Massive AT&T Data Breach Exposes Call Logs of 109 Million Customers
AT&T customer data was illegally downloaded from a third-party cloud platform, including phone call and text message records of customers from specific dates. The company has engaged cybersecurity experts, secured the access point, and is working with law enforcement. The stolen data did not include call or text content, timestamps, or sensitive personal information, but AT&T is notifying affected customers and enhancing security measures to prevent future breaches.
Akira Ransomware: Lightning-Fast Data Exfiltration in 2-ish Hours
The Akira ransomware gang managed to exfiltrate data from a Latin American airline’s Veeam server in just over two hours, showcasing a rapid progression from initial access to data theft. The attackers leveraged legitimate tools like WinSCP and Advanced IP Scanner to carry out reconnaissance and move data out of the environment covertly. This incident underscores the shrinking time-to-exfiltration trend in cyber attacks, emphasizing the importance of implementing robust security measures and basic hygiene steps to defend against such rapid threats.
NATO to Create Its Own Cyber Defense Center
NATO has announced the creation of the NATO Integrated Cyber Defence Centre (NICC) at its headquarters in Belgium to enhance the protection of allied cyberspace operations. The NICC will alert military commanders to potential cyber threats and involve both civilian and military personnel as well as cybersecurity experts to improve situational awareness and resilience. This initiative comes amid a surge in politically motivated cyberattacks, particularly from Russian nation-state and hacktivist groups, emphasizing the need for robust cyber defenses.
U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation
The U.S. Department of Justice seized two domains and investigated social media accounts used by Russian threat actors to spread pro-Kremlin disinformation. The bot network, aided by Russian state-owned media and intelligence organizations, utilized AI-powered software to create fake personas promoting Russian government objectives. This marks the first public accusation of a foreign government using AI in an influence operation, while other countries like Iran and China are also engaging in aggressive foreign influence efforts.
Multiple DeFi Protocols Targeted by Wallet Drainers
Multiple DeFi protocols, including major projects like Compound, experienced a phishing attack that hijacked their domains to redirect users to malicious sites designed to drain funds from connected wallets. While Compound confirmed that their site is now secure and no smart contracts were compromised, they advised users to restart browsers and revoke approvals as a precaution. Crypto security firm Blockaid linked the attack to DNS hijacking on SquareSpace-hosted projects, estimating over 120 potentially vulnerable domains, with further investigation underway.
Dr Bronner’s, known for its multi-purpose ‘magic soap,’ announced a data security incident that may have exposed personal information, including full names. While the specifics and scope of the breach remain unclear, the company has secured its network, launched an investigation, and involved third-party cybersecurity experts. Affected individuals are being offered complimentary credit monitoring services and fraud assistance to mitigate potential misuse of their personal data.
Rite Aid confirms data breach after June ransomware attack
Rite Aid, the third-largest drugstore chain in the U.S., confirmed a data breach following a cyberattack in June by the RansomHub ransomware operation. The breach compromised customer information, but Rite Aid stated that no health or financial data was impacted. RansomHub, a threat group known for data theft extortion, claimed responsibility for the attack and threatened to leak stolen data if ransom negotiations failed.
Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.