LinkedIn News

Health Insurance

Media & Entertainment

Customer Success

Biotech & Health

Education Technology

Human Resources

Telecommunications

Music Streaming

Entrepreneurship

Cloud Computing

Web Development

Renewable Energy

Renewable Power

Consumer Technology

Agriculture Tech

Machine Learning

Software Development

Environmental Health

Mergers and Acquisitions

Business Development

Government & Policy

Electric Vehicles

DOJ and FBI Eradicate Chinese Malware from Thousands of US Systems

DOJ and FBI Eradicate Chinese Malware from Thousands of US Systems

U.S. authorities have confirmed a successful operation to eliminate malware linked to the Chinese hacking group 'Twill Typhoon,' which had infiltrated millions of computers globally. The Department of Justice and FBI deleted the 'PlugX' malware from over 4,200 infected devices in the U.S. during a court-authorized action in August 2024. The operation, led by French authorities and cybersecurity firm Sekoai, targeted a malware that has been in use since 2012. The U.S. Justice Department accused the Chinese government of sponsoring this cyber espionage. Significant targets included government and private organizations worldwide.

Created at: January 14, 2025 5:00pm

UK Proposes Ban on Ransom Payments in Public Sector Amid Rising Cyber Threats

UK Proposes Ban on Ransom Payments in Public Sector Amid Rising Cyber Threats

The U.K. government has launched a consultation proposing a ban on public sector organizations from making ransom payments to cybercriminals. This targeted ban aims to disrupt the financial model of ransomware attacks following a surge in incidents, including a significant breach affecting NHS patient data. Security Minister Dan Jarvis emphasized the need to protect national security, citing an estimated $1 billion flowing to ransomware criminals globally. The proposal also includes making ransom payments a criminal offense for critical infrastructure organizations and introducing mandatory reporting for cyber incidents.

Created at: January 14, 2025 1:30pm

North Korean Hackers Stole $659M in Crypto Heists During 2024

North Korean Hackers Stole $659M in Crypto Heists During 2024

In a rare joint statement, the United States, Japan, and South Korea revealed that North Korean-backed hackers stole over $659 million in cryptocurrency through multiple heists in 2024. This includes a significant $235 million breach of WazirX, India's largest cryptocurrency exchange. The Lazarus Group was identified as the primary perpetrator, employing social engineering and malware to infiltrate exchanges. Additionally, North Korean IT workers were reported to be posing as job seekers to gain access to blockchain companies. The governments urged private sector entities to enhance their cyber threat mitigation measures.

Created at: January 14, 2025 1:30pm

Data Breach at Gravy Analytics Exposes Millions' Location Data

Data Breach at Gravy Analytics Exposes Millions' Location Data

A significant data breach at Gravy Analytics has compromised the privacy of millions by exposing over 30 million location data points collected from popular apps. The hacker claims to have stolen several terabytes of data, revealing sensitive information about users, including those near military facilities. Unacast, Gravy's parent company, reported the breach to data protection authorities after discovering a misappropriated key was used to access its Amazon cloud environment. The situation raises serious concerns about data brokers and their impact on personal privacy, especially following recent regulatory actions against Gravy Analytics.

Created at: January 13, 2025 1:00pm

Nominet Faces Cybersecurity Incident Tied to Ivanti VPN Exploit

Nominet Faces Cybersecurity Incident Tied to Ivanti VPN Exploit

Nominet, the U.K. domain registry for .co.uk domains, has confirmed a cybersecurity incident linked to a vulnerability in Ivanti's VPN software. The breach was made possible through a zero-day exploit, leaving Nominet unable to apply necessary patches in time. In communication with customers, Nominet reported an ongoing investigation but stated there is currently no evidence of data leakage. Ivanti has acknowledged the widespread nature of the vulnerability, although it has not disclosed the number of impacted clients. Nominet has restricted VPN access while it continues its investigation.

Created at: January 13, 2025 12:30pm

Microsoft Files Lawsuit Against Group for Illicit AI Service Abuse

Microsoft Files Lawsuit Against Group for Illicit AI Service Abuse

Microsoft has initiated legal proceedings against an unnamed group accused of exploiting its Azure OpenAI Service by creating tools to bypass security measures. The lawsuit claims the defendants used stolen API keys to generate harmful content, violating several federal laws. Microsoft discovered the breach in July 2024 and is seeking damages and injunctive relief. The company has implemented new safety measures to counteract the unauthorized access. The complaint reveals a systematic pattern of API key theft, leading to a 'hacking-as-a-service' scheme facilitated by the defendants.

Created at: January 11, 2025 12:00am

Drone Collision Halts L.A. Firefighting Efforts Amid Historic Wildfire

Drone Collision Halts L.A. Firefighting Efforts Amid Historic Wildfire

A drone collided with a firefighting plane in Los Angeles on January 9, disrupting crucial efforts against one of the worst wildfires in the city's history. The incident resulted in a significant hole in the plane's wing, forcing it to abort its mission for repairs. This wildfire has already claimed at least 10 lives and threatened thousands of homes. Authorities are investigating the drone's operator, emphasizing that flying drones near active firefighting operations can lead to severe penalties, including jail time or hefty fines. The situation highlights the dangers of unauthorized drone usage in crisis settings.

Created at: January 10, 2025 10:30pm

US Charges Three Russians for Laundering Cryptocurrency Tied to North Korea

US Charges Three Russians for Laundering Cryptocurrency Tied to North Korea

The U.S. Department of Justice has indicted three Russian citizens for operating cryptocurrency mixers allegedly used by North Korean hackers and ransomware gangs. Roman Ostapenko, Alexander Oleynik, and Anton Tarasov are accused of facilitating the laundering of criminally obtained funds through Bender.io and Sinbad.io. These services were seized in a 2023 international law enforcement operation. Ostapenko faces charges of money laundering, while Oleynik and Tarasov are implicated in conspiracy. If convicted, they could face up to 30 years in prison, highlighting significant national security concerns.

Created at: January 10, 2025 5:00pm

China Breaches U.S. Treasury's CFIUS Amid National Security Concerns

China Breaches U.S. Treasury's CFIUS Amid National Security Concerns

Chinese hackers have successfully infiltrated the U.S. Treasury's Committee on Foreign Investment in the United States (CFIUS), which evaluates foreign investments for security risks. This incident follows a major cybersecurity breach linked to a security vendor, BeyondTrust, allowing unauthorized access to the department's unclassified network. Treasury officials confirmed the breach affected documents and workstations, while the cyberattack is attributed to the China-backed group known as Silk Typhoon. U.S. cybersecurity agency CISA reported no breaches in other government departments during this incident. The Chinese government has denied involvement in these cyberattacks.

Created at: January 10, 2025 3:00pm

Stiiizy Confirms Data Breach: Hackers Access Sensitive Customer ID Documents

Stiiizy Confirms Data Breach: Hackers Access Sensitive Customer ID Documents

Stiiizy, a popular cannabis brand based in Los Angeles, has reported a significant data breach where hackers accessed sensitive customer information, including government-issued IDs and medical cannabis cards. The breach, linked to an organized cybercrime group, affected data processed from October to November 2024 at four retail locations in California. While the company has not disclosed the total number of affected customers, cybersecurity experts claim that over 420,000 individuals may be impacted. The Everest ransomware group has claimed responsibility for the attack and published the stolen data after ransom demands were ignored.

Created at: January 10, 2025 2:00pm

Innovative Security System Uses Paintballs to Deter Intruders

Innovative Security System Uses Paintballs to Deter Intruders

At CES 2025, Slovenian startup OZ-IT showcased the Eve PaintCam, a unique security system designed to shoot paintballs at intruders. The system features models like Eve, Eve+, EvePro, and the camouflaged Simba, tailored for human and animal targets. With advanced AI capabilities for pet detection and facial recognition, the system aims to disrupt traditional security methods. It offers various paintball projectiles, including those infused with capsaicin for added deterrence. This novel approach to home security is drawing attention for its unconventional methods.

