decryptor. The attack disrupted several government services, most notably at airports last week, with long lines forming at immigration desks. The Indonesian government is focused on restoring affected services, and digital forensics are underway. Read the full story.

Food service giant Jollibee has allegedly suffered a cyberattack and a data breach.Deep Web Konek found a database being sold by a threat actor under the alias “Sp1d3r”. The archive allegedly contains sensitive data on 32 million Jollibee customers, including their full names, postal addresses, phone numbers, and email addresses. Furthermore, Sp1d3r is apparently selling “extensive records” of food delivery orders, sales transactions, and service details. Read the full story at Tech Radar.

Polish prosecutors have seized Pegasus spyware systems from a government agency in Warsaw and are now studying them to “determine the functionality of the Pegasus software and the broad legality of its use,” a spokesperson for the National Prosecutor’s Office said Friday according to local news reports. The prosecutor’s office inspected and secured devices related to the powerful commercial surveillance tool at the headquarters of the Central Anticorruption Bureau on Tuesday and Wednesday, the spokesperson said. Read the full story.

Nissan drivers have one week to claim a check in a settlement related to a data breach lawsuit. The settlement stems from a lawsuit filed against the dealership that claimed around 1,000 customers had sensitive information leaked in June 2022. The Nevada dealership has been accused of failing to protect their customers with “reasonable cybersecurity measures” connected to the alleged breach. Read more at the Sun.

The U.S. government has ordered federal employees to update their Pixel devices before July 4 “or discontinue use of the product. This directive comes in the light of a HIGH severity vulnerability CVE-2024-32896. Google noted that CVE-2024-32896 “may be under limited, targeted exploitation.” You have 10 days to take action after that. Although the warning is aimed at government organisations, other businesses ought to follow suit and require complete staff compliance. Read the full story.

The social media handle of Indian Bank, Canara Bank, on X platform was hacked on June 22. The hacker changed the handle’s username to ‘ethè’, alarming users and banking authorities. So far, Canara Bank has not taken any action in response. A few days ago, Axis Bank experienced a similar cyber attack. During the incident, Axis Bank’s support handle on platform X was hacked, leading to unauthorized posts related to cryptocurrency. Read the full story.

Billionaire investor Mark Cuban claims that any email sent from his account “after 3.30pm” Pacific Standard Time on June 22 was not from him. “I just got hacked at my [email protected] because someone named Noah at your 650-203-0000 called and said I had an intruder and spoofed Google’s recovery methods,” Cuban wrote in a June 22 X post. This is usually done by tricking users into revealing personal information or account credentials by posing as an official employee of, in this case, Google. Read the full story.

A group that claims to have hacked CDK Global, the software provider to thousands of car dealerships in North America, has demanded tens of millions of dollars in ransom, according to a person familiar with the matter. CDK Global systems were hacked in Wednesday and the company is in the middle of an investigation or audit to gauge the damage. It may take days for all the systems to be restored as the threat actors behind the ransomware attack make a huge ransom demand. Read the full story at Bloomberg.

Last week, the US Government had banned Kaspersky. The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The sanctions, however, do not extend to Kaspersky Lab, its parent or subsidiary companies, nor the company’s founder and chief executive officer (CEO), Eugene Kaspersky. Read the full story.

The Qilin ransomware operator had targeted multiple NHS hospitals in London. This affected many surgeries as the data breach caused cancellations across many London hospitals. The attack took place on June 3, 2024. However, the impact of the attack is being felt even after 2 weeks as the attacked dumped patient data on the darkweb on Friday. Hundreds of operations and appointments are still being canceled more than two weeks after the June 3 attack on NHS provider Synnovis, which provides pathology services primarily in southeast London. Read the full story at Security Week.

A debt collection enterprise called Financial Business and Consumer Solutions (FBCS) has been impacted by a massive data breach that affects millions of Americans. FBCS is a debt collection agency that specializes in recovering charged-off consumer and commercial debts, such as car loans, health care bills, utility bills, student loans and credit cards. The data breach leaked a treasure trove of consumer data, including full name, Social Security number (SSN), date of birth, and driver’s license number or ID card. The company has informed affected individuals as well as concerned authorities. Read the full story.

The data breach at Australian telco Optus, which saw over nine million customers’ personal information exposed, has been blamed on a coding error that broke API access controls, and was left in place for years. “The cyber attack was not highly sophisticated or one that required advanced skills or proprietary or internal knowledge of Optus’s processes or systems. It was carried out through a simple process of trial and error.” Read the full story at The Register.

Car dealership software company CDK Global recently disclosed that it had been the target of a cyberattack, which is now being linked to the BlackSuit ransomware group. Due to this attack, there has been a major IT outage, which has disrupted vehicle dealerships all over North America. Information about the ransomware attack was leaked by several confidential sources, who said that CDK is presently negotiating with the attackers to obtain a decryptor and stop the theft of data from being leaked. This report comes after Bloomberg disclosed that CDK is in communication with the threat actors. Read the full story.

Related pages: