Cybersecurity Develoments - Live

Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage

A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies.

According to Italian media ANSA, the 33-year-old man, Xu Zewei, was arrested at Milan's Malpensa Airport on July 3rd after arriving on a flight from China. Italian police arrested the suspect on an international warrant from the U.S. government.

Qantas is being extorted in recent data-theft cyberattack

Qantas has confirmed that it is now being extorted by threat actors following a cyberattack that potentially exposed the data for 6 million customers.

"A potential cyber criminal has made contact, and we are currently working to validate this," Qantas shared in an updated statement.

Employee gets $920 for credentials used in $140 million bank heist

Hackers stole nearly $140 million from six banks in Brazil by using an employee's credentials from C&M, a company that offers financial connectivity solutions.

The incident reportedly occurred on June 30, after the attackers bribed the employee to give them his account credentials and perform specific actions that would help their operations.

IT company Ingram Micro says ransomware targeted internal systems

One of the U.S.'s biggest providers of IT products and services said it was hit with ransomware ahead of the July 4 holiday weekend.

Ingram Micro published a statement on Saturday saying it discovered “ransomware on certain of its internal systems,” which it immediately took offline.

Nearly 300,000 people were impacted by cyberattack on Nova Scotia Power

Canadian utility Nova Scotia Power is notifying about 280,000 people of a data breach that occurred following a cyberattack earlier this year.

In letters to victims, the company said an investigation revealed that hackers had access to critical systems from March 19 to April 25, allowing them to steal names, addresses, driver's license numbers, Canadian Social Insurance numbers, bank account details and troves of information from the Nova Scotia Power program

Russia’s St. Petersburg hit by major internet outage amid drone strike warnings

Residents of St. Petersburg, Russia, experienced a widespread mobile internet outage over the weekend.

The disruptions affected both consumers and businesses, with some cafes, shops and gas stations switching to cash transactions because they couldn’t process card or QR-code payments, according to media reports.

Trump confirms US-China talks on TikTok deal to start early next week

US President Donald Trump has announced plans to initiate discussions with China on Monday or Tuesday regarding a potential deal on the sale of TikTok.

“I think we’re gonna start Monday or Tuesday ... talking to China – perhaps President Xi or one of his representatives – but we would, we pretty much have a deal,” Trump told reporters on Air Force One.

Ingram Micro outage caused by SafePay ransomware attack

An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned.

Since Thursday, Ingram Micro's website and online ordering systems have been down, with the company not disclosing the cause of the issues.

China-linked hackers spoof big-name brand websites to steal shoppers' payment info

Researchers have uncovered a sprawling network of fraudulent retail websites impersonating major global brands in an effort to steal payment data from online shoppers.

The campaign, which has been active for months, uses thousands of phishing websites that mimic the design and product listings of well-known retailers — including Apple, PayPal, Nordstrom, Hermes, and Michael Kors

SK Telecom stock downgraded to Sell by Goldman Sachs on data breach fallout

Goldman Sachs downgraded SK Telecom (NYSE:SKM) from Neutral to Sell and lowered its price target to KRW42,000.00 from KRW54,000.00 following the company’s recent data breach incident.

The Ministry of Science and ICT (MSIT) concluded its investigation on July 4, finding SK Telecom liable for the data breach that first surfaced in April.

Taiwan NSB Alerts Public on Data Risks from TikTok, Weibo, and RedNote Over China Ties

Taiwan's National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China.

The alert comes following an inspection of these apps carried out in coordination with the Ministry of Justice Investigation Bureau (MJIB) and the Criminal Investigation Bureau (CIB) under the National Police Agency.

Who gets promoted and fired? More than half of US managers use AI to decide

Almost all HR managers in the US use AI at work, and a majority of those rely on it to decide who gets promoted, gets a raise, or gets fired, a new survey has found.

The survey, which polled 1,342 managers, found that a startling 66% of managers consulted a large language model (LLM) such as ChatGPT for guidance on layoffs. A majority also use AI to determine raises (78%) and promotions (77%).

