Hackers targeting Australia's major pension funds in a series of coordinated attacks have stolen savings from some members at the biggest fund.

#hackers #Australia #cyberattack #pension #fund

https://cnews.link/hackers-strike-australiasuper-pension-fund-1/

Hotel staff who think they're confirming a reservation might be booking themselves a front-row seat to a cyberattack instead.

#hotel #cyberattack #cybersecurity #Booking #scam

https://cnews.link/booking-scam-target-hotels-phishing-1/

Both Spotify and Apple Music are so slick as platforms that you wouldn't think a cyberattack on their users would even be possible.

#Spotify #Apple #phishing #cyberattack #cybersecurity

https://cnews.link/spotify-phishing-attacks-banking-credentials-theft-1/

Attackers say they breached the British postal service last month, scooping a whopping 144 gigabytes of data.

#UK #hackers #cyberattack #cybersecurity #datasecurity #dataprivacy

https://cnews.link/royal-mail-data-breach-hackers-claim-1/

The Moscow subway's website and mobile app experienced disruptions on Monday.

#Moscow #cyberattack #cybersecurity #app #website

https://cnews.link/moscow-metro-website-app-disruptions-1/

While the infamous Lazarus Group is the best-known North Korean state-sponsored hacking group, it is not the only threat actor operating from the country

#Lazarus #NorthKorea #cybersecurity #cybercrime #cyberattack

https://cnews.link/north-korea-home-to-multiple-threat-actors-1/

Latest issue of my curated #cybersecurity and #infosec list of resources for week #13/2025 is out!

It includes the following and much more:

➝ DNA of 15 Million People for Sale in #23andMe Bankruptcy,

➝ #Trump administration accidentally texted a journalist its war plans,

➝ Critical Ingress #NGINX controller vulnerability allows RCE without authentication,

➝ #Cyberattack hits Ukraine's state railway,

➝ Troy Hunt's Mailchimp account was successfully phished,

➝ #OpenAI Offering $100K Bounties for Critical #Vulnerabilities,

➝ #Meta AI is now available in #WhatsApp for users in 41 European countries... and cannot be turned off

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end

https://infosec-mashup.santolaria.net/p/infosec-mashup-13-2025

The FBI is probing the cyberattack at Oracle as the hackers broke into the cloud computing company's computer systems and stole patient data

#cybersecurity #cyberattack #data #hackers #Oracle

https://cnews.link/oracle-cyberattack-fbi-investigating-patient-data-breach-1/

Sam's Club was hit by the Cl0p ransomware group on Friday and is now investigating, the company told Cybernews.

#ransomware #cybersecurity #cyberattack #Walmart

https://cnews.link/sams-club-walmart-investigates-clop-ransomware-claim-1/

Campaigns that typically target Israel this year may also target its allies, including the US.

#hack #US #Israel #cybersecurity #cyberattack

https://cnews.link/hacktivists-targeting-israel-opisrael-opjerusalem-1/

Ukrainian Railways (Ukrzaliznytsia) was hit by Russian forces Thursday, hours after announcing partial infrastructure restoration.

#Ukraine #Russia #railway #cybersecurity #cyberattack

https://cnews.link/ukrainian-railways-second-russian-cyberattack-systems-1/

The malicious actor known as "Empire" is selling data from cuponatic.com.pe on a hacking forum.

According to the description, 1,348,215 records are being offered. This breach would include full names, emails, genders, and phone numbers.

https://www.security-chu.com/2025/03/actor-malicioso-vende-datos-en-foro-hacking-de-cuponatic-peru.html

Hey #CyberSecurity pros! Ready to dive into the latest threats and breaches making headlines?

Our latest blog post is packed with need-to-know info to keep you ahead of the curve.

https://opalsec.io/daily-news-update-thursday-march-27-2025-australia-melbourne/

Here's a quick rundown of what's inside:

FamousSparrow's Return: The Chinese government-backed hacking group is back, targeting organizations in North America. Important distinction: ESET insists on tracking them separately from Salt Typhoon. Remember to prioritize TTPs and IOCs/IOAs accordingly!

RedCurl's Ransomware Twist: This corporate espionage group is now deploying "QWCrypt" ransomware, targeting Hyper-V servers. Phishing emails with malicious IMG attachments are the initial attack vector.

StreamElements Data Breach: A third-party service provider suffered a breach, exposing data of 210,000 customers.!

NSW Court System Data Theft: Sensitive documents, including AVOs, were stolen from the NSW Online Registry website. This could have serious consequences for victims of domestic violence.

NYU Website Defacement: A hacker compromised NYU's website, leaking personal data of over 1 million students. Even with good intentions, the collateral damage is unacceptable.

Defense Contractor Fined: MORSE Corp will pay millions for failing to meet federal cybersecurity requirements. Third-party risk management is crucial!

Atlantis AIO Automates Credential Stuffing: This new platform automates credential stuffing attacks against 140 online services. Stay vigilant against brute force attacks!

Chrome Zero-Day Exploited: Google patched a zero-day vulnerability exploited in espionage campaigns targeting Russian organizations. Keep your browsers updated!

UK Warns of 'Com Networks': The UK's NCA is warning of a growing threat from online networks of teenage boys who are "dedicated to inflicting harm and committing a range of criminality." A very worrying trend that we need to be aware of.

Ready for the full scoop? Read the full blog post here https://opalsec.io/daily-news-update-thursday-march-27-2025-australia-melbourne/

The cybercriminals from Hunters International published the stolen documents (208,508) from Megacentro.

In the files, personal data such as RUT (Chilean ID numbers), first names, last names, phone numbers, and addresses of employees can be observed.

https://www.security-chu.com/2025/03/cibercriminales-Hunters-exponen--documentos-MegaCentro.html

If you are an employee or customer of Megacentro, your personal data might be circulating on the dark web.

We recommend reviewing your accounts, updating your passwords immediately, and staying alert for any phone scam attempts.

Google has patched a dangerous zero-day vulnerability that has already been exploited by sophisticated threat actors in the wild

#Google #cyberattack #cybersecurity #cyberthreat #Chrome

https://cnews.link/cyber-spies-exploit-chrome-zero-day-in-russia-1/

#Cyberattack takes down Ukrainian state railway’s online services

https://www.bleepingcomputer.com/news/security/cyberattack-takes-down-ukrainian-state-railways-online-services/

A fruitful cyberattack would force nearly one in five small and medium businesses to close their doors, a worrying new report claims.

#cyberattack #cybersecurity #business #cybercrime

https://cnews.link/small-business-cybersecurity-survival-existential-threat-3/

A China-linked threat actor has secretly had access to a major telecom provider in Asia for years without leaving a trace.

#China #hacking #cybersecurity #cyberattack #telecom

https://cnews.link/chinese-hackers-infiltrate-telecom-undetected-1/

Troy Hunt, creator of Have I Been Pwned, was targeted by a phishing attack that exposed 16,000 emails. Here's what we can learn.

#cybersecurity #phishing #cybercrime #cyberattack

https://cnews.link/troy-hunt-falls-victim-to-phishing-attack-1/

The audacity of the RansomHub cybercriminal group:

"Our team attempted to contact Solventa S.A. de C.V. management regarding data protection for approximately a month.

The company ignored our messages and the information we provided over the phone.

Today we are making 141 GB of data leaks from Solventa S.A. de C.V. available for free."

https://www.security-chu.com/2025/03/RansomHub-ElSalvador-Solventa-centroamerica-atacada.html