Hi folks,

Nothing Earth shattering this week, but plenty of interesting news and articles to share. My favorite is a write-up of how a security researcher got write access to millions of broadband modems, worth a read if you have the time. Enjoy!

Dieter Van der Stock

Quick links

  • Poland to invest $760 million in cyberdefense as Russian pressure mounts: link.
  • Kali Linux 2024.2 released with 18 new tools, Y2038 changes: link.
  • House Republicans propose eliminating funding for election security: link.
  • Israeli influence operation highlights global disinformation industry: link.
  • Apple will update iPhones for at least 5 years in rare public commitment: link.
Dieter Van der Stock

Breaches and leaks

  • Major London hospitals disrupted by Synnovis ransomware attack: link.
  • 361 million stolen accounts leaked on Telegram added to HIBP: link.
  • Los Angeles Unified School District investigates data theft claims: link.
  • ShinyHunters claims Santander breach, selling data for 30M customers: link.
  • AI platform Hugging Face says hackers stole auth tokens from Spaces: link.
  • Collection agency FBCS ups data breach tally to 3.2 million people: link.
  • Club Penguin fans breached Disney Confluence server, stole 2.5GB of data: link.
  • Advance Auto Parts stolen data for sale after Snowflake attack: link.
  • Nearly 400,000 affected by data breach at eye care management services company: link.
  • Chinese hacking groups stole ‘sensitive’ intel on South China Sea from SE Asian government: link.
  • Cyberattack disrupts operations of supermarkets across Russia: link.
  • Cyberattack on telecom giant Frontier claimed by RansomHub: link.
  • Germany's main opposition party hit by ‘serious’ cyberattack: link.
  • Google accidentally published internal Search documentation to GitHub: link.
Dieter Van der Stock

Issues and fixes

  • CISA warns of actively exploited Linux privilege elevation flaw: link.
  • Exploit for critical Progress Telerik auth bypass released, patch now: link.
  • Check-in terminals used by thousands of hotels leak guest info: link.
  • Zyxel issues emergency RCE patch for end-of-life NAS devices: link.
Dieter Van der Stock