The Breach News

US and Global Partners Blame China for Major Microsoft Exchange Cyberattack

The U.S. government, along with critical allies such as the European Union, the United Kingdom, and NATO, has officially linked a substantial cyberattack on Microsoft Exchange email servers to state-sponsored hacking groups associated with China’s Ministry of State Security (MSS). The attack exploited zero-day vulnerabilities in Microsoft Exchange, which were…

Read MoreUS and Global Partners Blame China for Major Microsoft Exchange Cyberattack

Tornado Cash Developer Detained Following U.S. Sanctions on Cryptocurrency Mixer

On Friday, Dutch authorities announced the arrest of a software developer in Amsterdam linked to Tornado Cash, a decentralized cryptocurrency mixing service recently under scrutiny by U.S. regulators. This move follows the U.S. sanctions imposed on the service, aimed at curbing its alleged role in facilitating illicit financial activities. The…

Read MoreTornado Cash Developer Detained Following U.S. Sanctions on Cryptocurrency Mixer

Gmail Security Alert: Google Urges Users to Stop Using Passwords

Significant changes are coming to Gmail’s security protocols. dpa/picture alliance via Getty Images Updated on November 3 with additional reports regarding compromised Gmail passwords and updated recommendations for users regarding password management. While numerous claims of widespread Gmail password leaks have circulated recently, Google has reassured users that no immediate…

Read MoreGmail Security Alert: Google Urges Users to Stop Using Passwords

Security Vulnerability in Styra’s OPA Exposes NTLM Hashes to Remote Threats

Security Flaw in Styra’s Open Policy Agent Exposes NTLM Hashes Recently, a significant security vulnerability in Styra’s Open Policy Agent (OPA) has come to light, one that could have potentially exposed New Technology LAN Manager (NTLM) hashes if exploited. Following a responsible disclosure, this flaw has been addressed in a…

Read MoreSecurity Vulnerability in Styra’s OPA Exposes NTLM Hashes to Remote Threats

APT Hackers Spread Android Trojan Through Syrian e-Government Portal

A sophisticated threat actor has been identified in a recent campaign utilizing Android malware disseminated through the Syrian e-Government Web Portal. This marks a significant evolution in the actor’s toolkit, reflecting an enhanced capability to exploit vulnerabilities for malicious purposes. According to researchers from Trend Micro—Zhengyu Dong, Fyodor Yarochkin, and…

Read MoreAPT Hackers Spread Android Trojan Through Syrian e-Government Portal

India’s Newest Airline, Akasa Air, Exposes Passengers’ Personal Information

Akasa Air, the latest entrant in India’s aviation sector, has reported a significant data breach attributed to a technical configuration flaw. The incident exposed sensitive personal information of customers, raising serious concerns about cybersecurity within the rapidly growing airline. Security researcher Ashutosh Barot uncovered the vulnerability during the airline’s inaugural…

Read MoreIndia’s Newest Airline, Akasa Air, Exposes Passengers’ Personal Information