Hacker leaks Telefónica data allegedly stolen in a new breach

A hacker is threatening to leak 106GB of data allegedly stolen from Spanish telecommunications company Telefónica in a breach that the company did not acknowledge.

The threat actor has leaked a 2.6GB archive that unpacks into five gigabytes of data with a little over 20,000 files to prove that the breach occurred.

Police dismantles investment fraud ring stealing €10 million

The Spanish police have dismantled a large-scale investment fraud operation that caused cumulative damages exceeding $11.8 million (€10 million).

21 individuals were arrested, and the police agents also confiscated seven luxury vehicles and more than $1.5 million €1.3 million in cash and cryptocurrency.

Recruiting software maker exposes nearly 26M resumes

TalentHook, a cloud-based applicant tracking system, left a misconfigured instance open. It spilled tens of millions of job seekers’ CVs, full of personal details ranging from full names to home addresses.

The Cybernews research team has uncovered a misconfigured Azure Blob storage container with nearly 26 million files, most of which are US job seekers’ resumes.

BMW Financial Services entangled in cyber incident

BMW Financial Services was indirectly involved in a data breach affecting the third-party company AIS.

AIS, a Texas-based fintech firm, provided its monitoring and processing services and legal monitoring services to BMW Financial Services and its account holders during the breach.

Ford CEO: “AI is going to replace literally half of all white collar workers in the US”

Ford CEO Jim Farley has joined a growing number of executives warning that artificial intelligence (AI) may threaten millions of jobs.

“AI is going to replace literally half of all white collar workers,” Mr Farley said, speaking at the Aspen Ideas Festival on June 27th.

Microsoft shuts down 3,000 email accounts created by North Korean IT workers

Microsoft said it suspended 3,000 Outlook and Hotmail email accounts it believed were created by North Korean IT workers as part of a larger effort to help companies address the costly scheme.

The tech giant said it has spent years monitoring North Korea’s campaign to get its citizens hired in IT roles at U.S. companies and recently saw changes in how the campaign operates.

Virginia county says April ransomware attack exposed employee SSNs

Government employees working for the county of Gloucester in Virginia had Social Security numbers and other sensitive data stolen during a ransomware attack in April.

The county sent 3,527 current and former employees notices this week warning that their personal information was accessed by hackers who breached county systems on April 22.

Ransomware gang attacks German charity that feeds starving children

Deutsche Welthungerhilfe (WHH), the German charity that aims to develop sustainable food supplies in some of the world’s most impoverished countries, has been attacked by a ransomware gang.

The cybercriminals are attempting to sell data stolen from the charity for 20 bitcoin, equivalent to around $2.1 million.

Australia’s Qantas Confirms Cyberattack: 6 Million Service Records Compromised

Australia’s national carrier, Qantas Airways Limited, has revealed a cybersecurity incident. The Qantas cyberattack was traced to unauthorized access through a third-party customer service platform used by one of the airline’s contact centers.

“Qantas can confirm that a cyber incident has occurred in one of its contact centres, impacting customer data. The system is now contained.” The breach, described as criminal in nature, involved the targeting of a third-party system that stored service records for approximately six million customers.

Google Ordered to Pay $314M for Misusing Android Users' Cellular Data Without Permission

Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android device users' cellular data when they were idle to passively send information to the company.

"Google's unauthorized use of their cellular data violates California law and requires Google to compensate Plaintiffs for the value of the cellular data that Google uses for its own benefit without their permission.".

Louis Vuitton Korea says systems breach led to customer data leak

A systems breach at Louis Vuitton (LVMH.PA), opens new tab Korea in June led to the leak of some of customer data including contact information, but did not involve customers' financial information, the luxury brand's South Korea unit said on Friday.

“"We regret to inform that an unauthorized third party temporarily accessed our system resulting in the leak of some customer information," the unit said in a statement..

India - Max Financial arm Axis Max Life gets anonymous tip claiming data breach

Max Financial Services Limited disclosed that its material subsidiary, Axis Max Life Insurance Limited, has received a communication from an anonymous source claiming unauthorised access to certain customer data.

The company has launched a detailed investigation in consultation with information security experts to determine the root cause of the incident and to implement necessary remedial measures.