Blog
List of US Telecom Companies Breached by Salt Typhoon Grows
Add Charter Communications, Consolidated Communications and Windstream to the list of US telecom companies compromised by the Salt Typhoon hacking campaign.
Stolen API Key Provided Chinese State-Sponsored Hackers With Opening Into US Treasury Department Workstations
Officials from the US Treasury Department have said that the Chinese state-sponsored hackers used a stolen API key, taken from a third-party security and technical support contractor.
Stolen Crypto Haul for North Korean Hackers Totals $1.34 Billion in 2024
North Korean hackers have set another record for themselves in 2024, topping all previous campaigns with $1.34 billion of stolen crypto.
Pegasus Spyware Found to Have Violated Hacking Laws in WhatsApp Lawsuit
Meta has prevailed in a long-running lawsuit centered on the NSO group’s use of WhatsApp to deliver its Pegasus spyware, and the judge is not only awarding damages but has found that both state and federal hacking laws were violated.
600 Stolen Passwords From UK Ministry of Defence Appear on Dark Web, Attributed to Russian Hackers
Russian hackers have been taking passwords from the UK’s Ministry of Defence (MoD) for at least the past four years, though the campaign has been rather slow; only about 600 stolen passwords of the roughly 250,000 users of the Defence Gateway portal.
Supply Chains in the News Once Again as Ransomware Attack on Blue Yonder Disrupts Retail Clients
Blue Yonder, which provides supply chain software to many household name brands, went offline for an extended period due to a late November ransomware attack. Extended lack of access to the supply chain software causing customers like Starbucks assorted problems.
Finastra Data Breach: Fintech Giant Confirms Data Exfiltration, Some Customers May Be Impacted
Leading fintech services provider Finastra has confirmed that 400 GB of stolen data offered on BreachForums is connected to a real data breach, though it is still not certain exactly how much legitimate information the hacker is offering or exactly what it consists of.
New T-Mobile Hack Report Raises Count for Salt Typhoon Cyber Espionage Group
With the reveal of the T-Mobile hack, the Salt Typhoon cyber espionage campaign officially compromised all three of the “big” US mobile carriers. That is an extremely concerning level of access, particularly considering that the hackers were apparently able to maintain access for months without being spotted.
Data Broker That Scraped Hundreds of Millions of Records Loses Data to Hack
The data broker, DemandScience, has only just now confirmed it was the source of 122 million records offered for sale on BreachForums earlier in the year. However, DemandScience insists that it has not detected an internal breach and that the data must have been taken from a contractor or partner.
Third Party Breach of MOVEit Vulnerability Hits Amazon, Employee Data Remains at Risk
With a total of five million records on offer, and over half of those belonging to Amazon, the third party breach is definitely a matter of concern. However, statements from both Amazon and the hacker indicate that the stolen employee data did not contain highly sensitive information.