Created at: January 10, 2025 2:30am

DoorBox Unveils Smart Delivery Box at CES 2025: Theft-Proof and AI-Powered

DoorBox Unveils Smart Delivery Box at CES 2025: Theft-Proof and AI-Powered

DoorBox introduced its advanced Smart DoorBox.ai at CES 2025, designed to combat the rising theft of packages. This innovative delivery box features a theft-proof design, live camera feeds, and an AI-powered unlocking mechanism that facilitates secure deliveries even when recipients are away. The startup, founded by Kumar Sundaresan, aims to enhance package security after his own experience with theft. The product includes robust features like a 125-decibel alarm and a steel cable for added protection, with a price tag starting at $300 plus a monthly subscription fee for app access.

Created at: January 9, 2025 6:30pm

Facebook Rewards Researcher $100,000 for Critical Security Bug Discovery

Facebook Rewards Researcher $100,000 for Critical Security Bug Discovery

Security researcher Ben Sadeghipour uncovered a vulnerability in Facebook's ad platform that allowed internal server access, prompting Meta to award him $100,000. The flaw, tied to an unpatched Chrome browser vulnerability, was swiftly fixed by Meta within an hour of reporting. Sadeghipour underscored the risks associated with online advertising platforms, emphasizing the potential for exploitation of server-side data processing. This incident highlights the importance of robust security measures in protecting sensitive infrastructures from vulnerabilities that could lead to significant breaches.

Created at: January 9, 2025 6:00pm

PowerSchool Data Breach Exposes Sensitive Student Information

PowerSchool Data Breach Exposes Sensitive Student Information

PowerSchool has disclosed a significant data breach impacting its customers, including sensitive student information such as Social Security numbers and grades. The breach, confirmed by PowerSchool, was conducted through unauthorized access to its internal support portal. Affected data also includes personal details of parents and guardians from various school districts. While the breach is not categorized as ransomware, PowerSchool engaged CyberSteward to manage the incident. Currently, the exact number of affected individuals remains undisclosed. The company emphasizes it has taken steps to prevent further misuse of the data.

Created at: January 9, 2025 4:30pm

Ivanti VPN Zero-Day Vulnerability Compromises Corporate Networks

Ivanti VPN Zero-Day Vulnerability Compromises Corporate Networks

Ivanti has issued a warning regarding a critical zero-day vulnerability, tracked as CVE-2025-0282, affecting its widely-used VPN products. This vulnerability allows hackers to remotely exploit the system without authentication, leading to potential network intrusions. The company discovered the issue after its Integrity Checker Tool flagged malicious activities. A patch is available for the Connect Secure solution, but updates for other products are pending. Security firm Mandiant suspects a China-linked group may be behind the attacks, echoing previous incidents targeting Ivanti.

Created at: January 9, 2025 1:01pm

U.S. Launches Cyber Trust Mark for Smart Devices

U.S. Launches Cyber Trust Mark for Smart Devices

The White House has introduced the U.S. Cyber Trust Mark, a new cybersecurity label aimed at helping consumers evaluate the safety of internet-connected devices. Managed by the Federal Communications Commission, this initiative mandates compliance testing based on standards from the National Institute of Standards and Technology. Eligible products include a range of smart devices, from baby monitors to home security systems. This program comes in response to growing consumer concerns over cyberattacks on connected gadgets, with a recent survey indicating one in three Americans fear hacking risks.

Created at: January 9, 2025 1:00am

Ukrainian Hackers Claim Responsibility for Major Cyberattack on Russian ISP

Ukrainian Hackers Claim Responsibility for Major Cyberattack on Russian ISP

Ukrainian hackers have taken credit for a significant cyberattack that crippled the Russian ISP Nodex, resulting in a complete loss of internet connectivity for its customers. The attack, which began on January 6, 2025, has led Nodex to acknowledge the destruction of its network and ongoing recovery efforts. The hacking group Ukrainian Cyber Alliance shared evidence of their breach on Telegram, claiming to have exfiltrated data and left the ISP's infrastructure in disarray. As of now, Nodex has not provided a timeline for when services will be restored.

