The Akira ransomware gang recently claimed it breached the network of Nissan Australia, the Australian division of Japanese car maker Nissan.  In a new entry added to the operation's date leak blog on December 22, Akira says it allegedly stole around 100GB of documents from the automaker's systems.  The attackers have threatened to leak sensitive business and client data online, as ransom negotiations with Nissan failed after the company either refused to engage or pay the ransom.

OpenAI has addressed a ChatGPT data exfiltration bug that could leak conversation details to an external URL. However, the mitigation is not perfect, according to security researcher Johann Rehberger, who discovered the flaw. According to Rehberger, attackers can still exploit it under certain conditions. The safety checks for ChatGPT have also yet to be implemented in the iOS mobile app, so the threat on that platform remains unaddressed. This article continues to discuss the ChatGPT data leak vulnerability and OpenAI's fix for it.

A threat actor called UAC-0099 has been linked to attacks against Ukraine, some of which exploit a high-severity flaw contained by WinRAR software to deliver the LONEPAGE malware strain. According to researchers at Deep Instinct, the threat actor targets Ukrainian employees in companies based outside of Ukraine. The Computer Emergency Response Team of Ukraine (CERT-UA) first documented UAC-0099 in June 2023, describing its attacks against state organizations and media entities for espionage purposes.

An unidentified threat actor conducted various social engineering campaigns against American and Canadian organizations in different industries to infect them with the multifaceted DarkGate malware. Proofpoint researchers could not determine whether the perpetrator dubbed "BattleRoyal" is a completely new actor or related to existing ones, partly because of the number of tactics, techniques, and procedures (TTPs) used.

According to Zscaler, threats over HTTPS have increased by 24 percent since 2022, highlighting the sophistication of cybercriminal tactics that target encrypted channels. Manufacturing was the most commonly targeted industry for the second year in a row, with education and government organizations experiencing the most significant year-over-year increase in attacks. In addition, malware, including malicious web content and malware payloads, continued to conquer other types of encrypted attacks.

Ubisoft just started investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online.  Ubisoft is a French video game publisher known for well-known titles, including Assassin's Creed, FarCry, Tom Clancy's Rainbow Six Siege, and the new Avatar: Frontiers of Pandora.  Security researchers at VX-Underground say an unknown threat actor told them they breached Ubisoft on December 20th.  Once inside the company's systems, the unknown threat actor said they planned to exfiltrate around 900GB of data.

Europol has recently notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases.  Skimmers are small snippets of JavaScript code added to checkout pages or loaded from a remote resource to evade detection.  Europol noted that they are designed to intercept and steal payment card numbers, expiration dates, verification numbers, names, and shipping addresses and then upload the information to the attackers' servers.

UK telco EE has recently warned customers they could be deluged with millions of scam SMS messages on December 23 as fraudsters look to capitalize on last-minute Christmas shopping.  The mobile operator claimed that the equivalent day last year saw it block three million text message scams (aka “smishing”), the highest daily number in 2022.  The copany warned that this year the figure could reach as high as five million.

The Donald W. Wyatt Detention Facility in Rhode Island has recently disclosed a data breach impacting the personal information of roughly 2,000 inmates, staff, and vendors.  According to the correctional facility, the incident occurred in November, involving malware being deployed on its computer systems and data theft.  It was noted that the investigation into the matter revealed that the attackers compromised the personal information of more than 1,450 detainees, over 430 current and former staff members, and roughly 90 outside vendors.