08-10-2023, 01:35 AM
The U.K Electoral Commission disclosed a breach it identified last year in October, which unexpectedly tore asunder the privacy of 40 million voters. The breach impacted their personal data. LockBit has made some grand claims of breaching Varian Medical Systems and threatened to leak the stolen data unless a ransom is delivered. In other news, researchers spotted a phishing platform that is targeting Microsoft 365 accounts. Here are the top 10 highlights from the past 24 hours.
01
The U.K Electoral Commission disclosed a massive data breach, which exposed the personal data, email and physical addresses, phone numbers, and electoral registry entries of 40 million voters who registered between 2014–2022.
02
The LockBit ransomware group claimed to have breached Varian Medical Systems and threatened to leak the medical data of cancer patients. The group allegedly possesses all databases and patient data and has given a deadline of August 17.
03
A data breach affecting the Police Service of Northern Ireland (PSNI) compromised the names, ranks, and other personal information of thousands of employees, including the surnames of over 10,000 staff.
04
INTERPOL successfully shut down the phishing-as-a-service platform"16shop" that was used to compromise 70,000 users across 43 countries. Over 150,000 phishing pages were created using the platform to steal personal details from users.
05
The Japanese government published a report that acknowledged a breach of classified military networks by a Chinese cyberespionage group in 2020, compromising sensitive information about defense plans and capabilities.
06
ASEC identified malware disguised as coin exchange and investment-related files. The malware, suspected to be created by the Kimsuky group, is distributed through executable files and Word documents.
07
Proofpoint came across EvilProxy, a phishing platform, being used in a large-scale campaign targeting MFA-protected Microsoft 365 accounts, with over 120,000 phishing emails sent to organizations, primarily impacting high-ranking executives.
08
In a study of Kubernetes clusters associated with 350 organizations, including Fortune 500 companies, Aqua Nautilus found that 60% of them were breached and had an active campaign with deployed malware and backdoors. The breaches were due to two misconfigurations.
09
Autonomous security testing solutions provider Horizon3 AI raised $40 million in a Series C funding round led by Craft Ventures, with participation from Signal Fire.
10
Data management company Rubrik announced the acquisition of data security posture management startup Laminar for over $100 million in cash and stock.
01
The U.K Electoral Commission disclosed a massive data breach, which exposed the personal data, email and physical addresses, phone numbers, and electoral registry entries of 40 million voters who registered between 2014–2022.
02
The LockBit ransomware group claimed to have breached Varian Medical Systems and threatened to leak the medical data of cancer patients. The group allegedly possesses all databases and patient data and has given a deadline of August 17.
03
A data breach affecting the Police Service of Northern Ireland (PSNI) compromised the names, ranks, and other personal information of thousands of employees, including the surnames of over 10,000 staff.
04
INTERPOL successfully shut down the phishing-as-a-service platform"16shop" that was used to compromise 70,000 users across 43 countries. Over 150,000 phishing pages were created using the platform to steal personal details from users.
05
The Japanese government published a report that acknowledged a breach of classified military networks by a Chinese cyberespionage group in 2020, compromising sensitive information about defense plans and capabilities.
06
ASEC identified malware disguised as coin exchange and investment-related files. The malware, suspected to be created by the Kimsuky group, is distributed through executable files and Word documents.
07
Proofpoint came across EvilProxy, a phishing platform, being used in a large-scale campaign targeting MFA-protected Microsoft 365 accounts, with over 120,000 phishing emails sent to organizations, primarily impacting high-ranking executives.
08
In a study of Kubernetes clusters associated with 350 organizations, including Fortune 500 companies, Aqua Nautilus found that 60% of them were breached and had an active campaign with deployed malware and backdoors. The breaches were due to two misconfigurations.
09
Autonomous security testing solutions provider Horizon3 AI raised $40 million in a Series C funding round led by Craft Ventures, with participation from Signal Fire.
10
Data management company Rubrik announced the acquisition of data security posture management startup Laminar for over $100 million in cash and stock.