The UK’s privacy watchdog has recently issued a stern warning to the nation’s organizations to improve their data protection posture after revealing that over half of adults have had their personal information lost or stolen.  John Edwards, the information commissioner, revealed the figures, arguing that companies often forget the toll that data compromise can take on victims.  Edwards noted that 55% of adults have had their data lost or stolen, which amounts to about nearly 30 million people in the UK.

The Dutch National Police and partner law enforcement agencies have disrupted the "Redline" and "Meta" infostealers, collecting data that may reveal users who paid for the malware. Redline and Meta are infostealers that can steal victims' machine information, credit card data, browser history, cryptocurrency wallet credentials, and more. This article continues to discuss the disruption of the Redline and Meta infostealer operations.

Delta Air Lines has recently sued CrowdStrike, claiming the cybersecurity company had cut corners and caused a worldwide technology outage that led to thousands of canceled flights in July.  Delta says it is asking for compensation and punitive damages from the outage, which started with a faulty update sent to several million Microsoft computers.  Delta said the outage crippled its operations for several days, costing more than $500 million in lost revenue and extra expenses.

The San Francisco Municipal Transportation Agency (SFMTA) board has recently agreed to spend $212 million to get its Muni Metro light rail off floppy disks.  The Muni Metro's Automatic Train Control System (ATCS) has required 5¼-inch floppy disks since 1998.  The system uses three floppy disks for loading DOS software that controls the system's central servers.  The SFMTA approved a contract with Hitachi Rail to implement a new train control system that doesn't use floppy disks.

The National Security Agency (NSA) has issued an advisory to alert users to reboot their iPhones and Androids. Turning devices off and back on again can help with mobile security and to reduce the instances of cyber threats such as spear phishing and zer0-click exploits. While rebooting doesn’t solve all cyber threats, it is one precaution to take. This and other related advice was first issued in the NSA Telework and Mobile Security Guide which offers other actions to take such as using strong PINs and passwords, keeping software updated, and using 2 step authentication.

According to security researchers at Proofpoint, there has been a surge in online job scams targeting financially vulnerable individuals.  Known as “job scamming,” this new tactic mirrors the existing “pig butchering” fraud model but aims at a broader audience by preying on job seekers looking for remote, flexible work.  The researchers noted that while pig butchering scams typically focus on individuals with significant investment funds, these job scams seek smaller, faster payouts from financially struggling targets.

OnePoint Patient Care (OPPC), an Arizona-based hospice pharmacy that serves over 40,000 patients per day, recently started informing customers about a data breach impacting their personal information.  OPPC detected suspicious activity on its network on August 8, 2024. An investigation revealed a week later that before the cyberattack was detected, the hackers had obtained files containing personal information from OPPC systems. The company noted that the compromised data includes names, residence information, medical records, and information on prescriptions and diagnoses.

Insurance administrator Landmark Admin recently started notifying over 800,000 individuals that their personal information was stolen in a ransomware attack earlier this year.  Landmark discovered the unauthorized access to its systems on May 13, and the attackers regained entry to its network on June 17.

The Pwn2Own Ireland 2024 hacking competition organized by Trend Micro’s Zero Day Initiative (ZDI) has recently ended.  Participants have earned over $1 million for camera, printer, NAS device, smart speaker and smartphone exploits.  ZDI noted that on the first day of the event, white hat hackers earned a total of more than $500,000.

A potential disaster loomed in the Internet's encryption system for years, posing a threat to the security of organizations and individuals. In a collaborative effort, Princeton University researchers have addressed that threat, turning their research into a universal security standard recently adopted by global organizations. By adopting the Princeton standard, certification authorities have agreed to verify each website from multiple points instead of just one.