Hi folks,

I hope you're all doing well! It's been a super exciting week for me. I've started working at a freakin' nuclear power plant, as a Reliability Engineer. I've joined one of the teams responsible for keeping the power plant running, from turbines to the cooling systems and even the reactor itself, and I'll focus on the software and cybersecurity side of that whole process.

Suffice to say, I have a -lot- to learn, and I'm loving every minute of it :-)

But enough about me, let's get to this week's security news! Enjoy!

Dieter Van der Stock

Quick links

  • IBM to buy HashiCorp in $6.4 billion deal: link.
  • REvil hacker behind Kaseya ransomware attack gets 13 years in prison: link.
  • US Post Office phishing sites get as much traffic as the real one: link.
  • Millions of Docker repos found pushing malware, phishing sites: link.
  • CISA warned 1,750 organizations of ransomware vulnerabilities last year. Only half took action. link.
  • Google now pays up to $450,000 for RCE bugs in some Android apps: link.
Dieter Van der Stock

Breaches and leaks

  • DropBox says hackers stole customer data, auth secrets from eSignature service: link.
  • UnitedHealth CEO confirms company paid $22 million ransom in heated Senate hearing: link.
  • Change Healthcare hacked using stolen Citrix account with no MFA: link.
  • LockBit publishes confidential data stolen from Cannes hospital in France: link.
  • Hackers accessed more than 19,000 accounts on California state welfare platform: link.
  • Collection agency FBCS warns data breach impacts 1.9 million people: link.
  • London Drugs pharmacy chain closes stores after cyberattack: link.
  • Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach: link.
  • Qantas app exposed sensitive traveler details to random users: link.
  • Panda Restaurants discloses data breach after corporate systems hack: link.

Issues and fixes

  • Hackers try to exploit WordPress Automatic plugin vulnerability that’s as severe as it gets: link.
  • CISA says GitLab account takeover bug is actively exploited in attacks: link.
  • HPE Aruba Networking fixes four critical RCE flaws in ArubaOS: link.
  • Cactus ransomware targets a handful of Qlik Sense CVEs: link.