T-Mobile staff receiving cash offers to help with SIM swap attacks

T-Mobile employees are being propositioned via text messages to partake in illegal SIM swapping activities, with a financial incentive of $300 per swap.

SIM swap attacks take advantage of consumers using SMS as their two-factor authentication (2FA) method. By transferring a number via a SIM swap, an attacker can gain unauthorised access to victims' accounts.

This phenomenon of SIM swapping is a severe concern since it compromises the integrity of what is otherwise a...

French municipal services disrupted by cyberattack

Multiple French municipalities have experienced significant disruptions to public services following a "large-scale cyber attack" on shared servers. The ongoing cyber assault has compromised the operational capacity of crucial local government functions, illustrating the growing threat of digital attacks against public infrastructure.

The affected areas – including Saint-Nazaire, Montoir-de-Bretagne, Donges, La Chapelle-des-marais, and Porniche – reported extensive service...

AT&T probes data breach affecting millions of customers

AT&T announced on Saturday that it is investigating a major data breach involving the personal information of over 73 million current and former customer accounts.

The company said a data set containing records on approximately 7.6 million existing AT&T accounts and 65.4 million former accounts was released on the dark web.

According to AT&T's preliminary analysis, the compromised data appears to date back to 2019 or earlier. However, the company stated it...

Cybersecurity agencies issue warning over Chinese hacking group

Government cybersecurity authorities in the US and allied nations are sounding the alarm bell again over the Chinese hacking group known as Volt Typhoon.

In a joint advisory issued on Tuesday, the US Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), FBI, and eight international partners warned that the Beijing-backed Volt Typhoon gang may be gearing up for disruptive or destructive cyber strikes targeting critical infrastructure...

ASIO chief warns of critical infrastructure sabotage threat

Mike Burgess, Director General of Security at Australia's Security Intelligence Organisation (ASIO), has raised concerns over the potential for sabotage targeting critical infrastructure.

Speaking at ASIO's annual threat assessment, Burgess emphasised the persistent efforts of adversaries to exploit vulnerabilities in digital infrastructure—with a specific focus on disrupting essential services during critical moments.

"The sabotage threat has receded in recent...

IBM reveals surge in cyberattacks leveraging compromised accounts

Cybercriminals are increasingly exploiting valid user accounts to gain access to corporate networks, making this tactic a preferred weapon of choice for threat actors.

The findings come from IBM's 2024 X-Force Threat Intelligence Index released today. The report, based on insights from monitoring over 150 billion security events per day across more than 130 countries, reveals that cybercriminals are generating more opportunities to "log in" to enterprise systems through...

CISA urges manufacturers to end default passwords

The US Cybersecurity and Infrastructure Security Agency (CISA) has urged manufacturers to end default passwords on internet-exposed systems due to the severe risks posed by malicious actors.

In a recent alert, CISA highlighted the exploitation of operational technology devices by Iranian threat actors affiliated with the Islamic Revolutionary Guard Corps (IRGC) who used default passwords to gain access to critical infrastructure systems in the US.

“IRGC-affiliated...

UK accuses Russia of sustained hacking campaign

The UK Government has accused Russia's Security Service, the FSB, of orchestrating a sustained cyber-hacking campaign targeted at politicians and public figures.

The group – identified as FSB Centre 18 – is alleged to have stolen and disseminated sensitive data through cyber-attacks, including materials related to the 2019 election.

Despite Russia's persistent denials, Foreign Secretary David Cameron condemned the group's actions as "completely...

NCSC warns UK’s critical infrastructure is too vulnerable

The UK's National Cyber Security Centre (NCSC) has raised the alarm about escalating threats to the nation's Critical National Infrastructure (CNI) and warned that resilience is not at the required level.

"The threat is evolving. While we are making progress building resilience in our most critical sectors, we aren't where we need to be," states a NCSC report this week.

Dominic Trott, Director of Strategy and Alliances at Orange Cyberdefense, commented on the pressing...

Microsoft: UN treaty creates ‘ideal conditions’ for cybercrime

Amy Hogan-Burney, Associate General Counsel, Cybersecurity Policy & Protection at Microsoft, has voiced concerns about a Russia-led United Nations (UN) cybercrime treaty. 

As the global menace of cybercrime gains sophistication and extends its reach, a united front is crucial to effectively combat these digital threats. Concerted cooperation between law enforcement agencies, governmental bodies, international partners, and private corporations is required.

However,...