The Iranian hacker collective known as ‘CyberAvengers’ has claimed responsibility for recent power outages in Yavneh, Israel. While Israeli authorities have not confirmed a hacking attack, the mayor of Yavneh has called for urgent action due to substantial material damage and financial losses. This incident highlights the need to prioritize cybersecurity, especially in critical infrastructure, as the region faces the risk of escalating into a full-scale war.
Genetic company 23andMe has confirmed a breach in the security of some customer data, with hackers obtaining the information by guessing login credentials. The compromised data, which includes details of approximately one million Ashkenazi Jews and a significant number of users of Chinese descent, was shared on a hacking forum and is now being sold for prices ranging from $1 to $10. The company is still investigating the extent of the data leak and the motives behind the attack.
The US cybersecurity agency CISA and the NSA have issued guidance on addressing the most common cybersecurity misconfigurations in large organizations. These misconfigurations include default software configurations, improper separation of privileges, lack of network segmentation, poor patch management, and more. CISA and the NSA recommend implementing secure-by-design principles, reducing the prevalence of these weaknesses, and testing security programs against threat behaviors.
According to Microsoft’s latest Digital Defense Report, the US, Ukraine, and Israel are the most frequent targets of cyberespionage and cybercrime attacks. The report reveals that these attacks were fueled by nation-state spying and influence operations, with over 40% of the attacks targeting critical infrastructure organizations. State-sponsored threat actors are increasingly using propaganda to undermine democratic institutions and manipulate national and global opinion, while also employing AI to improve influence operations. The report also highlights a significant increase in human-operated ransomware attacks and data exfiltration following compromise, as well as an increase in password-based and multi-factor authentication fatigue attacks.
MGM Resorts has reported that the costs associated with a ransomware attack last month have exceeded $110 million. The attack caused operational disruptions and resulted in an estimated $100 million in lost revenue. While customer bank account numbers and payment card details were not compromised, personal information including names, contact information, and Social Security numbers were stolen by the hackers.
The Westport Police have recovered $3 million worth of Bitcoin stolen by Pakistani scammers after a local resident fell victim to a scam. The victim transferred funds to a cryptocurrency account and reported that over $3 million worth of Bitcoin was withdrawn and moved to wallets they had no control over. The Westport Police collaborated with the Connecticut State Police Organized Crime Task Force to trace the transactions and freeze the accounts linked to the scam, successfully recovering the stolen cryptocurrency.
Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.