U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers, a company spokesperson told TechCrunch.In a statement, AT&T said that the stolen data contains phone numbers of both cellular and landline customers, as well as AT&T records of calls and text messages — such as who contacted who by phone or text — during a six-month period between May 1, 2022 and October 31, 2022.
GAO raises red flags over supply chain issues and delays in DoD space programs
The Pentagon remains sluggish in fielding innovative weapon systems even as security risks intensify, the Government Accountability Office said in its annual assessment of major arms programs released June 17.
The congressional watchdog’s report examined 70 major weapon systems across the military services. GAO flags several hiccups in Space Force programs, including long-standing issues with the Global Positioning System’s ground control system and user equipment.
Biden Issues Executive Order to Bolster Supply Chain Resilience
President Biden issued an executive order today aimed at fortifying America’s supply chains, with a particular emphasis on critical infrastructure (CI).
The order solidifies the establishment of a White House council specifically geared towards bolstering supply chain resilience. A key task for this council is conducting a thorough review of industries critical to national or economic security every four years.
The first report is due no later than Dec. 31.
Data of 560 million Ticketmaster customers for sale after alleged breach
A threat actor known as ShinyHunters is selling what they claim is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000.
The allegedly stolen databases, which were first put up for sale on the Russian hacking forum Exploit, supposedly contain 1.3TB of data and the customers’ full details (i.e., names, home and email addresses, and phone numbers), as well as ticket sales, order, and event information.
Hijack of monitoring devices highlights cyber threat to solar power infrastructure
An attack on remote monitoring devices in Japan underscores an emerging cybersecurity threat to the rapidly growing solar component of the power grid. Inverters used with solar panels could pose a more significant risk. In what might be the first publicly confirmed cyberattack on the solar power grid infrastructure, Japanese media recently reported that malicious actors hijacked 800 SolarView Compact remote monitoring devices made by industrial control electronics manufacturer Contec at solar power generation facilities to engage in bank account thefts.
From Warnings to Action: Preparing America’s Infrastructure for Imminent Cyber Threats
When FBI Director Christopher Wray testified before the House Select Committee on the Chinese Communist Party in January, he painted a chilling picture of foreign adversarial cyber-agents pre-positioned in the networks of U.S. critical infrastructure operators ready to strike at a moment of Beijing’s choosing.
The Street Lights In Leicester City Cannot Be Turned Off Due To A Cyber Attack
The Leicester City Council suffered a cyber attack that severely impacted the authority’s services in March and led to the leak of confidential documents. The ransomware group behind the attack leaked multiple documents, including rent statements and applications to buy council houses. The attack occurred on March 7 and crippled the city council’s IT systems. Some lights have been stuck in all day due to the cyber attack and the council is unable to turn them off.
STAR: Shining Light on Space Supply Chain Risk
Ronald Birk, Lori W. Gordon, and Eleanor Mitch outline the factors behind the need for a system that dynamically updates space supply chain information. Along with higher demand, there is competition among sectors, such as medical device and auto makers, for certain commodities and many rare earth elements. The authors propose a distributed ledger technology (DLT) system called “Space supply chain Topology for Assessing Risk (STAR)” that would create a nexus for all stakeholders in the space supply chain community.
AT&T now says data breach impacted 51 million customers
AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. These notifications are related to the recent leak of a massive amount of AT&T customer data on the Breach hacking forums that was offered for sale for $1 million in 2021.
Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice
A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment.