Every week I publish interesting articles and ways to improve your understanding of cybersecurity. I’m back and what a week it was for cybersecurity news!
Projects
Videos
Articles
- Alabama State Department of Education Suffered a Data Breach Following a Blocked Attack – Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education.
- Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health – The Ransomhub ransomware gang has claimed the theft of 100GB of data from the Florida Department of Health.
- CISA Takedown of Ivanti Systems Is a Wake-up Call – The exploitation of vulnerabilities in Ivanti’s software underscores the need for robust cybersecurity measures and proactive response strategies to mitigate risks and protect critical assets.
- Evolve Bank Data Breach Impacts 7.6 Million People – Evolve Bank says personal information of more than 7.6 million individuals was compromised in a ransomware attack.
- Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events – In an ongoing extortion campaign against Ticketmaster, threat actors have leaked almost 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, Phish, Tate McCrae, and Foo Fighters.
- Neiman Marcus data breach: 31 million email addresses found exposed – A May 2024 data breach disclosed by American luxury retailer and department store chain Neiman Marcus last month has exposed more than 31 million customer email addresses, according to Have I Been Pwned founder Troy Hunt, who analyzed the stolen data.
- 10B Passwords Pop Up on Dark Web ‘RockYou2024’ Release – The passwords, dumped on a cyber-underground forum on July 4 by a hacker called “ObamaCare,” were collected from a variety of older and more recent breaches.
- Hacker Busted for ‘Evil Twin’ Wi-Fi That Steals Airline Passenger Data – Australian cops arrest man found with a portable Wi-Fi access device in his carry-on luggage, allegedly used for standing up scam Wi-Fi networks on flights.
- Formula 1 governing body discloses data breach after email hacks – FIA (Fédération Internationale de l’Automobile), the auto racing governing body since the 1950s, says attackers gained access to personal data after compromising several FIA email accounts in a phishing attack.
- Proton launches free, privacy-focused Google Docs alternative – Proton has launched ‘Docs in Proton Drive,’ a free and open-source end-to-end encrypted web-based document editing and collaboration tool.
- City of Philadelphia says over 35,000 hit in May 2023 breach – The City of Philadelphia revealed that a May 2024 disclosed in October impacted more than 35,000 individuals’ personal and protected health information.
- 5 Tips to Minimize the Costly Effects of Data Exfiltration – The more sensitive data an organization collects, the more at risk it is to a cyberattack. Here’s how to limit the damage.
- Fujitsu says “advanced” malware was to blame for cyberattack, confirms customer data leaked – It wasn’t ransomware, since the malware tried hard to remain hidden
- Advance Auto Parts: 2.3M people’s data accessed when crims broke into our Snowflake account – Letters from CISO Ethan Steiger suggest the data related to job applications
- Massive AT&T data breach exposes call logs of 109 million customers – AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company’s Snowflake account.
- Rite Aid confirms data breach after June ransomware attack – Pharmacy giant Rite Aid confirmed a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation.
- Australian Spycatchers Snatch Pair of Married Russian Operatives – Both are accused of espionage and face a maximum penalty of 15 years imprisonment each for their crimes.
Podcasts
- Smashing Security – 379: Private nights, evil twins, and crypto home invasions