The City of Helsinki, located in Finland, is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel. Though information about the attack was circulated on May 2, 2024, the city's authorities shared more details in a press conference recently. According to the authorities, an unauthorized actor gained access to a network drive after exploiting a vulnerability in a remote access server.

Years have passed since the identification of "Heartbleed," a critical OpenSSL vulnerability, but questions remain regarding branded vulnerabilities and the appropriate naming of vulnerabilities. Branding the serious OpenSSL vulnerability with a name and logo garnered media attention and raised awareness.

CISPA-Faculty Professor Dr. Cas Cremers, his postdoc Mang Zhao, and Dr. Eyal Ronen have developed a new security method for Zoom, one of the most popular software products for video conferencing. In their paper titled "Multi-Stage Group Key Distribution and PAKEs: Securing Zoom Groups against Malicious Servers without New Security Elements," they present a modified key exchange protocol. It is only performed between Zoom users and does not involve Zoom's servers. The process happens inside the software without user intervention.

The MITRE Corporation has made "EMB3D," a threat-modeling framework for vendors of embedded devices used in critical infrastructure environments, officially available. According to the non-profit corporation, the model aims to create a shared understanding of embedded device cyber threats and the security measures needed to mitigate them. The model's draft, developed in collaboration with Niyo 'Little Thunder' Pearson, Red Balloon Security, and Narf Industries, was released on December 13, 2023.

Firstmac Limited just started warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm. Firstmac is a significant player in Australia's financial services industry, focusing primarily on mortgage lending, investment management, and securitization services. The company is headquartered in Brisbane, Queensland, and employs 460 people. The firm has issued 100,000 home loans and currently manages $15 billion in mortgages.

Threat actors have been conducting Domain Name System (DNS) tunneling to track when targets open phishing emails and click on malicious links. They are also applying the method to scan networks for vulnerabilities.

Cyberattackers launching "Mallox" ransomware, also known as "Fargo," "TargetCompany," and "Mawahelper" have applied sophisticated methods, as shown by a recent Microsoft SQL (MS-SQL) honeypot incident. The Sekoia research team's honeypot was attacked by an intrusion set involving brute-force methods to deploy Mallox via PureCrypter, exploiting MS-SQL vulnerabilities. This article continues to discuss findings regarding the deployment of Mallox ransomware. 

A recent data breach faced by the Debt collection agency Financial Business and Consumer Solutions (FBCS) compromised the personal information of almost 2.7 million people. In an update to a filing with the Maine Attorney General's Office, FBCS revealed the identification of an additional 724,000 individuals affected by the breach, increasing the estimated impact to 2,679,555 people. This article continues to discuss new findings regarding the FBCS breach.

Security researchers at Security Research (SR) Labs have warned online shoppers to be on their guard after revealing news of an extensive network of fake e-commerce stores designed to steal victims’ card details and cash. Operated primarily from China, the researchers noted that the BogusBazaar network has processed over one million orders since 2021. The researchers estimated that over 850,000 shoppers have already fallen victim, mostly from Western Europe and the US.

Several vulnerabilities in cellular modem technology impact millions of Internet of Things (IoT) devices in financial services, telecommunications, healthcare, and other sectors. Telit Cinterion modems have Remote Code Execution (RCE) flaws. The most severe is a memory heap overflow vulnerability that lets remote attackers execute arbitrary code via SMS on affected devices. This article continues to discuss the vulnerabilities found in widely deployed Telit Cinterion modems.