The modern threat landscape has put the cyber readiness of every government agency to test. Now, a phishing attack from last year has resulted in a data breach incident for a U.S. government agency. Meanwhile, the company providing internet services for Belgium’s parliament, government agencies, universities, and scientific institutions was hit by a disruptive cyberattack. In a new study, security experts found that recycled mobile numbers in the U.S. are not all safe. With this, continue to read for the top ten cybersecurity highlights from the past 24 hours.
01
The U.S. Agency for Global Media fell victim to a breach, exposing the personal information of current and former employees who worked at the agency between 2013 and 2020.
02
Clients of Belgium-based Belnet, including coronavirus vaccination centers and prosecutors’ offices in Brussels, faced disruption in services due to a major DDoS attack.
03
Cloud communications and VoIP company Twilio disclosed being impacted by the recent Codecov supply chain attack that impacted hundreds of other customers.
04
A security researcher infiltrated a malware group’s server, who forgot to secure their backend servers in an attack. They found hundreds of thousands of stolen passwords and millions of authentication cookies leaking via an unsecured Elasticsearch server.
05
Panda Stealer, a new cryptocurrency stealer, was observed in a global spam campaign targeting individuals across U.S., Australia, Japan, and Germany through Discord channels.
06
According to a new academic study, the recycling of millions of disconnected mobile numbers in the U.S. poses a number of privacy and security threats including account takeovers, phishing and spam attacks, and more.
07
Security analysts identified over 40 apps, downloaded over 100 million times collectively, containing hardcoded private AWS keys embedded within them, putting users' data at risk.
08
The U.S. Attorney's Office for the District of Maryland seized a fake vaccine domain posing as an actual firm developing COVID-19 vaccines but instead was caught collecting the personal information of site visitors.
09
California-based Vanta, an automated security and compliance firm, raised $50 million in Series A funding led by Sequoia Capital.
10
JupiterOne, a cyber asset management firm, secured $30 million in Series B funding led by Sapphire Ventures, with participation from previous investor Bain Capital Ventures, and others.