Created at: January 8, 2025 6:30pm

Japan Accuses Chinese Hackers of Targeting Government and Tech Sectors

Japan Accuses Chinese Hackers of Targeting Government and Tech Sectors

The Japanese government has issued an alert accusing a Chinese hacking group, MirrorFace, of infiltrating various government organizations and companies since 2019. The National Police Agency and cybersecurity officials linked the group to organized cyber attacks aimed at stealing sensitive information related to national security and advanced technology. Targets included Japan's Foreign and Defense ministries, space agency, politicians, and tech firms. MirrorFace's tactics evolved from targeting media and political entities to focusing on manufacturers and research institutions. The ongoing threat highlights vulnerabilities in Japan's cybersecurity capabilities amidst rising tensions.

Created at: January 8, 2025 5:00pm

PowerSchool Faces Data Breach: Student and Teacher Information Compromised

PowerSchool Faces Data Breach: Student and Teacher Information Compromised

PowerSchool, the leading EdTech provider, has reported a cyberattack that compromised personal data of students and teachers in U.S. K-12 districts. The breach occurred through its PowerSource portal, impacting over 16,000 customers and potentially exposing sensitive information such as Social Security numbers and medical records. Although PowerSchool confirmed the breach, it has not disclosed the number of affected individuals. The company is under scrutiny following a class-action lawsuit alleging it sells student data without consent. This incident raises significant concerns regarding data security in educational technology.

Created at: January 8, 2025 2:30pm

EU Court Fines European Commission €400 for Data Privacy Breach

EU Court Fines European Commission €400 for Data Privacy Breach

The EU General Court has ordered the European Commission to pay €400 to a German citizen for violating data protection laws. The court found that the Commission improperly transferred the citizen's personal data to U.S. companies, including Amazon and Meta, without adequate safeguards. This incident arose when the citizen registered for a conference using Facebook's sign-in option. The ruling marks a significant enforcement of GDPR regulations, which impose strict penalties for data breaches. This fine is a first for the European Commission under these stringent laws.

Created at: January 8, 2025 2:00pm

Casio Confirms Data Breach Affects 8,500 Individuals Following Ransomware Attack

Casio Confirms Data Breach Affects 8,500 Individuals Following Ransomware Attack

Casio has reported a significant data breach resulting from a ransomware attack on October 5, with personal information of nearly 8,500 individuals compromised. The Underground ransomware gang claimed responsibility, stealing over 200 gigabytes of data. The breach affected approximately 6,500 employees and included sensitive information such as names, employee numbers, and ID details. Additionally, the personal data of over 1,900 business partners and 91 customers was accessed. Casio confirmed that no credit card information was exposed and that affected services are gradually coming back online.

Created at: January 8, 2025 11:30am

UN Aviation Agency Confirms Data Breach of Recruitment Database

UN Aviation Agency Confirms Data Breach of Recruitment Database

The United Nations' aviation agency, ICAO, has confirmed a significant data breach involving its recruitment database, with hacker 'Natohub' claiming access to approximately 42,000 application records. The compromised data includes names, email addresses, dates of birth, and employment history of job applicants from April 2016 to July 2024. However, it clarified that financial information and passwords remain secure. ICAO is currently investigating the incident and working to notify those affected. The breach underscores ongoing challenges in cybersecurity for international organizations.

Created at: January 8, 2025 9:30am

Indian Government Websites Still Redirecting Users to Scam Sites

Indian Government Websites Still Redirecting Users to Scam Sites

Despite previous reports, numerous Indian government websites are still redirecting users to fraudulent betting and investment platforms. TechCrunch identified over 90 compromised 'gov.in' links, including those from major departments and state governments. This issue has persisted months after India's cyber agency, CERT-In, was alerted. Security experts suggest the problem may stem from vulnerabilities in the websites' content management systems. Efforts to address the situation appear insufficient, as users continue to encounter malicious content. Affected links were temporarily taken down following TechCrunch's inquiry.

