Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Advanced Rootkit Used to Conceal ToneShell Malware in Targeted Cyberespionage Attacks

  Cybersecurity researchers have brought to light a new wave of cyberespionage activity in which government networks across parts of Asia we...

All the recent news you need to know
VeraBank
Artisans' Bank cyberattack Data Breach Marquis Software ransomware attack US bank data breach VeraBank

Two US Banks Disclose Customer Data Exposure Linked to Marquis Software Ransomware Attack

 

Two American banks have issued public warnings to customers after being affected by a ransomware incident that occurred in August at a widely used financial software provider.

Artisans' Bank and VeraBank notified regulators in Maine last week that recent data breaches traced back to a cyberattack on Marquis Software. The vendor had earlier confirmed it suffered a ransomware attack around August 14, impacting dozens of corporate clients and thousands of individuals connected to those organizations.

In notification letters sent to affected customers, VeraBank clarified that Marquis Software serves as its “customer communication and data analysis vendor.”

“They had access to your data to communicate relevant and necessary updates with you and also to analyze what bank products and services may best fit your needs,” the Texas-based lender stated. “We only provided Marquis with access to your data after they had contractually agreed to secure and protect the same.”

According to VeraBank’s disclosures, 37,318 individuals had personal information compromised, though the bank did not specify exactly what data was taken.

Artisans' Bank, headquartered in Delaware, said it was alerted to the incident by Marquis Software in October. Its investigation revealed that the breach exposed the names and Social Security numbers of 32,344 people.

Both banks emphasized that their internal systems were not compromised and that the stolen information was “maintained by Marquis Software.”

The disclosures make VeraBank and Artisans' Bank the latest financial institutions identified as downstream victims of the Marquis Software attack. The company provides data analytics, compliance services, and digital marketing solutions to hundreds of banks and credit unions nationwide.

Marquis Software stated in its own breach notifications that it contacted federal law enforcement after discovering the cyberattack in August. The company said investigators traced the breach to a vulnerability in a SonicWall firewall device.

According to Marquis Software, the stolen data included names, addresses, phone numbers, Social Security numbers, taxpayer identification numbers, dates of birth, and financial account details that did not include security or access codes.

Between October 27 and November 25, Marquis Software notified at least 74 banks, credit unions, and financial institutions that their data was involved in the breach. The company filed reports with regulators in multiple states, including Maine, South Carolina, Washington, and Iowa, and also issued notices on behalf of several affected institutions.

The firm has not responded to inquiries about whether additional financial organizations have since been impacted or how many total individuals were affected.

Based on victim counts collected from various state breach registries, cybersecurity researchers and law firms estimate the total number of affected individuals could range from approximately 788,000 to 1.35 million.

Cybersecurity firm Comparitech reported obtaining a now-deleted breach notification letter from Iowa-based Community 1st Credit Union that alleged Marquis Software paid a ransom to the attackers. The company has not commented on whether a payment was made, and no ransomware group has publicly claimed responsibility for the attack.


Read more »
Scam Prevention
Cyber Fraud Fraud Alerts Holiday Scams Online Safety Scam Prevention

Holiday Scams Surge: How to Protect Yourself This Season

 

Scammers intensify their efforts during the holiday season, exploiting the rush, stress, and increased spending that characterize this time of year. The Federal Bureau of Investigation warns that fraud schemes spike significantly as criminals deploy sophisticated tactics—including AI-generated offers and phony delivery notifications—to steal money and personal information from unsuspecting victims.

The holiday period creates perfect conditions for fraudsters. People are distracted by family obligations, travel plans, and shopping deadlines, making them less likely to scrutinize suspicious messages or verify deals that appear too good to be true. With money flowing through shopping, travel bookings, and gift exchanges, scammers have numerous opportunities to exploit vulnerable targets.

Common holiday scams

Fake online shopping sites represent one of the most prevalent threats. These professional-looking storefronts advertise steep holiday discounts but disappear after collecting payments without delivering products. Consumers should navigate directly to trusted retailer websites rather than clicking promotional links and use credit cards for easier fraud disputes.

Phishing and smishing attacks flood inboxes with messages impersonating delivery services, claiming shipping problems or requesting order confirmations. These messages aim to harvest login credentials and financial details. Recipients should avoid clicking links in unexpected messages and instead manually type company URLs into browsers to verify account status.

Gift card scams involve tampering with physical cards to drain balances after activation or pressuring victims to pay with gift cards instead of standard methods. Purchasing cards directly from secure locations and retaining receipts provides protection against these schemes.Bogus charity operations emerge during the holidays, exploiting generosity through emotional donation requests. Donors should verify organizations using platforms like Charity Navigator before contributing funds.

