SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar.
We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape.
Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports.
Here are this week’s stories:
Apple issues fresh spyware warning to iPhone users
Apple has issued a fresh round of notifications to iPhone users in 98 countries, to warn them of potential mercenary spyware attacks. The tech giant, which has been regularly sending such notifications over the past three years, informed users that it has seen attempts of remote compromise of devices associated with the users’ Apple IDs, TechCrunch says.
Dallas County discloses data breach impacting 200,000 individuals
Dallas County, Texas, this week notified over 200,000 individuals that their personal information was compromised in an October 2023 data breach. Names, dates of birth, Social Security numbers, driver’s license/state identification numbers, taxpayer identification numbers, and certain types of medical information were compromised, the county said.
Snowflake enables admins to enforce mandatory MFA
Following the recent campaign that hit over 165 Snowflake customers that did not have multi-factor authentication (MFA) enabled for their accounts, the cloud services provider this week announced that administrators can now enforce mandatory MFA for all users in a Snowflake account.
Platinum giant Sibanye hit by cyberattack
Precious metals producer Sibanye-Stillwater disclosed limited disruptions to its global operations caused by a cyberattack on its IT system. The company said its core mining and processing business was operating normally, and that it isolated the impacted systems to protect its data, which suggests that ransomware might have been involved.
Nasuni announces majority investment at $1.2 billion valuation
Enterprise data platform Nasuni this week announced a strategic growth investment led by Vista Equity Partners, with additional support from KKR and TCV. The funding values Nasuni at roughly $1.2 billion. Further details on the transaction were not disclosed.
FBCS data breach impact grows to 4 million individuals
More than 4 million individuals were affected by a data breach at debt collection agency Financial Business and Consumer Solutions (FBCS), the company said in an updated regulatory filing. The incident occurred in February and resulted in names, Social Security numbers, driver’s license numbers, and other personal information being compromised. In April, the company said that 1.9 million individuals were affected, but has updated the estimate four times.
Google enables passkey support for APP users
Google this week announced that users enrolled in its Advanced Protection Program (APP) can now use passkeys to secure their accounts. Offering the strongest protections against phishing, malware, and other types of threats, APP has been designed for individuals at high risk of cyberattacks, including journalists, officials, political campaign staff, and human rights workers.
North Korean hackers targeting Japanese organizations
One week after ASEC reported on North Korean Andariel hackers (a subgroup of Lazarus) targeting a Korean ERP solution to compromise a company’s systems, JPCERT/CC said the North Korea-linked APT Kimsuky targeted Japanese organizations in March 2024 to steal information and deploy a keylogger.
Japan Aerospace Exploration Agency discloses data breach
The Japan Aerospace Exploration Agency (JAXA) has revealed that personal information of employees and other data was compromised in an October 2023 cyberattack. The investigation into the incident has revealed unauthorized access to its Microsoft 365 services and to VPN devices.
CDK Global pays $25 million to end nation-wide outage
Car dealership software provider CDK Global reportedly paid a $25 million ransom to put an end to system disruptions that impacted car dealerships across the US starting June 19. A 387 bitcoin (~$25 million) transaction made to the cryptocurrency account of a BlackSuit ransomware affiliate is believed to be the ransom payment.
Legal support services company leaks 39 million records
Legal support services company Rapid Legal left a 38TB database containing 38,648,733 records accessible from the internet without securing it with a password. The database containing legal documents, court filings, and other information, was linked to a second repository, belonging to Legal Connect, which contained 89,745 records. Both databases have been secured after the two organizations were notified of the mishap.
Leaked access token provided access to Python and PyPI GitHub repositories
JFrog details how an access token leaked in a public Docker container hosted on Docker Hub provided administrator access to the GitHub repositories for Python, PyPI and Python Software Foundation. After being notified of the exposure, the PyPI revoked the token within minutes.
Related: In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity
Related: In Other News: Malware Delivered by ISP, Temu Spying, Critical Dataverse Vulnerability