📰 Headlines
- Ingram Micro Hit By 4th July Ransomware Attack: Major IT products and services distributor Ingram Micro confirmed a ransomware attack that disrupted its internal systems over the July 4th weekend. The SafePay ransomware group is reportedly behind the attack, which caused outages to Ingram Micro’s website around July 3rd. There are concerns the attack could lead to breaches of M365 MSP client accounts – Inforcer CPO, Matthé Smith, shared a guide to temporarily block Ingram Micro’s GDAP access to your tenants here. 🔗
- Nova Scotia Power Ransomware Affects 280,000+: Nearly 300,000 people were impacted by a cyberattack on Nova Scotia Power in April. The company is notifying customers that hackers compromised critical systems, giving them access to personal data, including names addresses, driver’s license numbers, bank account details, and Canadian social insurance numbers, reports TheRecord. 🔗
- Iran-Aligned Hacking Group Targets Middle Eastern Governments: An Iran-aligned threat group named “BladedFeline” has been observed targeting government entities in Iraq and the Kurdistan Regional Government (KRG). According to new research by ESET, the group has significantly evolved its toolset, including a backdoor called “Whisper” that uses Microsoft Exchange webmail accounts for command and control. 🔗
🎣Threats & APTs
- CISA Adds Four Known Exploited Vulnerabilities to Catalog: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. These include older flaws in Multi-Router Looking Glass (MRLG), PHPMailer, Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS). 🔗
- “Bert” Ransomware Group Targets Asia & Europe: A new ransomware group named “Bert” has been identified, targeting organizations across Asia, Europe, and the U.S. Victims include healthcare, technology, and event services. The group’s ransomware affects both Windows and Linux systems. 🔗
- Hundreds Of Malicious Domains Registered Ahead Of Amazon Prime Sales: Security researchers at Check Point have warned Amazon shoppers to watch out for domain spoofing scams, after over 1,000 domains resembling “Amazon” and “Amazon Prime” brands were registered in June alone. 🔗
🚨 Industry News
- SEC Reaches SolarWinds Settlement: The SEC has reached a settlement in principle with SolarWinds and its Chief Information Security Officer (CISO). The SEC had initially sued SolarWinds in October 2023, alleging they “defrauded investors by overstating SolarWinds’ cybersecurity practices and understating or failing to disclose known risks.” The settlement would “completely resolve this litigation,” the SEC said. 🔗
- Verdane Invests In Guardsquare To Expand Mobile Security Solutions: Verdane, a European growth investment firm, has partnered with Guardsquare, an enterprise mobile application security provider. This investment aims to expand access to Guardsquare’s mobile application security for businesses globally. Guardsquare protects over 900 organizations worldwide. 🔗
🏛️ Government & Policy
- EU Plans For Quantum-Secure Public Infrastructures By 2030: The European Union has launched a new strategy to ensure its public infrastructure is quantum-secure by 2030. The plans contain initiatives preparing for the threat of quantum computing, which could potentially break current encryption standards over the next 7-15 years. 🔗
- Google Ordered To Pay $314M For Misusing Android Users’ Cellular Data: A U.S. court in California has ordered Google to pay $314 million after finding it misused Android device users’ cellular data without their permission. The verdict found Google’s Android operating system transmitted a “variety of information to Google” even when devices were idle. Google has stated it will appeal the decision, contending the data transfers are critical for device security and performance and are disclosed in its terms of use. 🔗
🔐 Cybersecurity Trends
- Interpol Warns West Africa Becoming Cybercrime Hotspot: Interpol has identified West Africa as a rising hotspot for cybercrime. A new report indicates that criminal syndicates are increasingly establishing scam centers in the region, as well as the Middle East and Central America. 🔗
- Brazil Police Arrest Employee Suspected Of Selling Credentials: Brazilian police have arrested an employee of a well-known software company for allegedly facilitating the theft of almost $100 million USD. Reportedly, the suspect sold his login credentials to hackers for $2,700 USD. Using these login details, the cybercriminals were able to breach PIX— an instant payment system that links Brazil’s Central Bank to financial institutions—and steal more than 540 million Brazilian reais ($98.3m USD).🔗
- Setting Up AI Copilots For Success: Ben Kliger, Co-Founder of Zenity, explains the importance of securing AI agents with end-to-end security and governance. 🔗
