Massive National Public Data Breach may have Exposed Personal Information of Billions, Lawsuit Claims
A class action lawsuit has been filed against a background check company alleging their failure to properly secure the personally identifiable information of billions of individuals collected from non-public sources. This supposedly led to a massive data breach where a threat actor claimed to have placed a database containing names, addresses, social security numbers and relatives’ information from 2.9 billion US citizens for sale online after leaking it. Read more
AutoCanada Cyber Attack, Ransomware Impacted Internal IT Systems
AutoCanada, a large Canadian automotive retailer, disclosed being impacted by a ransomware attack. The ransomware infiltrated their IT networks and systems, potentially disrupting operations and accessing sensitive business and customer data. The attack has strained AutoCanada’s infrastructure as they work to restore services and evaluate improving network defenses. This incident comes after recent outages from their supplier CDK, also due to ransomware. Read more
Ohio School Board Association (OSBA) Hit by Ransomware Attack
The Ohio School Board Association (OSBA), which provides critical support services to over 700 Ohio school districts, discovered their network and systems were infiltrated by ransomware which disrupted operations right before the new school year. They had to immediately cut internet access and retained specialists to investigate the attack which could impact school board advocacy, training and resources. Read more
Top 5 Cyber Scams to Watch Out for in 2024
Awesome, scammers are getting smarter using AI, robot calls and deepfakes. Watch out for tech support, CEO and crypto investment scams. Also dodgy emails with malware, AI powered phishing and insider threats. Cyber risks are evolving rapidly as criminals automate attacks. Read more to see mitigation strategies for businesses facing relentless threats in 2024. Read more
APT31 and APT27 Target Russian Organizations in Sophisticated Cyberespionage Campaign
Cybersecurity researchers uncovered a targeted campaign dubbed “EastWind” conducted by APT31 and APT27 against Russian government agencies and IT companies utilizing multi-staged malware implantation tactics via phishing emails. They deployed customized backdoors, trojans and payloads like “GrewApacha”, “CloudSorcerer” and an undisclosed backdoor named “PlugY” to infiltrate networks while avoiding detection. Read more
Australian Gold Mining Ransomware Attack: Mining Giant Hit by a Cyberattack
Large Australian gold miner Evolution Mining announced it detected ransomware on its IT systems on August 8th, disrupting operations. They promptly engaged forensic experts to investigate and contain the situation with no material impact expected. The details of the ransomware variant or attack vector used were not disclosed. Read more.