Global Cyber Threats Escalate: 2024 Insights 7th April

Strategic Insights into Cybersecurity Trends and Threat Mitigation

Author

Pam C
April 07, 2024

This weekend's ZeroDay Alert Zone newsletter covers significant data breaches from 2022 to 2024, highlighting major incidents at T-Mobile, Bank of America, Fujitsu, and AT&T. The latter suffered a massive breach affecting millions with personal data like Social Security numbers exposed, offering credit monitoring to victims. Discussions include the EU's cybersecurity certification changes, YouTube channel hijackings for data theft, AI-generated malware spread through fake software libraries, and the rising issue of cryptocurrency scams, surpassing ransomware in losses. Additionally, insights into cybersecurity stocks and companies, including Zscaler's potential as a buy, provide valuable market intelligence for our readers.

Table of Contents

Data Breaches That Have Happened in 2022, 2023 and 2024 So Far

The article on Tech.co provides a detailed list of significant data breaches and leaks that have occurred from 2022 up to March 2024, impacting various sectors globally. High-profile breaches include those at T-Mobile, Bank of America, and Fujitsu, among others. These incidents have exposed a range of sensitive information, from personal customer data to financial records, highlighting the critical need for enhanced cybersecurity measures across industries. For a comprehensive overview of these breaches, including specific details and dates, please refer to the full article here.

What customers should know about AT&T's massive data breach

This is an article about a data breach at AT&T . It discusses millions of current and former customers having their personal information stolen [1]. The information stolen includes Social Security numbers, passcodes, full names, email addresses, mailing addresses, phone numbers, and dates of birth [1]. AT&T is offering credit-monitoring services to those affected.  Customers can sign up for 24-7 credit monitoring and enable two-factor authentication on their AT&T account to protect themselves.

The EU has amended its cybersecurity certification scheme to facilitate Big Tech companies like Amazon, Google, and Microsoft in bidding for EU cloud computing contracts. This change comes by removing the requirement for vendors to be independent from non-EU laws, addressing previous concerns over illegal state surveillance and the dominance of U.S. cloud providers. The revised draft focuses on vendors disclosing the location and applicable laws for data storage and processing, moving away from strict sovereignty requirements​ (Reuters)​.

Hackers Hijacking YouTube Channels to Steal Your Data

The EU has amended its cybersecurity certification scheme to facilitate Big Tech companies like Amazon, Google, and Microsoft in bidding for EU cloud computing contracts. This change comes by removing the requirement for vendors to be independent from non-EU laws, addressing previous concerns over illegal state surveillance and the dominance of U.S. cloud providers. The revised draft focuses on vendors disclosing the location and applicable laws for data storage and processing, moving away from strict sovereignty requirements​ (Reuters)​.

Hackers Can Use AI Hallucinations to Spread Malware

A Fake Software Library Made Up by a ChatBot Was Downloaded More Than 35,000 Times

The article from BankInfoSecurity discusses how generative AI can be manipulated by hackers to spread malware through "AI hallucinations," specifically by creating fictitious software libraries. An example given is a non-existent Python package, "huggingface-cli," that was uploaded and then downloaded over 35,000 times, indicating how even large companies can be tricked into using such fake packages. This highlights the importance of developers verifying the authenticity of packages and being cautious with AI-generated recommendations​ (BankInfoSecurity)​.

Crypto scams cost more than ransomware, says FBI as US initiates civil forfeiture action

Cryptocurrency scams are eclipsing ransomware as the bigger threat, according to the FBI, with romance scams causing significant losses  المصدر: International Finance: https://internationalfinance.com/currency/crypto-scams-cost-more-ransomware-says-fbi-us-initiates-civil-forfeiture-action/. In 2023, victims lost a staggering USD 4.57 billion, a 38% increase compared to the previous year. These scams often involve fraudsters posing as women online to lure victims into investing on fake cryptocurrency platforms. When victims attempt to withdraw their funds, scammers hit them with fees. The US Department of Justice is actively pursuing avenues to recover stolen cryptocurrency.

Why a near-miss cyberattack put US officials and the tech industry on edge

A near-miss cyberattack involving the software XZ Utils put US officials and the tech industry on high alert. Discovered by a Microsoft developer, the software had been tampered with to create a backdoor potentially affecting millions of servers. This incident highlights the vulnerability of open-source software, often maintained by small teams or individuals under significant pressure. The situation has sparked discussions on the need for more support and security measures for open-source projects to prevent future espionage or sabotage attempts​ (Reuters)​.

Financial Insights on Cybersecurity Companies:

Views from The Motley Fool

Zscaler, following a quarter where it exceeded expectations and raised future guidance, presents a buying opportunity on the dip. The reaction to its earnings report, seen as a slowdown in growth, is viewed as a knee-jerk response. With strong cash flow supporting its balance sheet and shareholder equity, Zscaler remains a solid investment, especially as it continues to innovate in cloud-based cybersecurity​ (MarketBeat)​.

7 Best Cyber Security Stock of 2024: Massive Wave of Growth!

7 Best Cyber Security Stock of 2024: Massive Wave of Growth! In this video I provide a list of the top 7 Cyber Security stock that is expected to ride the AI, or Artificial Intelligence, and Cyber protection Boom for the next 10 years. Some stock won't surprise you, but there are a few that are less known companies that support cyber security and AI growth.  The top stock to buy today should continue to grow for several years to come.  https://youtu.be/tSwJAruVKeA?si=NokGSlJ_rVq90FtS

Footer:
Thank you for reading the ZeroDay Alert Zone Newsletter. Stay tuned for more cybersecurity updates in our next edition! 

Don't miss out on the latest cybersecurity updates and insights! Subscribe to the ZeroDay Alert Zone Newsletter today and stay ahead of evolving cyber threats. From implementing Zero Trust controls to financial insights on cybersecurity stocks, our newsletter delivers valuable information straight to your inbox. Join us in safeguarding your digital world. Subscribe now]