Travel scams target holiday travelers with fake airline, hotel, or rental confirmations designed to collect money and personal information. Booking directly through official company channels and confirming reservations via verified apps prevents these frauds.Imposter scams feature criminals posing as customer service representatives on social media to extract sensitive data. 

Users should only engage with verified business accounts and never share personal details through direct messages.Non-delivery scams occur when buyers pay for goods they never receive or sellers ship items without receiving payment. Using platforms with buyer and seller protections minimizes these risks.

Protection strategies

Awareness and simple habits provide effective defense. Slowing down before clicking links, verifying sellers through reviews, and favoring credit cards over peer-to-peer payment apps significantly reduce risk. When urgency triggers suspicion, pausing to verify information can prevent costly mistakes and protect finances throughout the holiday season
Read more »
data sovereignty
Aerospace Cloud Cloud Security Corporate Security cyber resilience Cyber Security data security data sovereignty

Airbus Signals Shift Toward European Sovereign Cloud to Reduce Reliance on US Tech Giants

 

Airbus, the aerospace manufacturer in Europe is getting ready to depend less on big American technology companies like Google and Microsoft. The company wants to rethink how and where it does its important digital work. 

Airbus is going to put out a request for companies to help it move its most critical systems to a European cloud that is controlled by Europeans. This is a change in how Airbus handles its digital infrastructure. Airbus is doing this to have control over its digital work. The company wants to use a cloud, for its mission-critical systems. Airbus uses a lot of services from Google and Microsoft. The company has a setup that includes big data centers and tools like Google Workspace that help people work together. 

Airbus also uses software from Microsoft to handle money matters.. When it comes to very secret and military documents these are not allowed to be stored in public cloud environments. This is because Airbus wants to be in control of its data and does not want to worry about rules and regulations. Airbus has had these concerns for a time. 

The company wants to make sure it can keep its information safe. Airbus is careful, about where it stores its documents, especially the ones that are related to the military. The company is now looking at moving its applications from its own premises to the cloud. This includes things like systems for planning and managing the business platforms for running the factories tools for managing customer relationships and software for managing the life cycle of products which's where the designs for the aircraft are kept. 

These systems are really important to Airbus because they hold a lot of information and are used to run the business. So it is very important to think about where they are hosted. The people in charge have said that the information, in these systems is a matter of European security, which means the systems need to be kept in Europe. Airbus needs to make sure that the cloud infrastructure it uses is controlled by companies. The company wants to keep its aircraft design data safe and secure which is why it is looking for a solution that meets European security standards. 

European companies are getting really worried about being in control of their digital stuff. This is a deal for them especially now that people are talking about how different the rules are in Europe and the United States. Some big American companies like Microsoft, Google and Amazon Web Services are trying to make European companies feel better by offering services that deal with these worries.. European companies are still not sure if they can really trust these American companies. 

The main reason they are worried is because of a law in the United States called the US CLOUD Act. This law lets American authorities ask companies for access to data even if that data is stored in other countries. European companies do not like this because they think it means American authorities have much power over their digital sovereignty. Digital sovereignty is a concern for European companies and they want to make sure they have control, over their own digital stuff. 

For organizations that deal with sensitive information related to industry, defense or the government this set of laws is a big problem. Digital sovereignty is about a country or region being in charge of its digital systems the way it handles data and who gets to access that data. This means that the laws of that country decide how information is taken care of and protected. The way Airbus is doing things shows that Europe, as a whole is trying to make sure its cloud operations follow the laws and priorities of the region. European organizations and Europe are working on sovereignty and cloud operations to keep their information safe. 

People are worried about the CLOUD Act. This is because of things that happened in court before. Microsoft said in a court in France that it cannot promise to keep people from the United States government getting their data. This is true even if the data is stored in Europe. Microsoft said it has not had to give the United States government any data from customers yet.. The company admitted that it does have to follow the law. 

This shows that companies, like Microsoft that are based in the United States and provide cloud services have to deal with some legal problems. The CLOUD Act is a part of these problems. Airbus’ reported move toward a sovereign European cloud underscores a growing shift among major enterprises that view digital infrastructure not just as a technical choice, but as a matter of strategic autonomy. 

As geopolitical tensions and regulatory scrutiny increase, decisions about where data lives and who ultimately controls access to it are becoming central to corporate risk management and long-term resilience.
Read more »
Unauthorized Surveillance
Airspace Cyber Risk Critical Component Ban Cyber Security Data Exfiltration Threat FCC Covered List Homeland Network Protection Supply Chain Risk UAS Regulation Unauthorized Surveillance

FCC Rules Out Foreign Drone Components to Protect National Networks

 


A decisive step in federal oversight on unmanned aerial technology has been taken by the United States Federal Communications Commission, in a move that is aimed at escalating federal control over unmanned aerial technology. Specifically, the FCC has prohibited the sale of newly manufactured foreign drones and their essential hardware components in the United States, citing the necessity for national security. 

According to the FCC's regulatory action, which was revealed on Monday, drone manufacturers such as DJI and Autel, as well as other overseas drone manufacturers, have been placed on the FCC's "Covered List," which means that they cannot obtain the agency's mandatory authorization to sell, market, or market new drone models and critical parts to consumers.

The decision follows a directive issued by the U.S. Congress in December 2024, which required DJI and Autel to go on the list within a year of being notified if the government did not validate the continued sale of these systems under government monitoring. 

A ban on foreign drone systems and components has been imposed by the Federal Communications Commission without approval as it indicates that there are perceived risks associated with them-especially those originating from Chinese manufacturers-that are incompatible with the security thresholds established to protect U.S. technology infrastructure and communication networks, as well as the security standards in place to obtain such clearances, which are incompatible with the security thresholds. 

The decision adds unmanned aerial technology to the Federal Communications Commission's "Covered List", which is a list of technologies that cannot be imported or sold commercially in the United States for the sake of safety reasons. DJI and other foreign drone manufacturers will not be able to obtain the equipment authorization required for importing and selling drones. 

A statement issued by the agency on Monday emphasized the security rationale for its decision, stating that the ban is meant to mitigate risk associated with potential drone disruption, unauthorized surveillance operations, data extraction, and other airborne threats that could threaten the nation's infrastructure. 

In spite of the fact that the rule does not impact the current drone ecosystem in the country in any significant way, the rule does not seem to have any significant impact on it. During the Commission's meeting, it was clarified that the restrictions were only affecting future product approvals and were not affecting drones or drone components currently being sold in the United States; thus, previously authorized drone models still remain operational and legal in operation. 

Neither the FCC nor the FCC's spokesperson have responded to media inquiries regarding whether such actions are being contemplated, and the agency has not indicated any immediate plans to revoke past approvals or to impose retroactive prohibitions. 

For now, the regulatory scope remains forward-looking, leaving thousands of unmanned aircraft, manufactured by foreign companies, already deployed in the commercial, civilian, and industrial sectors, unaffected by this ruling. Though drones manufactured by foreign companies which were previously authorized to be purchased and sold can still be owned and sold, the FCC has incorporated critical parts into the scope of the ban, causing new uncertainty regarding long-term maintenance, repair, and supply chain security. 

The industry observers warn that replacement batteries, controllers, sensors, and other components that are crucial to the operation of drone fleets will become more difficult to source in the future as well as more expensive, thus potentially threatening operational uptime for these drones. 

A strong opposition has been raised within the U.S. commercial drone industry, which is composed of almost 500,000 FAA-licensed pilots, who are dependent on imported aircraft for a variety of day-to-day business functions including mapping, surveys, inspections of infrastructure, agricultural monitoring, and assistance in emergency situations. 8,000 commercial pilots were surveyed by the Pilot Institute last year, according to the Wall Street Journal, and 43 percent expect the ban to have an “extremely negative” impact on their companies, or even end the businesses altogether. 

This further emphasizes the concerns that this policy could have as disruptive an economic impact as its security motivations are preventative, reinforcing concerns about its economic impacts. In anticipation of the ruling, a number of operators had already begun stockpiling drones and spare parts, which was indicative of the market's expectation that procurement bottlenecks would soon take place. 

It is clear that the level of foreign dependency is profound, as evidenced by DJI, the Shenzhen-based drone manufacturer, which alone accounts for 70 to 90 percent of the commercial, government, and consumer drone market in the United States. 

A common example of this type of reliance is in the geospatial data industry, where firms like Spexi, whose headquarters is based in Vancouver, deploy large freelance pilot networks to scan regions looking for maps and mapping intelligence. 

According to CEO Bill Lakeland of Spexi, their pilots primarily operate DJI aircraft, such as the widely used DJI Mini series, and acknowledge the company's dependence on imported hardware. He stated that the company's operations have been mostly "reliant on the DJI Minis" however he did confirm that the company is in the process of exploring diversification strategies, as well as developing proprietary hardware solutions in the future. 

Although there are significant costs associated with domestically manufactured drones, resulting in firms like Spexi deciding to build their own alternatives despite the engineering and financial overhead entailed by such a move, cost is a significant barrier. This is a factor that is driving firms like Spexi to consider building their own alternatives. 

