attack

“Global Announcement: Mercenary Attacks Targeting Apple Users Conveyed to 92 Countries”

Gettyimages 528771760
Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that may have been targeted by mercenary spyware attacks. The company sent the alerts to individuals in 92 nations at 12pm Pacific Time on Wednesday. “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-,” the company wrote in the warning to customers. “This attack is likely targeting you specifically because of who you are or what you do. Although it’s never possible to achieve absolute certainty when detecting such attacks, Apple has high confidence in this warning — please take it seriously.”The iPhone-maker sends these notifications multiple times a year and has notified users in over 150 countries since 2021, it wrote in an updated support page.

“EDPS Alerts: Europe’s Privacy Principles Threatened by Rapid AI Advancements”

Gettyimages 1271697775
The European Data Protection Supervisor (EDPS) has warned key planks of the bloc’s data protection and privacy regime are under attack from industry lobbyists and could face a critical reception from lawmakers in the next parliamentary mandate. Any shift of approach by incoming lawmakers could have implications for the bloc’s high standard of protection for people’s data. But he particularly highlighted industry lobbying, especially complaints from businesses targeting the GDPR principle of purpose limitation. Wiewiórowski did not explicitly blame generative AI for driving the “strong attacks” on the GDPR’s purpose limitation principle. So any AI-driven weakening of EU data protection laws in the near term is likely to have long term consequences for citizens’ human rights.

“SMBs Secure $100M Investment in Coro’s Cybersecurity Solution, Valued at $750M”

Gettyimages 1197780051 1
Now, Coro — one of the startups building tools specifically for smaller businesses — is announcing a big round of funding after seeing its recurring revenues shoot up 300% in the last year. Sources close to the deal tell TechCrunch that its valuation is over $750 million post-money. And among SMBs responding to a survey from Digital Ocean, 74% named data privacy a top concern. The opportunity in the security market for SMBs that Coro has identified is that these businesses typically lack the teams and internal IT budgets to dedicate to building and managing their defenses. Its round last year, in April 2023, was $75 million at a $575 million valuation (also post-money).

Microsoft Reports ‘Ongoing Attack’ by Russian Hackers

Gettyimages 452481358
On Friday, Microsoft said Russian government hackers continue to break into its systems using information obtained during a hack last year. This time, the Russian hackers dubbed Midnight Blizzard have targeted Microsoft’s source code and other internal systems, the company said. This has included access to some of the company’s source code repositories and internal systems,” Microsoft wrote in a blog post. This new intrusion comes after Microsoft revealed in January that Russian government hackers had broken into the company’s systems last November. Midnight Blizzard is believed to be a hacking group working for Russia’s Foreign Intelligence Service, known by its Russian initials, SVR.

Possible alternatives: 1. Interruption in Production: Tesla’s Berlin Plant Temporarily Ceases Operations Due to Suspected Arson Attack and Power Outage 2. Security Incident Halts Tesla Factory Operations in Berlin, Germany 3. Power Cut and Suspected Arson Strike Tesla’s

0x0 Giga Berlin 01
Tesla’s factory outside Berlin, Germany will likely be shut down for days and cost the automaker more than $100 million, after a suspected arson attack on the local power grid. The fire didn’t spread to Tesla’s factory and nobody was harmed, though employees were evacuated. A purported activist organization calling itself the “Volcano Group” took credit for the fire in a letter posted online Tuesday. The same group took credit for a similar fire near the site in 2021. Last month, Tesla’s plan to expand the factory was also voted down by the public.

US Prescription Filling Hindered by Ransomware Attack on Change Healthcare System

Unitedhealth Change Uhc Uhg Optum Breach Ransomware
A spokesperson for Change Healthcare did not immediately respond to a request for comment. Change Healthcare is an American healthcare tech giant and one of the country’s largest processors of prescription medications, handling prescriptions and billing for more than 67,000 pharmacies across the U.S. healthcare system. The healthcare tech giant handles 15 billion healthcare transactions annually — or about one-in-three U.S. patient records. Change Healthcare merged with healthcare provider Optum in 2022 as part of a $7.8 billion deal under UnitedHealth Group. The cyberattack at Change Healthcare began on February 21 early on the U.S. East Coast, causing widespread outages at pharmacies and healthcare facilities.

** Warning: High-Risk Exploit of ConnectWise Vulnerability Poses Harm, Researchers Claim

Connectwise Flaw Huntress Security
Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit “I can’t sugarcoat it — this shit is bad," said Huntress' CEOSecurity experts are warning that a high-risk vulnerability in a widely used remote access tool is “trivial and embarrassingly easy” to exploit, as the software’s developer confirms malicious hackers are actively exploiting the flaw. The maximum severity-rated vulnerability affects ConnectWise ScreenConnect (formerly ConnectWise Control), a popular remote access software that allows managed IT providers and technicians to provide real-time remote technical support on customer systems. Cybersecurity company Huntress on Wednesday published an analysis of the actively exploited ConnectWise vulnerability. ConnectWise also released a fix for a separate vulnerability affecting its remote desktop software. The U.S. agencies also observed hackers abusing remote access software from AnyDesk, which was earlier this month forced to reset passwords and revoke certificates after finding evidence of compromised production systems.

“Mastodon Vulnerability Exposed: How a Rivalling Spam Raid on Twitter/X Spotlights the ‘Fediverse'”

Moz Whatismastodon 1200x800 1 1 2048x1365 1
A spam attack that impacted the open source X rival Mastodon, Misskey, and other apps highlights how the decentralized social web, also known as the Fediverse, is open to abuse. Over the past several days, attackers have targeted smaller Mastodon servers, taking advantage of open registrations to automate the creation of spam accounts. While this is not the first spam attack that has impacted the Fediverse, Rochko notes that only larger servers like Mastodon.social had been targeted previously. The spam attack highlighted one of the weaknesses that comes with how the Fediverse is structured. It makes me want to walk away and give up,” wrote one Mastodon server admin sam@urbanists.social.

Russian Citizen Accused of Masterminding Medibank Ransomware Attack Faces US Sanctions

Medibank
The U.S. government sanctioned a Russian national for allegedly playing a “pivotal role” in the ransomware attack against Australian health insurance giant Medibank that exposed the sensitive information of almost 10 million patients. The breach is believed to have impacted several high-profile Medibank customers, including senior Australian government lawmakers. The U.S. Treasury Department sanctioned Ermakov shortly after the Australian government imposed first-of-its-kind sanctions against the Russian national. According to the U.S. Treasury, REvil ransomware has been deployed on approximately 175,000 computers worldwide, garnering at least $200 million in ransom payments. The FSB’s surprise operation came just months after the U.S. Department of Justice charged a 22-year-old Ukrainian citizen linked to the REvil ransomware gang due to his alleged role in the Kaseya attack.

Second week of LoanDepot outage continues following ransomware attack

Loandepot Cybersecurity Incident Loan 1
LoanDepot customers say they have been unable to make mortgage payments or access their online accounts following a suspected ransomware attack on the company last week. Users on social media and forums discussing the incident say they have struggled to access their account information or submit payments. LoanDepot’s updating cyber incident page says several LoanDepot customer portals returned online as of Thursday, albeit with limited functionality. When reached by email, LoanDepot spokesperson Jonathan Fine declined to comment, but did not dispute that the incident was linked to ransomware. LoanDepot has not yet updated regulators on the company’s recovery since its initial disclosure to the SEC on January 8.