- Kellogg’s leaks sensitive data after Clop attack
April 8, 2025
WK Kellogg, the company behind the Kellogg’s cereals, has been hit by a major data breach. Cybercriminals from the ransomware group Clop exploited a vulnerability in the software of an external supplier, stealing employees’ personal data. The data breach took place in December 2024, when data was stolen from the file transfer service Cleo. At the ...
- Why Cloud Misconfigurations Remain A Top Cause Of Data Breaches
April 8, 2025
It’s 2025, and the industry has built some of the most advanced cloud environments ever seen—automated deployments, real-time threat detection and infrastructure that scales with just a few lines of code. Yet, data breaches aren’t slowing down—why? Because a single misconfiguration—often as simple as an overly permissive IAM role or an exposed storage bucket—can wreck everything. ...
- Musk cuts US cyber defences against Russia, increasing threats to UK
April 7, 2025
The Pentagon cyber unit that helps counter threats from Russia has had part of its funding cut. US Cyber Command (USCC), which is charged with defending US military networks, has been ordered to axe contract dealings with private-sector partners, and freeze recruitment. The shock move could have a major impact on Britain’s ability to defend itself ...
- How ToddyCat tried to hide behind AV software
April 7, 2025
To hide their activity in infected systems, APT groups resort to various techniques to bypass defenses. Most of these techniques are well known and detectable by both EPP solutions and EDR threat-monitoring and response tools. In early 2024, while investigating ToddyCat-related incidents, Kaspersky researchers detected a suspicious file named version.dll in the temp directory on multiple ...
- Massive Europcar data breach affects around 200,000 customers
April 7, 2025
Europcar has reportedly suffered a data breach in which it lost sensitive data on hundreds of thousands of customers. A threat actor with the alias ‘Europcar’ posted a new thread in an underground forum, claiming to have “successfully breached Europcar’s systems and obtained all their GitLab repositories”. As a result, the attacker took more than 9,000 ...
- Flaw in Verizon call record requests put millions of Americans at risk
April 4, 2025
Security researcher Evan Connelly discovered an enormous flaw affecting one of the largest telecommunications companies in the world that could allow any single person to view the recent incoming call log for potentially any Verizon phone number. A vulnerability in the Verizon Call Filter iOS app allowed anyone to request the call logs of millions of ...
- NSA warns “fast flux” threatens national security. What is fast flux anyway?
April 4, 2025
A technique that hostile nation-states and financially motivated ransomware groups are using to hide their operations poses a threat to critical infrastructure and national security, the National Security Agency has warned. The technique is known as fast flux. It allows decentralized networks operated by threat actors to hide their infrastructure and survive takedown attempts that would ...
- OH-MY-DC: OIDC Misconfigurations in CI/CD
April 4, 2025
This paper accompanies the presentation “Oh-My-DC,” delivered at DEF CON 32 in August 2024. This article assumes a basic familiarity with OAuth and CI/CD pipelines, including concepts like authorization grants, access tokens and the different stages of a CI/CD workflow. OIDC extends the OAuth protocol by adding a new token to the protocol, enabling applications to ...
- Trump fires head of National Security Agency and Cyber Command
April 4, 2025
The Trump administration has fired Timothy Haugh, the head of the National Security Agency (NSA) and Cyber Command, several news publications reported overnight into Friday. Haugh, a career military official, led the National Security Agency, the U.S.’s main wiretapping and intelligence-gathering agency, for little more than a year after his appointment in February 2024 following his ...
- QR codes sent in attachments are the new favorite for phishers
April 3, 2025
Recently Malwarebytes Labs researchers have been seeing quite a few phishing campaigns using QR codes in email attachments. The lure and the targets are varied, but the use of a QR code to get someone to visit the phishing site is fast becoming a preferred method for cybercriminals. There are several reasons why cybercriminals might want ...
- Australian superannuation funds targeted in suspected cyber attacks
April 3, 2025
Multiple large superannuation funds have been targeted in suspected cyber attacks that led to some members losing several thousand dollars in retirements savings. Hostplus, Rest, AustralianSuper and Australian Retirement Trust are among the providers targeted. The attacks were discovered over the weekend, and follow rising reports of online security threats in Australia with a cyber ...