In Lin's words, “The U.S. should correct its erroneous practices and protect Chinese businesses by providing them an environment that is fair, just, and non-discriminatory,” this is a confirmation of Beijing’s view that exclusion is more appropriate than risk-based regulation. Accordingly, the recent dispute mirrors previous actions taken by the FCC, in which the FCC has previously added several Chinese enterprises to the same Covered List due to similar security concerns, effectively preventing those firms from getting federal equipment authorizations. 

However, there has been an air of unease around Chinese-manufactured drones since long before the current regulatory wave of legislation was instituted. The U.S. Army has banned the use of DJI drones since 2017 because it believes that there are cyber security vulnerabilities posed to operational risks. 

In that same year, the Department of Homeland Security circulated an internal advisory warning that Chinese-built unmanned aerial systems may be transmitting sensitive data such as flight logs and geolocations back to the manufacturers. Before Congress and federal agencies began formalizing import controls, there was a growing concern about cross-border data exposure. 

The FCC explained the rationale behind its sweeping drone restrictions in detail, pointing out that unmanned aerial systems and their associated components manufactured overseas are extremely vulnerable to being exploited by the federal government. This includes data transmission modules, communication systems, flight controllers, ground control stations, navigation units, batteries, and smart power systems. 

Various techniques, including persistent surveillance, unauthorized extraction of sensitive data, and even destructive actions within the U.S., can be manipulated to facilitate such activities. Nevertheless, the agency indicated that specific drones or parts of drones made by foreign nations could be exempted from the ban if the Department of Homeland Security deemed them to not pose such risks, underlining that the restrictions are not blanket exclusions but rather are based on assessed security vulnerabilities. 

A new rule passed by the FCC today also preserves continuity for current owners as well as the retail sector. Consumers can continue to use drones that have already been purchased, and authorized retailers are still eligible to sell, import, and market the models that have been approved by the Government in the current year. 

A regulatory development that follows a larger national security policy development is a result of President Donald Trump signing the National Defense Authorization Act for Fiscal Year 2026 last week, which included enhanced measures intended to protect the nation's airspace from unmanned aircraft that pose a threat to public safety or critical infrastructure. 

There have been prior moves taken by the FCC to tighten technological controls, and this latest move is reminiscent of those prior to it. Earlier this year, the agency announced that it had expanded its "Covered List" to include Russian cybersecurity firm Kaspersky, effectively barring the company from offering its software directly or indirectly to Americans on the basis of the same concerns over data integrity and national security. 

This decision of the FCC is one of the most significant regulatory interventions that have ever been made in the U.S. drone industry, reinforcing a broader federal strategy that continues to connect supply-chain sovereignty, aviation security, and communications infrastructure.

However, while the ban has been limited to future approvals, it has caused a significant shift in the policy environment where market access is now highly dependent on geopolitical risk assessments, hardware traceability, and data governance transparency, among other things. 

A critical point that industry analysts point out is that these rulings may accelerate domestic innovation by incentivizing domestic manufacturers to expand production, increase cost efficiencies, and strengthen standards for cybersecurity at component levels. 

Additionally, commercial operators are advised to prepare for short-term constraints by reevaluating their vendor reliance, maintaining maintenance inventories where technically viable, and optimizing modular platforms to facilitate interoperability between manufacturers should they arise in the near future. 

During the same time, policymakers may have to balance national security and economic continuity, making sure safeguards don't unintentionally obstruct critical services such as disaster response, infrastructure monitoring, and geospatial intelligence in the process. As a result of the ruling, the world's largest commercial UAS market could be transformed into a revolutionary one, defining a new way for drones to be built, approved, deployed, and secured.
Read more »
Scams
Cyber Crime Hacking IT information Korean Air Scams

Korean Air Confirms Employee Data Leak Linked to Third-Party Breach

 



Korean Air has confirmed that personal information belonging to thousands of its employees was exposed following a cyber incident at Korean Air Catering and Duty-Free, commonly referred to as KC&D. The company disclosed the issue after receiving notification from KC&D that its internal systems had been compromised by an external cyberattack.

KC&D, which provides in-flight meals and duty-free sales services, was separated from Korean Air in 2020 and now operates as an independent entity. Despite this separation, KC&D continued to store certain employee records belonging to Korean Air, which were housed on its enterprise resource planning system. According to internal communications, the exposed data includes employee names and bank account numbers. Korean Air estimates that information related to approximately 30,000 employees may have been affected.

The airline clarified that the incident did not involve passenger or customer data. Korean Air stated that, based on current findings, the breach was limited strictly to employee information stored within KC&D’s systems.