Created at: January 8, 2025 4:30am

Telegram Sees Dramatic Increase in Data Sharing with Law Enforcement

Telegram Sees Dramatic Increase in Data Sharing with Law Enforcement

Telegram has reported a significant rise in the number of data requests it fulfilled for law enforcement in 2024. The messaging app handed over user data, including phone numbers and IP addresses, to U.S. authorities on 900 occasions, affecting over 2,200 users. This marks a stark increase from just 14 requests the previous year. Indian authorities received data on 14,641 occasions, impacting over 23,500 users. This surge follows the arrest of Telegram CEO Pavel Durov, which seemingly led to a shift in the app's policy on user data requests. The transparency data highlights a growing trend of compliance with legal demands.

Created at: January 7, 2025 7:30pm

US Government to Launch Cyber Trust Mark Program for IoT Devices in 2025

US Government to Launch Cyber Trust Mark Program for IoT Devices in 2025

The Biden administration has confirmed the launch of the U.S. Cyber Trust Mark, a cybersecurity labeling program for consumer internet-connected devices, set for 2025. Initially proposed in June 2023, this program aims to enhance consumer awareness and security of devices such as routers and smart home gadgets. Retailers like Best Buy and Amazon will promote products featuring this label, which provides users with critical security information. The Cyber Trust Mark will adhere to standards by the National Institute of Standards and Technology (NIST), ensuring robust cybersecurity measures for certified products.

Created at: January 7, 2025 5:30pm

UN Aviation Agency Investigates Major Data Breach Allegations

UN Aviation Agency Investigates Major Data Breach Allegations

The International Civil Aviation Organization (ICAO) is probing a cybersecurity incident after a hacker claimed to have stolen 42,000 documents, including sensitive personal data. The agency confirmed it is looking into reports linked to a known threat actor targeting international organizations. The leaked information reportedly contains full names, birth dates, and contact details of individuals, some of whom are ICAO employees. ICAO has refrained from offering further comments, focusing instead on the ongoing investigation into the breach.

Created at: January 7, 2025 2:01pm

Washington Sues T-Mobile Over 2021 Data Breach Affecting 79 Million Customers

Washington Sues T-Mobile Over 2021 Data Breach Affecting 79 Million Customers

The state of Washington has filed a lawsuit against T-Mobile, alleging that the company neglected to secure the personal data of over 79 million customers prior to a significant data breach in August 2021. Washington Attorney General Bob Ferguson claims that T-Mobile was aware of cybersecurity vulnerabilities for years but failed to take adequate measures to address them. The suit seeks financial damages and demands improvements in T-Mobile's cybersecurity protocols. The breach resulted in the exposure of sensitive customer information, including Social Security numbers and driver’s license details, with some data appearing on cybercriminal forums.

Created at: January 6, 2025 9:30pm

CISA Confirms No Wider Government Hack Beyond Treasury Incident

CISA Confirms No Wider Government Hack Beyond Treasury Incident

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported no evidence of a broader cyberattack affecting other federal agencies following the December breach at the U.S. Treasury Department. The Treasury attributed the attack to China-backed hackers who gained remote access to employee workstations and sensitive documents. A private key from technology vendor BeyondTrust was compromised, facilitating the intrusion. CISA continues to monitor the situation and collaborate with federal authorities to ensure an effective response. The Chinese government has denied involvement in the attack.

Created at: January 6, 2025 8:30pm

Tenable CEO Amit Yoran Passes Away After Cancer Battle

Tenable CEO Amit Yoran Passes Away After Cancer Battle

Amit Yoran, the CEO and chairman of cybersecurity firm Tenable, has died following a battle with cancer. His passing was announced in a press release by the company. Yoran, who took the helm at Tenable in 2016, previously held significant roles, including president of RSA and founding CEO of NetWitness. Tenable's independent director, Art Coviello, recognized Yoran as an extraordinary leader whose passion and vision profoundly influenced the company's culture. Following his medical leave that began on December 5, co-CEOs Steve Vintz and Mark Thurmond will lead the firm as a search for a permanent CEO is initiated.

