The National Security Agency (NSA), together with the UK National Cyber Security Centre (NCSC-UK) and other partners, has released a Cybersecurity Advisory (CSA) titled "SVR Cyber Actors Adapt Tactics for Initial Cloud Access." The CSA describes how Russia-based cyber actors are changing their tactics, techniques, and procedures (TTPs) to infiltrate and access intelligence in cloud environments. The cyber actors, known as APT29, Midnight Blizzard, the Dukes, or Cozy Bear, are believed to be linked to the Russian foreign intelligence service (SVR).

In an update on January 22, LoanDepot estimated the number of potentially impacted individuals at 16.6 million without providing details on the type of personal information that might have been compromised.  Recently, the mortgage giant revised those numbers and announced that 16.9 million individuals were, in fact, impacted and that it has started sending out notification letters to them.

U-Haul has recently notified tens of thousands of customers that their personal data was compromised in a breach last year. The truck and trailer rental giant confirmed that 67,000 US and Canadian customers were impacted by the incident, which took place between July 20 and October 2 last year. The company says that it learned on December 5, 2023, that legitimate credentials were used by an unauthorized party to access a system U-Haul Dealers and Team Members use to track customer reservations and view customer records.

A new study introduces novel security schemes to address the growing security challenges with the Internet of Vehicles (IoV). The goal is to improve connected vehicles' integrity and resilience as smart technologies continue evolving to give vehicles greater autonomy and connectivity. Any connectivity involves security risks such as authentication breaches, data confidentiality breaches, and routing attacks, so the IoV must be made secure.

A new study titled "Post Hoc Security and Privacy Concerns in Mobile Apps: The Moderating Roles of Mobile Apps' Features and Providers" delves into how users' privacy and security concerns affect app usage, as well as whether elements such as privacy policies reduce these concerns. As talks regarding data leakage and mobile app security rise, users have become increasingly concerned about the level of privacy and security that mobile apps can provide. This article continues to discuss key findings and points from the study.

According to a new X-Force Threat Intelligence Index report, cyberattackers have shifted their focus from phishing to abusing valid accounts. Last year, X-Force, IBM's security research team, noticed cyberattackers increasingly targeting people's identities. For the first time, attacks using valid credentials made up nearly one-third of all incidents brought to X-Force's attention. This article continues to discuss cyberattackers increasingly abusing valid accounts.

A package on the Python Package Index (PyPI) repository has been updated after two years to spread Nova Sentinel, an information-stealing malware. According to the software supply chain security company Phylum, the package was first published to PyPI in April 2022. The company detected an anomalous update to the library on February 21, 2024. Although the linked GitHub repository has not been updated since April 10, 2022, a malicious update suggests that the developer's PyPI account has been compromised.

According to security researchers at Cybereason, almost four in five (78%) organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor.  Of the 78% breached a second time, 36% of perpetrators were the same threat actor, and 42% were a different attacker.  In total, 56% of organizations suffered more than one ransomware attack in the last 24 months.  During the study, the researchers surveyed over 1000 cybersecurity professionals.

According to an analysis of hundreds of cryptocurrency wallets linked to the LockBit ransomware operation, the gang behind it received over $125 million in ransom payments over the past 18 months. After the LockBit takedown in Operation Cronos, the National Crime Agency (NCA) in the UK, with help from the blockchain analysis company Chainalysis, identified over 500 active cryptocurrency addresses. Law enforcement obtained 30,000 Bitcoin addresses that were used to manage the group's profits from ransom payments.