Security News > 2023 > November

Rew Mahn, 28, of Derry, New Hampshire, pleaded guilty in federal court on Tuesday to both passport fraud and wire fraud, the latter relating to that cyber-intrusion. Mahn was indicted [PDF] by a grand jury for passport fraud in February, after being charged in 2021 with breaking into Motorola's computer network and stealing data.

Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies. Dollar Tree is a discount retail company that operates the Dollar Tree and Family Dollar stores in 23,000 locations in the United States and Canada.

Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 customers after the hack of service provider Zeroed-In Technologies. Dollar Tree is a discount retail company that operates the Dollar Tree and Family Dollar stores in 23,000 locations in the United States and Canada.

The U.K.'s National Cyber Security Centre, the U.S.'s Cybersecurity and Infrastructure Security Agency and international agencies from 16 other countries have released new guidelines on the security of artificial intelligence systems. Lindy Cameron, chief executive officer of the NCSC, said in a press release: "We know that AI is developing at a phenomenal pace and there is a need for concerted international action, across governments and industry, to keep up. These guidelines mark a significant step in shaping a truly global, common understanding of the cyber risks and mitigation strategies around AI to ensure that security is not a postscript to development but a core requirement throughout."

CISA is investigating a cyberattack against a Pennsylvania water authority by suspected Iranian miscreants. The water authority immediately took the system offline, switching to manual operations after the intrusion, which didn't affect the region's drinking water or water supply.

Amir Hossein Golshan, 25, was sentenced to eight years in prison by a Los Angeles District Court and ordered to pay $1.2 million in restitution for crimes involving SIM swapping, merchant fraud, support fraud, account hacking, and cryptocurrency theft. Golshan pleaded guilty on July 19, 2023, for hijacking the Instagram account of a prominent social media influencer.

Microsoft has started testing a new Windows 11 Energy Saver feature that helps customers extend their portable computers' battery life. This new feature is currently available to Insiders in the Canary Channel who have installed Windows 11 Insider Preview Build 26002 and it introduces enhanced battery-saving capabilities that make it easy to lengthen battery lifespan by reducing energy usage and some system performance.

Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims since it first surfaced in April 2022, according to joint research from Corvus Insurance and Elliptic. Over 329 victims worldwide were targeted by the cybercrime operation in double extortion attacks where the gang's affiliates steal sensitive data from compromised systems before deploying ransomware payloads across the targets' networks to encrypt hacked systems.

CISA is warning that threat actors breached a U.S. water facility by hacking into Unitronics programmable logic controllers exposed online. PLCs are crucial control and management devices in industrial settings, and hackers compromising them could have severe repercussions, such as water supply contamination through manipulating the device to alter chemical dosing.

The Japan Aerospace Exploration Agency was hacked in a cyberattack over the summer, which may have put sensitive space-related technology and data at risk. The security breach was discovered this autumn when law enforcement authorities alerted Japan's space agency that its systems were compromised, as first reported by The Yomiuri Shimbun.