According to researchers, firmware vulnerabilities that may impact 95 percent of computers allow hackers to bypass boot security and execute malware upon startup. The flaws come from image parsers in Unified Extensible Firmware Interface (UEFI) system firmware that are used to load logo images on startup screens.

A new study published in the International Journal of Electronic Finance examined security issues related to personal data processing in the interconnected landscape. A team of academic researchers in India explored the complexities of data privacy and security, highlighting issues such as diverse data and sensors in mobile devices, the use of various identifiers, and consumer monitoring. One major source of concern has been the difficulty in enforcing data protection regulations within the mobile app ecosystem, like the General Data Protection Regulation (GDPR) rules.

A new publication from the National Institute of Standards and Technology (NIST) offers guidance on using a type of mathematical algorithm known as differential privacy to help data-centric organizations strike a balance between privacy and accuracy. Using differential privacy, the data can be made public without revealing the identities of the individuals in the dataset.

Cold storage and logistics giant Americold has recently confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware.  Americold employs 17,000 people worldwide and operates more than 24 temperature-controlled warehouses across North America, Europe, Asia-Pacific, and South America.

Toyota Financial Services (TFS) is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack.  Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers.  Following a claim from the Medusa ransomware gang about successfully compromising the Japanese automaker's division, the company confirmed that it detected unauthorized access on some of its systems in Europe and Africa.

The National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a Cybersecurity Technical Report (CTR) titled "Securing the Software Supply Chain: Recommended Practices for Managing Open Source Software and Software Bill of Materials." The CTR expands on the "Enhancing the Security of the Software Supply Chain through Secure Software Development Practices" paper.

According to WatchGuard, cybercriminals continue to prefer open remote access products or legitimate remote access tools for hiding their actions. Corey Nachreiner, CSO at WatchGuard, says threat actors are still using various tools and methods in their attack campaigns, thus making it essential for organizations to stay up to date on the latest tactics to strengthen their security strategy. Modern security platforms, which include firewalls and endpoint protection software, can provide improved network and device protection.

North Korean hackers continue to exploit Log4Shell, recently using that access to launch one of three new Remote Access Trojans (RATs) written in the "D" (dlang) programming language. The group "Andariel," also known as Onyx Sleet and Plutonium, is one of many entities under Lazarus. Andariel specializes in gaining initial access and maintaining persistence for longer-term espionage campaigns in support of the Kim Jung Un regime. Cisco Talos has observed three notable Andariel attacks since March. One was against a South American agriculture organization.

Kentucky healthcare organization Norton Healthcare started informing 2.5 million individuals that their personal information was compromised in a ransomware data extortion hack earlier this year. The company said the incident was identified on May 9, 2023, and involved unauthorized access to certain network storage systems for two days. Norton Healthcare runs 140 locations in Greater Louisville and Southern Indiana. The company determined that the attackers had exfiltrated files containing the personal information of current and former patients, employees, and dependents.

About 38 percent of applications using the Apache Log4j library are still vulnerable to security issues, including Log4Shell, a critical vulnerability with the highest severity rating. Log4Shell is a Remote Code Execution (RCE) flaw that enables complete control of systems running Log4j 2.0-beta9 and up to 2.15.0. On December 10, 2021, the flaw was discovered as an actively exploited zero-day, and its widespread impact, ease of exploitation, and security implications served as an invitation to threat actors.