Created at: January 4, 2025 8:00pm

Turo Consults Experts After Violent Incidents Involving Rented Vehicles

Turo Consults Experts After Violent Incidents Involving Rented Vehicles

Turo, a peer-to-peer car-sharing platform, is facing backlash following two violent incidents involving its rented vehicles. A military veteran drove a Ford F-150 Lightning into a crowd, resulting in 15 fatalities, while an active-duty Green Beret rented a Tesla Cybertruck and allegedly detonated it outside the Trump International Hotel in Las Vegas, leading to his death by suicide. Turo's CEO, Andre Haddad, expressed outrage over the misuse of the platform and announced consultations with national security and counterterrorism experts to enhance safety measures and prevent future abuses.

Created at: January 3, 2025 6:30pm

US Sanctions Chinese Cyber Firm Over Flax Typhoon Hacking Allegations

US Sanctions Chinese Cyber Firm Over Flax Typhoon Hacking Allegations

The U.S. Treasury Department has sanctioned Integrity Technology Group, a Beijing-based cybersecurity firm, due to its alleged involvement with the Flax Typhoon hacking group. This action follows accusations of multiple computer intrusions targeting critical U.S. infrastructure. The firm reportedly operated a botnet of over 260,000 devices to facilitate these cyberattacks. The sanctions highlight ongoing concerns about Chinese cyber threats to national security, particularly in relation to attacks on U.S. universities and government agencies. Integrity Tech has not responded to these developments.

Created at: January 3, 2025 5:00pm

Massive Data Breach: Gift Card Store Exposed Hundreds of Thousands of Identity Documents

Massive Data Breach: Gift Card Store Exposed Hundreds of Thousands of Identity Documents

MyGiftCardSupply, a U.S. online gift card retailer, inadvertently exposed over 600,000 customer identity documents, including driving licenses and passports, due to a publicly accessible storage server. Discovered by a security researcher, the breach raised concerns about the company's compliance with anti-money laundering regulations. Despite the founder confirming the issue and securing the server, it remains unclear how long the sensitive data was exposed or if affected customers will be notified. This incident highlights ongoing vulnerabilities in Know Your Customer (KYC) processes across various industries.

Created at: January 3, 2025 3:30pm

Cloudflare's VPN App and Others Pulled from Indian App Stores

Cloudflare's VPN App and Others Pulled from Indian App Stores

In a significant enforcement action, the Indian Ministry of Home Affairs has ordered the removal of over six VPN apps, including Cloudflare's popular 1.1.1.1, from the Apple App Store and Google Play Store. This follows the introduction of India's 2022 regulatory framework, which requires VPN providers to maintain detailed records of users for five years. Affected developers received notices citing violations of Indian law. Major VPN brands, including NordVPN and ExpressVPN, have expressed concerns and some have even withdrawn their server infrastructure from India while continuing to serve Indian customers without local marketing.

Created at: January 3, 2025 6:00am

Chinese Hackers Breach US Treasury's Sanctions Office in Major Cyberattack

Chinese Hackers Breach US Treasury's Sanctions Office in Major Cyberattack

Chinese government hackers reportedly infiltrated the U.S. Treasury's sanctions office during a cyberattack in December, targeting the Office of Foreign Assets Control (OFAC). This breach aimed to access sensitive information related to Chinese organizations potentially facing U.S. sanctions. The hackers compromised employee workstations and unclassified documents, affecting multiple Treasury departments, including the Office of Financial Research. The cyber incident was discovered on December 8, following an alert from BeyondTrust, a third-party identity management provider. The Treasury has not yet commented on the situation.

