Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [10 Jul 2025]

admin
Cybersecurity News | Daily Recap [10 Jul 2025]

Recent cybersecurity incidents include a major data breach at Qantas linked to Scattered Spider, affecting 5.7 million customers, and arrests in the UK related to DragonForce ransomware attacks. Threat groups like DoNot APT and Salt Typhoon continue expanding their espionage operations targeting European ministries and Canadian telecoms, highlighting evolving cyber threats. #ScatteredSpider #DragonForce #DoNotAPT #SaltTyphoon

Data Breaches & Ransomware

  • Qantas confirms a 5.7 million-customer data breach linked to Scattered Spider, compromising sensitive personal information. – Qantas Breach
  • Four arrests in the UK over cyberattacks on major retailers using DragonForce ransomware, attributed to Scattered Spider group. – UK Ransomware Arrests
  • Ingram Micro recovering from a global outage caused by a SafePay ransomware attack disrupting critical services. – Ingram Micro Ransomware
  • Rockerbox exposed 286GB of sensitive tax firm records, including PII like SSNs and military documents due to improper access controls. – Rockerbox Data Leak
  • Bitcoin Depot breached, leaking driver’s licenses and addresses of nearly 27,000 cryptocurrency users, drawing attention to ATM operator security risks. – Bitcoin Depot Breach
  • Nippon Steel Solutions suffers data breach through zero-day attack causing unauthorized access and potential personal data leakage. – Nippon Steel Breach

Cyber Espionage & Threat Groups

  • DoNot APT expands spying operations with new LoptikMod malware targeting European foreign ministries using spear-phishing and stealthy C2 techniques. – DoNot APT Expansion
  • Chinese hacking group Salt Typhoon targets Canadian telecom Rogers, exploiting unpatched vulnerabilities despite Rogers denying compromise. – Salt Typhoon Targets Rogers
  • OFAC sanctions individuals linked to North Korea’s Reconnaissance General Bureau and Andariel group for cyber schemes funding weapons programs. – North Korea Sanctions
  • France’s intel chief warns of Russia’s evolving hybrid operations threatening Europe via disinformation, espionage, and sabotage. – Russian Hybrid Threat
  • Gold Melody IAB (aka Prophet Spider) exploits leaked ASP.NET machine keys to gain unauthorized access across Europe and the US, using memory-resident stealth techniques. – Gold Melody Exploits

Security Vulnerabilities & Patching

  • AMD discloses new Transient Scheduler Attack (TSA), a side-channel CPU vulnerability that could lead to data leaks requiring urgent patches. – AMD TSA Vulnerability
  • Ruckus Networks leaves critical flaws unpatched in management devices, including root SSH access and command injection risks. – Ruckus Security Flaws
  • Microsoft confirms broken synchronization in Windows Server Update Services (WSUS), disrupting deployment of security updates enterprise-wide. – WSUS Sync Failure

Cloud & Authentication Updates

  • Microsoft Authenticator for iOS transitions backups fully to iCloud, eliminating Microsoft account requirement and improving enterprise security. – MS Authenticator iCloud

AI & Privacy Concerns

  • Researcher bypasses ChatGPT 4.0 safety filters to extract sensitive Windows product keys, highlighting risks of AI content filtering vulnerabilities. – ChatGPT Bypass
  • A German court rules that Meta’s tracking technology violates GDPR, ordering a fine and warning of large-scale privacy lawsuits in Europe. – Meta Tracking Ruling

Cybersecurity Industry & Funding

  • AI-native MDR startup AirMDR raises $15.5 million to advance real-time alert triage and automated response capabilities via hybrid AI-human model. – AirMDR Funding
  • The UAE highlights its top 25 women cybersecurity leaders driving national market growth and digital defense innovation in 2025. – UAE Women in Cyber

Cryptocurrency & Financial Security

  • GMX decentralized exchange suffers a $40 million cryptocurrency theft, prompting investigations and trading suspension while offering a bounty. – GMX Crypto Theft

Browser & Mobile Security

  • Google enhances Android 16 Chrome with Advanced Protection, enforcing HTTPS, site isolation, and disabling risky JavaScript optimizers. – Android Chrome Protection
  • Malicious browser extension MellowTel converts nearly 1 million browsers into scraping bots, posing data privacy and security risks. – MellowTel Extension

Compliance & Best Practices

  • The FBI’s CJIS framework outlines best practices for passwords, MFA, access control, and identity management to secure criminal justice data. – FBI CJIS Best Practices

Cybersecurity News | Daily Recap – hendryadrian.com