Here are this week’s highlights in cybersecurity:

  • The Iranian Atomic Energy Organization confirmed that one of its subsidiaries’ email servers was hacked after it was leaked online by the Black Reward group. More
  • A Windows zero-day allows threat actors to use malicious JavaScript files to bypass Mark-of-the-Web security warnings. The behaviour is caused by using a signed script with a corrupt signature. More
  • Tata Power was hit by a cyber attack, according to a recent stock filling. Now the Hive ransomware group started leaking data allegedly stolen from Tata. More
  • Two Chinese nationals were charged for paying thousands of dollars in cash and jewellery to obstruct a federal investigation into Huawei. More
  • Ticket provider ‘See Tickets’ disclosed a data breach, informing customers that hackers accessed their payment card details via a website skimmer. The investigation began in April 2021 and complete malware removal was finished only in January 2022. The website was breached in June 2019 which equals to 2.5 years of compromise. More

Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.