News

Marriott International Inc. confirmed on Wednesday July 6th that they had suffered a second data breach this year. Initial reports say that attackers stole a total of 20GB worth of data including some sensitive information such as credit card information, confidential business documents, and customer payment information Marriott is preparing to notify between 300 and 400 individuals about the data breach. Marriott hotels is not new to this situation. Earlier in 2020, Marriott hotels suffered...

The Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory suggesting North Korean state-sponsored cyber actors are using the Maui ransomware to target Healthcare and Public Health (HPH) Sector organisations in the US. The document, written by the CISA, the Federal Bureau of Investigation (FBI) and the Department of the Treasury, suggests that actors have been engaging in these campaigns since May 2021. The advisory reads, “North Korean state-sponsored cyber actors used Maui ransomware...

On Wednesday Apple announced the introduction of a new security setting for iOS 15, iPadOS 16, and macOS Ventura which would 'harden device defenses and strictly limits certain functionalities". Apple described the new feature, the Lockdown Mode, as an "extreme, optional protection" which is designed for the severe type of cyberattacks most people will never experience. Perhaps the greatest application of the Lockdown Mode will be against private company spyware the likes of Pegasus, the...

Pop-punk band Blink-182's drummer, Travis Barker, and UK rapper, Aitch, are among a host of artists set to launch new NFTs with LimeWire as the file sharing site relaunches as a crypto marketplace. Over the next month, the site will launch new collectibles on the marketplace alongside artists like Brandy. Travis Barker said “I have always been interested in Web3 and NFTs so I am pretty stoked to release my first NFT collection and to...

Researchers at CloudSEK have identified an extensive phishing campaign in which threat actors (TA) were impersonating the Ministry of Human Resources of the UAE government. Spotted through XVigil, the company's artificial intelligence (AI) digital risk monitoring platform, the new threat would target various government and corporate entities across the finance, travel, legal, hospital, oil and gas, and consultation industries. An advisory written by CloudSEK noted that: “The actors created a fake website that resembles the legitimate...

Last Thursday, June 30th, the California Department of Justice admitted that the personal information of all those who had been rejected or accepted for concealed carry permits from 2011 to 2021 was exposed. The California Department of Justice confirmed that among the affected departments were the state's Assault Weapon Registry, Handguns Certified for Sale, Dealer Record of Sale, Firearm Certificate Safety, and Gun Violence Restraining Order. The information made public included names, birthdates, gender, race,...

The recent abolition of the right to an abortion in the United States has raised questions about compliance for employers across the nation. Microsoft, Amazon, Google, and Facebook are central in this struggle between new laws and worker demands not just because of their size and social prominence but also because of the data they collect. The data that a company like Facebook collects on its users can significantly impact state police investigations into both...

Last week, the Cyber Police of Ukraine disclosed that it apprehended nine members of a criminal gang that embezzled 100 million hryvnias via hundreds of phishing sites that claimed to offer financial assistance to Ukrainian citizens as part of a campaign aimed at capitalising on the ongoing conflict. The agency said in a press statement that "criminals created more than 400 phishing links to obtain bank card data of citizens and appropriate money from their...

An anonymous threat actor is selling several databases which they claim contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins (approx. $195,000). The announcement was posted on a hacker forum by a user with the handle 'China Dan,' saying that the information was leaked from the Shanghai National police (SHGA) database. The information they shared about the allegedly stolen data suggests that these databases contain Chinese national...

The Netherlands Maastricht University has announced that an extended investigation into a ransomware attack in 2019 has finally resulted in the seizure of €500,000. Yet, what is remarkable is that Maastricht University only paid out €200,000 originally. In 2019 Maastricht University was hit by a wave of malware which paralyzed the campus. The attack prevented staff and students from accessing research data, email, or library resources. With no other immediate options open to them, the...