Chris Riotta reports: Turkish-linked cyber spies used a zero-day exploit housed in a popular chat software to target Kurdish military operations in Iraq, Microsoft Threat Intelligence reported Monday. Microsoft’s cybersecurity research arm said the threat actor tracked as “Marbled Dust” exploited unpatched user accounts in the Output Messenger Server Manager application, allowing the group to collect user…
Category: Non-U.S.
Dior faces scrutiny, fine in Korea for insufficient data breach reporting; data of wealthy clients in China, South Korea stolen
Korea Joong Ang Daily reports: Luxury brand Dior is facing criticism in Korea for its inadequate response to a recent data breach that exposed the personal information of customers in Korea. While the company notified the Personal Information Protection Commission (PIPC), it failed to report the hacking incident to the Korea Internet & Security Agency…
Personal information exposed by Australian Human Rights Commission data breach
David Hollingworth reports: The Australian Human Rights Commission (AHRC) has revealed that more than 600 submissions and nominations to the commission’s website were accidentally exposed online between April and May 2025. The AHRC became aware of the breach on 10 April, when it discovered that attachments uploaded to its complaint web form between 24 March…
N.W.T.’s medical record system under the microscope after 2 reported cases of snooping
Sidney Cohen reports that both cases involved employees of the Northwest Territories Health and Social Services Authority: Medical records are among the most sensitive pieces of information that a government agency keeps on citizens. But these records are not impervious to snooping, as evidenced by two distinct cases reported this year by the Northwest Territories…
Star Health hacker claims sending bullets, threats to top executives: Reports
Sheersh Kapoor reports: The hacker responsible for a major data breach at Star Health and Allied Insurance last year has reportedly claimed responsibility for sending death threats and bullet cartridges to the insurer’s top executives. According to Reuters, a person using the alias ‘xenZen’ said in a March 13 email that they mailed two packages…
Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
The Economic Times reports: Utilities under fire: Nova Scotia Power cyberattack raises alarm Nova Scotia Power and its parent company, Emera, are scrambling to contain the fallout of a cyberattack on critical infrastructure that disrupted IT systems but spared physical operations. The cybersecurity breach came to light on April 25, when the utility discovered unauthorized…