In an internal notice circulated to staff, Korean Air acknowledged that while the breach occurred outside its direct operational control, it is treating the situation with seriousness due to the sensitivity of the information involved. The company noted that it only became aware of the incident after KC&D formally disclosed the breach.

Following the notification, Korean Air said it immediately initiated emergency security measures and reported the matter to relevant authorities. The airline is actively working to determine the full extent of the exposure and identify all affected individuals. Employees have been advised to remain cautious of unexpected messages or unusual financial activity, as exposed personal information can increase the risk of scams and identity misuse.

Korean Air leadership reassured staff that there is currently no evidence suggesting further leakage of employee data beyond what has already been identified. The company also stated that it plans to conduct a comprehensive review of its data protection and security arrangements with external partners to prevent similar incidents in the future.

Although Korean Air has not officially attributed the attack to any specific group, a ransomware operation has publicly claimed responsibility for breaching KC&D’s systems. This claim has not been independently verified by Korean Air. Cybersecurity analysts have noted that the same group has been linked to previous attacks exploiting vulnerabilities in widely used enterprise software, often targeting third-party vendors as an entry point.

Ransomware groups typically operate by stealing sensitive data and threatening public disclosure to pressure victims. Such attacks increasingly focus on supply-chain targets, where indirect access can yield large volumes of data with fewer security barriers.

Korean Air stated that investigations are ongoing and that it will continue cooperating with authorities. The airline added that further updates and support will be provided to employees as more information becomes available.

Read more »
Government attacks
Cyber Security Cyberattacks cybersecurity risks Data Breaches Data Theft Digital Risk Digital Security Government attacks

A Year of Unprecedented Cybersecurity Incidents Redefined Global Risk in 2025

 

The year 2025 marked a turning point in the global cybersecurity landscape, with the scale, frequency, and impact of attacks surpassing anything seen before. Across governments, enterprises, and critical infrastructure, breaches were no longer isolated technical failures but events with lasting economic, political, and social consequences. The year served as a stark reminder that digital systems underpinning modern life remain deeply vulnerable to both state-backed and financially motivated actors. 

Government systems emerged as some of the most heavily targeted environments. In the United States, multiple federal agencies suffered intrusions throughout the year, including departments responsible for financial oversight and national security. Exploited software vulnerabilities enabled attackers to gain access to sensitive systems, while foreign threat actors were reported to have siphoned sealed judicial records from court filing platforms. The most damaging episode involved widespread unauthorized access to federal databases, resulting in what experts described as the largest exposure of U.S. government data to date. Legal analysts warned that violations of established security protocols could carry long-term legal and national security ramifications. 

The private sector faced equally severe challenges, particularly from organized ransomware and extortion groups. One of the most disruptive campaigns involved attackers exploiting a previously unknown flaw in widely used enterprise business software. By silently accessing systems months before detection, the group extracted vast quantities of sensitive employee and executive data from organizations across education, healthcare, media, and corporate sectors. When victims were finally alerted, many were confronted with ransom demands accompanied by proof of stolen personal information, highlighting the growing sophistication of data-driven extortion tactics. 

Cloud ecosystems also proved to be a major point of exposure. A series of downstream breaches at technology service providers resulted in the theft of approximately one billion records stored within enterprise cloud platforms. By compromising vendors with privileged access, attackers were able to reach data belonging to some of the world’s largest technology companies. The stolen information was later advertised on leak sites, with new victims continuing to surface long after the initial disclosures, underscoring the cascading risks of interconnected software supply chains. 

In the United Kingdom, cyberattacks moved beyond data theft and into large-scale operational disruption. Retailers experienced outages and customer data losses that temporarily crippled supply chains. The most economically damaging incident struck a major automotive manufacturer, halting production for months and triggering financial distress across its supplier network. The economic fallout was so severe that government intervention was required to stabilize the workforce and prevent wider industrial collapse, signaling how cyber incidents can now pose systemic economic threats. 

Asia was not spared from escalating cyber risk. South Korea experienced near-monthly breaches affecting telecom providers, technology firms, and online retail platforms. Tens of millions of citizens had personal data exposed due to prolonged undetected intrusions and inadequate data protection practices. In one of the year’s most consequential incidents, a major retailer suffered months of unauthorized data extraction before discovery, ultimately leading to executive resignations and public scrutiny over corporate accountability. 

Collectively, the events of 2025 demonstrated that cybersecurity failures now carry consequences far beyond IT departments. Disruption, rather than data theft alone, has become a powerful weapon, forcing governments and organizations worldwide to reassess resilience, accountability, and the true cost of digital insecurity.
Read more »
Subscribe to: Comments (Atom)

Featured