- D.C. Board of Elections: Hackers may have breached entire voter roll – The District of Columbia Board of Elections (DCBOE) says that a threat actor who breached a web server operated by the DataNet Systems hosting provider in early October may have obtained access to the personal information of all registered voters.
- City of Philadelphia discloses data breach after five months – The City of Philadelphia is investigating a data breach after attackers “may have gained access” to City email accounts containing personal and protected health information five months ago, in May.
- Microsoft announces Security Copilot early access program – Security Copilot, Redmond’s AI-driven security analysis tool, makes it faster for security teams to counter threats using Microsoft’s global threat intelligence expertise and the latest large language models.
- Former NSA Employee Faces Life in Prison After Espionage Attempt – The ex-employee claimed that he believed the shared information would benefit Russia and harm the US.
- Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware – The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world.
- Hackers can force iOS and macOS browsers to divulge passwords and much more – iLeakage is practical and requires minimal resources. A patch isn’t (yet) available.
- Cyberwire – Ep 1935 | 10.26.23 – Some intelligence services understand the value of being underestimated.
- Smashing Security – 345: Cyber sloppiness, and why does Google really want to hide your IP address?