News – July 2024


  • AT&T data breach exposes call records of ‘nearly all’ wireless customers

    July 14, 2024

    US telecom giant AT&T disclosed on Friday a data breach that exposed phone records of “nearly all” of its customers. The breach, affecting an estimated 110 million people, comes just months after another AT&T security incident involving personal information, and was disclosed in a filing with regulators last week. “We learned that AT&T customer data was ...

  • I spy another mSpy breach: Millions more stalkerware buyers exposed

    July 14, 2024

    Commercial spyware maker mSpy has been breached – again – and millions of purchasers can be identified from the spilled records.… mSpy showed up on Have I Been Pwned on July 11, with the site revealing hacktivists were responsible for the theft of millions of Zendesk support tickets from buyers unable to use the software. “Comprising ...

  • AI, cyber-attacks and amateur experiments threaten to upend global biosecurity, WHO warns

    July 13, 2024

    Artificial intelligence, cyber-attacks and genetic engineering could pose potentially catastrophic biosecurity threats to countries around the world, the WHO has warned. Rapid technological advances in the past decade have “redefined the biological threat landscape” and heightened risks of manipulation, the updated guidance from the WHO’s Technical Advisory Group on Biosafety said. The report advised that member ...

  • UNC3944 Targets SaaS Applications

    July 13, 2024

    UNC3944 is a financially motivated threat group that carries significant overlap with public reporting of “0ktapus,” “Octo Tempest,” “Scatter Swine,” and “Scattered Spider” and has been observed adapting its tactics to include data theft from software-as-a-service (SaaS) applications to attacker-owned cloud storage objects (using cloud synchronization tools), persistence mechanisms against virtualization platforms, and lateral movement ...

  • Elon Musk’s X accused of violating EU digital laws, Musk says EU offered illegal secret deal

    July 13, 2024

    Elon Musk’s X (Formerly Twitter) has been accused by the European Union (EU) of multiple violations of the Digital Services Act, which can potentially lead to hefty fines for the social media platform. One key violation includes allowing people to get a “checkmark” which was once reserved only for verified users. However, Musk wrote a post ...

  • iPhone users in 98 countries warned about spyware by Apple

    July 12, 2024

    In April 2024, we reported how Apple was warning people of mercenary attacks via its threat notification system. At the time it warned users in 92 countries. In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users says: “Apple detected that you ...

  • Insights on Cyber Threats Targeting Users and Enterprises in Brazil

    July 12, 2024

    Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society. Many of the cyber espionage threat actors that are prolific in campaigns across the globe are also active in carrying out attempted ...

  • Sci-fi gets sci-real: Festival celebrates the engineers helping to solve some of the world’s greatest challenges

    July 12, 2024

    An action-packed programme of free interactive events for the whole family will showcase how UCL engineers are creating the future, in fields such as artificial intelligence, space exploration, robotics and medicine. Launching on UN World Youth Skills Day, the first UCL Festival of Engineering will run from 15-20 July 2024 at sites across several London boroughs, ...

  • OilAlpha targets Arabic-speaking humanitarian NGOs in Yemen

    July 12, 2024

    OilAlpha continues to target Arabic-speaking entities, as well as those interested in humanitarian organizations and NGOs operating in Yemen. According to reports, users are lured to a deceptive web portal that mimics the generic login interfaces of humanitarian organizations such as CARE International and the Norwegian Refugee Council, with the aim of stealing credentials. It appears ...

  • Fake Microsoft Teams for Mac delivers Atomic Stealer

    July 12, 2024

    Competition between stealers for macOS is heating up, with a new malvertising campaign luring Mac users via a fraudulent advert for Microsoft Teams. This attack comes on the heels of the new Poseidon (OSX.RodStealer) project, another threat using a similar code base and delivery techniques. Based on our tracking, Microsoft Teams is once again a popular ...