Created at: January 2, 2025 9:30am

Lumen Cleared of China’s Salt Typhoon Hackers After Forensic Analysis

Lumen Cleared of China’s Salt Typhoon Hackers After Forensic Analysis

Lumen, a major U.S. telecommunications firm, has confirmed that its network is free from the Chinese hacking group, Salt Typhoon. An independent forensic analysis verified the removal of the hackers, with no evidence indicating that customer data was compromised. This confirmation follows similar announcements from AT&T, Verizon, and T-Mobile, who also reported securing their networks. U.S. officials revealed that fewer than 100 individuals had their communications accessed, primarily targeting high-ranking officials in Washington D.C.

Created at: December 31, 2024 2:30pm

Startups Must Embrace Cybersecurity Resolutions for 2025

Startups Must Embrace Cybersecurity Resolutions for 2025

With 2024 witnessing numerous data breaches and ransomware attacks, cybersecurity remains a pressing concern for startups. Experts recommend essential resolutions such as utilizing password managers, implementing multi-factor authentication, and keeping software updated to mitigate risks. Regular data backups can protect against ransomware threats, while transparency during incidents can foster trust. As startups often lack resources compared to larger firms, adopting these practices is crucial to safeguarding sensitive information and maintaining operational integrity in the face of growing cyber threats.

Created at: December 31, 2024 1:30pm

Major Cyberattack on US Treasury Attributed to Chinese Hackers

Major Cyberattack on US Treasury Attributed to Chinese Hackers

The U.S. Treasury confirmed a significant cyber breach attributed to Chinese government hackers, accessing unclassified documents and employee workstations. The attack was reported to lawmakers, revealing that hackers gained access via compromised remote support technology from BeyondTrust. The Treasury has since engaged the cybersecurity agency CISA and reported no ongoing threats. This incident marks the latest in a series of cyberattacks linked to China, targeting U.S. government systems. Treasury officials emphasized their commitment to enhancing cyber defenses and collaboration with public and private sectors.

Created at: December 30, 2024 10:00pm

Volkswagen Data Leak Exposes Location of 800,000 Vehicles Across Europe

Volkswagen Data Leak Exposes Location of 800,000 Vehicles Across Europe

A significant data leak from Volkswagen's software unit Cariad has exposed terabytes of location data for around 800,000 electric vehicles, including Audi and Skoda models, across Europe. Security researchers reported that precise coordinates for over 460,000 cars were left vulnerable online for months. The data, some accurate to within centimeters, highlighted vehicles primarily located in Germany, Norway, and the UK. Cariad has since fixed the issue and claims no unauthorized access occurred. This incident adds to the challenges faced by the unit, which has struggled with delays and job cuts.

Created at: December 30, 2024 8:30pm

Verizon Secures Network After China-Linked Cyberattack

Verizon Secures Network After China-Linked Cyberattack

Verizon has announced the successful containment of a cyber incident linked to the Salt Typhoon group, a China-based cyberespionage actor. The company confirmed that no further activity from the hackers has been detected on its network. The breach primarily targeted a small number of high-profile government customers. Verizon collaborated with federal law enforcement, national security agencies, and cybersecurity firms to enhance security. AT&T also reported securing its network following similar threats, indicating a broader campaign affecting multiple telecommunications providers. U.S. officials revealed that at least nine telecoms have been targeted.

Created at: December 30, 2024 10:30am

Cyberhaven Hacked: Malicious Chrome Extension Update Exposes User Data

Cyberhaven Hacked: Malicious Chrome Extension Update Exposes User Data

Cyberhaven, a data-loss prevention startup, confirmed it was hacked, leading to a malicious update of its Chrome extension that could steal customer passwords and session tokens. The breach, identified on December 25, may have impacted many users, prompting the company to urge them to revoke and rotate credentials. Cyberhaven quickly removed the compromised extension and released a secure version. The incident is part of a broader campaign targeting Chrome extension developers. The company is cooperating with federal law enforcement and has hired an incident response firm for investigation.

Created at: December 27, 2024 7:00pm