The Breach News

Most AT&T Customers May Qualify for a Major Settlement—Are You One of Them? Act Fast: Claim Deadline Approaching!

AT&T has announced that approximately 73 million of its current and former customers may be entitled to a portion of a $177 million settlement stemming from two significant data breaches. These incidents compromised a vast array of sensitive customer information, including personal details such as names, addresses, phone numbers, Social…

Read MoreMost AT&T Customers May Qualify for a Major Settlement—Are You One of Them? Act Fast: Claim Deadline Approaching!

10-Year-Old Romanian Hacker Group ‘RUBYCARP’ Reemerges with Powerful Botnet

A cyber threat group of suspected Romanian origin, identified as RUBYCARP, has been linked to a long-lasting botnet engaged in various malicious activities, including cryptocurrency mining, distributed denial-of-service (DDoS) attacks, and phishing schemes. This group appears to have been operational for at least a decade, primarily motivated by financial gain,…

Read More10-Year-Old Romanian Hacker Group ‘RUBYCARP’ Reemerges with Powerful Botnet

Mimecast Discovers Hackers Behind SolarWinds Breach Took Portions of Its Source Code

Mimecast Acknowledges Source Code Breach Linked to SolarWinds Attack In a recent disclosure, email security firm Mimecast announced that it fell victim to the state-sponsored attackers behind the SolarWinds breach, illustrating the ongoing risks associated with sophisticated cyber threats. The incident, detailed in their findings, revealed unauthorized access to some…

Read MoreMimecast Discovers Hackers Behind SolarWinds Breach Took Portions of Its Source Code

WIRED Roundup: DHS Privacy Breach, AI in Romantic Relationships, and Google Takes Action Against Text Scammers

Recent Surge in Scam Text Messages Linked to Chinese Fraud Network In recent years, the prevalence of scam text messages has escalated, creating a significant nuisance for millions of Americans. Many individuals report receiving a seemingly endless stream of unsolicited communications, with tactics that often involve impersonation of legitimate organizations…

Read MoreWIRED Roundup: DHS Privacy Breach, AI in Romantic Relationships, and Google Takes Action Against Text Scammers

Researcher Reveals Four Zero-Day Vulnerabilities in IBM’s Enterprise Security Software

Cybersecurity Alert: Unpatched Zero-Day Vulnerabilities Found in IBM Data Risk Manager A prominent cybersecurity researcher has unveiled technical details and proof of concept for four unpatched zero-day vulnerabilities in IBM’s enterprise security software, IBM Data Risk Manager (IDRM). This disclosure comes after IBM reportedly declined to acknowledge the responsibly submitted…

Read MoreResearcher Reveals Four Zero-Day Vulnerabilities in IBM’s Enterprise Security Software

Public Accounts Committee Slams MoD for “Series of Errors” in Afghan Data Breach

Major Data Breach of UK’s Ministry of Defence Compromises Afghan Applicants’ Safety Last week, the House of Commons Public Accounts Committee (PAC) released a scathing report regarding the UK Ministry of Defence’s (MoD) management of a significant data breach that jeopardized the safety of thousands of Afghan citizens. This incident…

Read MorePublic Accounts Committee Slams MoD for “Series of Errors” in Afghan Data Breach

Serious ‘BatBadBut’ Rust Vulnerability Leaves Windows Systems Open to Attacks

A significant security vulnerability has been identified in the Rust standard library, potentially affecting Windows users through command injection exploits. This vulnerability, designated as CVE-2024-24576, receives a maximum severity rating with a CVSS score of 10.0. It specifically arises in scenarios where batch files are executed in Windows using untrusted…

Read MoreSerious ‘BatBadBut’ Rust Vulnerability Leaves Windows Systems Open to Attacks