Authorities in the UK recently made two arrests in an investigation into a large smishing campaign relying on an illegal phone mast.  The suspects were located in Manchester and London and allegedly used a homemade mobile antenna to send thousands of phishing SMS messages to unsuspecting individuals.  The police noted that the messages were crafted to mimic those of banks and other official organizations, and the illegal SMS blaster allowed the perpetrators to bypass the protections put in place by mobile phone networks to block suspicious text messages.

According to a new study by Bitdefender, over 70% of cybersecurity professionals often have to work weekends to address security concerns in their organizations.  The company noted that this intense workload appears to correlate strongly with job dissatisfaction, with around two-thirds (64%) of the 1200 cyber professionals surveyed stating that they are planning on looking for a new job in the next 12 months.  In the US, the figures were 70.2% (work weekends) and 62.2% (looking for a new job), respectively.

MITRE says the next presidential administration must prepare the US for quantum computing that can outperform current encryption methods. In a recent advisory document, MITRE calls on the next presidential administration to prioritize quantum computing advances, critical infrastructure protections, cyber leadership roles, and implementing a Zero Trust (ZT) framework for the federal government. Current cryptographic systems use complex mathematical algorithms that traditional computers find difficult to solve.

The University of Arkansas is leading a collaborative effort with several universities, laboratories, and industry partners to strengthen solar inverter cybersecurity as part of a US Department of Energy (DOE) project. Solar inverters are key in the conversion of the Direct Current (DC), generated by solar panels, into Alternating Current (AC) for households and the energy grid. However, as the solar energy landscape evolves, so do cybersecurity threats. This article continues to discuss the project aimed at bolstering the cybersecurity measures of solar inverters.

A ransomware attack on the pathology and diagnostic services provider Synnovis, which disrupted operations at several London healthcare organizations, has prompted the UK National Health Service (NHS) to issue an urgent call for O-type blood donations. A ransomware attack forced affected hospitals to cancel some procedures and redirect patients. The Qilin ransomware gang is believed to have been behind the attack. This article continues to discuss the UK NHS issuing an urgent call for O-type blood donations following the recent ransomware attack that hit several London hospitals.  

Abnormal Security found that hacking groups still prefer phishing. In its latest report, "Email Security Threats in Europe: Insights into Attack Trends," the email security provider discovered that phishing attacks targeting organizations in Europe rose 112.4 percent between April 2023 and April 2024. The US saw a 91.5 percent increase. Business Email Compromise (BEC) is rising, with BEC attacks faced by US businesses increasing by 72.2 percent and by 123.8 percent for European businesses. This article continues to discuss key findings from Abnormal Security on email security threats.

BlackBerry is investigating a dark web sale of Cylance data, but the company says the data appears old and not from its systems. Last week, Dark Web Informer reported that a threat actor wants $750,000 for data allegedly belonging to customers, partners, and employees of BlackBerry's Cylance cybersecurity unit. The cybercriminals claim to have 34 million customer and employee emails. They also claim to have Personally Identifiable Information (PII), sales prospects, and user and partner lists. This article continues to discuss the Cylance data being offered for sale on the dark web.

Enterprise software maker SAP recently released ten new and two updated security notes as part of its June 2024 Security Patch Day.  The latest patches include two high-priority security notes, the most severe of which addresses a cross-site scripting (XSS) bug in Financial Consolidation.  The first high-priority security note addresses two XSS flaws in SAP’s product, collectively tracked as CVE-2024-37177 (CVSS score of 8.1).

According to a group of researchers, Microsoft's Visual Studio Code (VSCode) extensions marketplace has malicious uploads and poor security. In May, the team conducted an experiment in which they hacked over 100 organizations with a typosquatted version of a popular VSCode extension. During their study of the marketplace, they found many security design flaws implemented by Microsoft that allow threat actors to gain credibility and access. This article continues to discuss findings from the group's research on Microsoft's VSCode extensions marketplace.

According to Mandiant, a cyber threat actor is suspected of stealing a large amount of customer data from the data warehousing platform Snowflake. UNC5537, a financially motivated threat actor, is advertising the stolen data on cybercrime forums and trying to extort many victims. About 165 organizations that use Snowflake have been notified that they may have been exposed. The threat actor is said to be compromising Snowflake customer instances using stolen credentials. This article continues to discuss UNC5537's targeting of Snowflake customer instances for data theft and extortion.