News – June 2024


  • Europol-coordinated operation tackles the threat of terrorist-operated websites

    June 14, 2024

    Ten countries joined forces with Europol to disrupt the online propaganda activities of religious and politically motivated terrorist organisations across the ideological spectrum. This joint effort, known as Operation HOPPER II, targeted key assets in the online dissemination of terrorist propaganda, including those of the so-called Islamic State, al-Qaeda and its affiliates, and Hay’at Tahrir al-Sham. ...

  • Pentagon ran secret anti-vax campaign to undermine China during pandemic

    June 14, 2024

    At the height of the COVID-19 pandemic, the U.S. military launched a secret campaign to counter what it perceived as China’s growing influence in the Philippines, a nation hit especially hard by the deadly virus. It aimed to sow doubt about the safety and efficacy of vaccines and other life-saving aid that was being supplied by ...

  • Data of over 20,000 staff, students at Chinese University of Hong Kong stolen after school server hacked

    June 14, 2024

    The personal data of over 20,000 Chinese University of Hong Kong (CUHK) staff and students has been stolen after a server at one of the institution’s schools was hacked. The server of an online learning system used by CUHK’s School of Continuing and Professional Studies (CUSCS) was hacked on June 3, the school announced in a ...

  • Black Basta ransomware group suspected in Ascension data theft incident

    June 13, 2024

    U.S. healthcare provider Ascension has provided more details of its “cyber security event” last month, admitting that data was stolen, with some reports also suggesting that the Black Basta ransomware gang was behind the attack. One of the largest nonprofit and Catholic health systems in the U.S. and also the second-largest operator of hospitals in the ...

  • Bluetooth tracking device company Tile data compromised in data breach

    June 13, 2024

    Another day, another data breach. Tile has fallen victim to a mammoth data breach, with cybercriminals stealing sensitive consumer data like names, physical addresses, and phone numbers, and even accessing tools that process location requests made by law enforcement. In addition to stealing personal data en masse, hackers have also demanded a ransom from Tile’s parent ...

  • DISGOMOJI Malware Used to Target Indian Government

    June 13, 2024

    In 2024, Volexity identified a cyber-espionage campaign undertaken by a suspected Pakistan-based threat actor that Volexity currently tracks under the alias UTA0137. The malware used in these recent campaigns, which Volexity tracks as DISGOMOJI, is written in Golang and compiled for Linux systems. Volexity assesses with high confidence that UTA0137 has espionage-related objectives and a remit ...

  • Cinterion EHS5 3G UMTS/HSPA Module Research

    June 13, 2024

    Modems play an important role in enabling connectivity for a wide range of devices. This includes not only traditional mobile devices and household appliances, but also telecommunication systems in vehicles, ATMs and Automated Process Control Systems (APCS). When integrating the modem, many product developers do not think of protecting their device from a potential modem compromise. ...

  • Scammers Create Fraudulent Olympics Ticketing Websites

    June 13, 2024

    Proofpoint recently identified a fraudulent website purporting to sell tickets to the Paris 2024 Summer Olympic Games. It was notably listed as the second sponsored search result on Google, after the official website, when searching for “Paris 2024 tickets,” and related searches. The site was just one of many. According to the French Gendarmerie Nationale, their efforts ...

  • Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day

    June 12, 2024

    The Cardinal cybercrime group (aka Storm-1811, UNC4393), which operates the Black Basta ransomware, may have been exploiting a recently patched Windows privilege escalation vulnerability as a zero-day. The vulnerability (CVE-2024-26169) occurs in the Windows Error Reporting Service. If exploited on affected systems, it can permit an attacker to elevate their privileges. The vulnerability was patched on ...

  • Quebec: Police arrest three in connection with massive Desjardins data breach

    June 12, 2024

    Laval police say they arrested three suspects Wednesday in connection to a massive data breach at Desjardins Group made public in 2019. The data breach at the Quebec-based credit union is thought to be one of the largest ever among Canadian financial institutions, affecting roughly 4.2 million people and 173,000 businesses. The leaked information includes names, ...