"Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums"

"Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums"

CloudSEK reports that a massive database containing the information of roughly 750 million individuals in India was offered for sale on the dark web earlier this month.  The company noted that the database, 1.8 terabytes in size, contains personal information such as names, mobile phone numbers, addresses, and Aadhaar details (the Aadhaar number is unique to an individual and serves for identification purposes).

Submitted by Adam Ekwall on

"1.5 Million Affected by Data Breach at Insurance Broker Keenan & Associates"

"1.5 Million Affected by Data Breach at Insurance Broker Keenan & Associates"

Insurance consulting and brokerage firm Keenan & Associates has recently started informing more than 1.5 million individuals that their personal information was stolen in an August 2023 cyberattack.  The company noted that the cyberattack was discovered on August 27, when disruptions occurred on some of its servers, and was contained within hours.  Keenan’s investigation into the cyberattack revealed that an unauthorized party gained access to certain Keenan internal systems at various times between approximately August 21, 2023 and August 27, 2023.

Submitted by Adam Ekwall on

"Student Team Works With Lockheed Martin to Enhance Cellular Security Networks"

"Student Team Works With Lockheed Martin to Enhance Cellular Security Networks"

With support from Lockheed Martin, a team of student researchers at Embry-Riddle Aeronautical University's Prescott Campus are developing a Cellular Intrusion Detection (CID) system aimed at detecting unwanted cellular devices in secure areas. Zachary Traynor, an Electrical Engineering senior, recently interned at Lockheed Martin, learning about multi-level security checks and clearances that protect confidential information and products.

Submitted by Gregory Rigby on

"Study: Smart Devices' Ambient Light Sensors Pose Imaging Privacy Risk"

"Study: Smart Devices' Ambient Light Sensors Pose Imaging Privacy Risk"

According to researchers from the Computer Science and Artificial Intelligence Laboratory (CSAIL) at the Massachusetts Institute of Technology (MIT), ambient light sensors are vulnerable to privacy threats when embedded in a smart device's screen. The team has presented a computational imaging algorithm to recover an image of the environment from the perspective of the display screen using these sensors' subtle single-point light intensity changes in order to show how hackers could use them in conjunction with monitors.

Submitted by Gregory Rigby on

"Proposed Law Aims to Boost Food and Agriculture Industry's Cyber Posture"

"Proposed Law Aims to Boost Food and Agriculture Industry's Cyber Posture"

The Farm and Food Cybersecurity Act would require the agriculture secretary to conduct a survey every two years on the state of cyber vulnerabilities and threats to the food and agriculture sectors, as well as collaborate with major intelligence community officials to perform exercises simulating industry-disrupting cyberattacks. According to the US Agency for International Development (USAID), cyberattacks on agriculture supply chains pose a significant threat to global food security because the sector's digitization enables hackers to disrupt farming equipment.

Submitted by Gregory Rigby on

"New Protocol Kills Dead Air for Quantum Communication - The Technique Can Boost Transmission Rates and Improve Security"

"New Protocol Kills Dead Air for Quantum Communication - The Technique Can Boost Transmission Rates and Improve Security"

Quantum communication transmission rates have been limited by the "dead time" of single-photon detectors. Researchers at LG Electronics in South Korea recently revealed a new protocol to improve transmission rates while also increasing security. The novel protocol introduces techniques for overcoming the limitations posed by single-photon detectors' dead time and channel loss.

Submitted by Gregory Rigby on

"DHS Employees Jailed For Stealing Data of 200K U.S. Govt Workers"

"DHS Employees Jailed For Stealing Data of 200K U.S. Govt Workers"

Three former Department of Homeland Security (DHS) employees have recently been sentenced to prison for stealing proprietary U.S. government software and databases containing the personal data of 200,000 federal employees.  The three individuals are Charles K. Edwards, a former Acting Inspector General of the DHS Office of Inspector General (DHS-OIG), sentenced to 1.5 years in prison; Sonal Patel, a member of the department IT staff, sentenced to 2 years of probation; and Murali Y. Venkata, also from the IT department, sentenced to 4 months in prison.

Submitted by Adam Ekwall on

"Energy Giant Schneider Electric Hit by Cactus Ransomware Attack"

"Energy Giant Schneider Electric Hit by Cactus Ransomware Attack"

Schneider Electric, the energy management and automation giant, has been targeted in a Cactus ransomware attack, resulting in data theft. Researchers discovered that the ransomware attack targeted the company's Sustainability Business division. The attack disrupted some of Schneider Electric's Resource Advisor cloud platform, which continues to experience outages today. The ransomware group allegedly stole terabytes of data during the cyberattack and is now extorting the company by threatening to leak the data if the demanded ransom is not paid.

Submitted by Gregory Rigby on

"Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang"

"Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang"

Researchers have discovered Faust, a new variant of the Phobos ransomware family, in the wild. According to Fortinet FortiGuard Labs, the latest variant of the ransomware is spread through an infection that delivers a Microsoft Excel document containing a VBA script. Security researcher Cara Lin says the attackers used the Gitea service to store several Base64-encoded files, each of which contained a malicious binary. These files trigger a file encryption attack when they are injected into a system's memory.

Submitted by Gregory Rigby on

"Global Critical Infrastructure Faces Relentless Cyber Activity"

"Global Critical Infrastructure Faces Relentless Cyber Activity"

According to Forescout, Operational Technology (OT) is under constant attack, with key protocols facing many persistent attacks. Many of the attacks involve protocols used in industrial automation and power sectors, such as Modbus, Ethernet/IP, Step7, DNP3, and more. Persistence tactics have increased by 50 percent from 3 percent in 2022. Although most observed commands used by threat actors are still aimed at generic Linux systems, there is a noticeable trend of specific commands executed for network operating systems on widely used routers.

Submitted by Gregory Rigby on
Subscribe to