UK Legal Aid Agency Suffers Major Data Breach Exposing Court Documents
The UK Legal Aid Agency (LAA) has disclosed a significant data breach affecting its client and case management system.
The breach, stemming from an issue with Microsoft Azure, exposed court evidence bundles including sensitive personal data such as medical records and witness statements. Around 1,000 documents from criminal legal aid cases were accessible for over three months. The LAA has notified affected parties and launched an investigation alongside Microsoft and the Ministry of Justice.
This incident underscores the risks of cloud misconfigurations and the critical need for secure handling of legal and personal data.
🔗 Read the full article
Threat Actors Impersonate US Government Agencies in SMS Phishing Attacks
Cybercriminals are using SMS phishing tactics to impersonate U.S. government agencies in a new wave of scams.
These campaigns send fake text messages claiming to be from the USPS, DHS, and other federal agencies, directing recipients to malicious links that harvest credentials and personal information. The messages are part of a broader social engineering trend targeting public trust in government communications. The attacks use tactics like spoofed sender IDs to appear legitimate.
This highlights the growing sophistication of phishing campaigns and the importance of public awareness and mobile security.
🔗 Read the full article
Arla Foods Confirms Cyberattack Disrupting Production and Deliveries
Arla Foods, a major European dairy producer, has confirmed a cyberattack that disrupted operations and caused delivery delays.
The incident, reported initially in late April, involved unauthorized access that temporarily impacted production systems and supply chains. While the company is still investigating the full scope of the breach, it has resumed operations under contingency protocols. Arla has not confirmed if ransomware was involved.
The attack highlights the vulnerabilities in the food and agriculture sector and the broader risks to critical supply chains.
🔗 Read the full article
‘DefendNot’ Exploit Bypasses Microsoft Defender by Abusing Windows Security Settings
A newly disclosed tool dubbed DefendNot can disable Microsoft Defender on Windows systems by abusing legitimate system policies.
The tool, detailed by security researchers, modifies Windows Defender settings through Group Policy and registry keys, effectively turning off the antivirus without raising alerts. It doesn’t require administrative privileges, making it particularly dangerous for enterprises relying on Defender for endpoint protection. Microsoft has not yet released a fix.
This discovery stresses the need for layered security defenses and careful monitoring of endpoint configurations.
🔗 Read the full article
Hackers Exploit VMware ESXi and Microsoft SharePoint Zero-Days at Pwn2Own 2024
Multiple critical zero-day vulnerabilities were exploited in VMware ESXi and Microsoft SharePoint during the Pwn2Own 2024 hacking competition.
Security researchers demonstrated remote code execution attacks on enterprise platforms, earning over $1.1 million in rewards. These exploits revealed unpatched weaknesses in widely used systems, including a successful takeover of a fully patched ESXi server. Vendors have been notified and are expected to release fixes.
Such demonstrations spotlight the value of ethical hacking in exposing serious vulnerabilities before malicious actors can exploit them.
🔗 Read the full article
Ransomware Gangs Weaponize New Skitnet Malware for Lateral Movement
Threat actors are deploying a new malware toolkit named Skitnet to enhance lateral movement and privilege escalation during ransomware operations.
Discovered by security researchers, Skitnet is designed to exploit Windows environments, evade detection, and automate post-compromise actions. It’s often bundled with other tools like Cobalt Strike and mimikatz, indicating use by sophisticated ransomware groups. The malware is actively being sold and traded on cybercrime forums.
This development underscores the continual evolution of ransomware tactics and the need for proactive threat detection and network segmentation.
🔗 Read the full article
Stay Informed!
Sign Up for our Weekly Security Newsletter