Hi folks!

A day early and a bit of a quick one, as I'm still very much focused on onboarding in the new job, and leaving for a trip with friends over the weekend :-)

Enjoy the end of the week, kick butt at whatever you do, and see you next week!

Dieter Van der Stock

Quick links

  • NATO and EU condemn Russia's cyberattacks against Germany, Czechia: link.
  • Microsoft rolls out passkey auth for personal Microsoft accounts: link.
  • Counterfeit Cisco gear ended up in US military bases, used in combat operations: link.
  • OpenVoice: open source instant voice cloning: link.

Breaches and leaks

  • UK confirms Ministry of Defence payroll data exposed in data breach: link.
  • Stolen children’s health records posted online in extortion bid: link.
  • Nearly 184,000 MedStar Health patients' personal data possibly breached: link.
  • DocGo discloses cyberattack after hackers steal patient health data: link.
  • Ascension healthcare takes systems offline after cyberattack: link.
  • Wichita government shuts down systems after ransomware incident: link.
  • BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement: link.
  • University System of Georgia: 800K exposed in 2023 MOVEit attack: link.
  • Boeing confirms attempted $200 million ransomware extortion attempt: link.
  • Far-right websites hacked and defaced: link.
  • Australian pubgoers' personal info posted to leak site: link.
  • Zscaler takes "test environment" offline after rumors of a breach: link.
  • Final Fantasy game servers hit by multiple DDoS attacks: link.

Issues and fixes

  • Android bug leaks DNS queries even when VPN kill switch is enabled: link.
  • Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw: link.
  • Hackers exploit LiteSpeed Cache flaw to create WordPress admins: link.
  • New BIG-IP Next Central Manager bugs allow device takeover: link.