Security News > 2024 > March

Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems - perhaps by the Akira ransomware gang.Some of those affected by the breach were customers of finance services that Nissan operated and branded for rival automakers Mitsubishi, Renault, Infiniti, LDV, and RAM. "We know this will be difficult news for people to receive, and we sincerely apologize to our community for any concerns or distress it may cause," Nissan said in a statement posted to its website.

Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems - perhaps by the Akira ransomware gang. Some of those affected by the breach were customers of finance services that Nissan operated and branded for rival automakers Mitsubishi, Renault, Infiniti, LDV, and RAM. "We know this will be difficult news for people to receive, and we sincerely apologize to our community for any concerns or distress it may cause," Nissan said in a statement posted to its website.

Microsoft will soon provide a single Teams Windows and macOS app for all account types, allowing users to switch between work, school, or personal profiles with just a couple of mouse clicks. A preview version is already gradually rolling out to Windows Insiders in the Canary and Dev channels using Microsoft Teams version 24057.

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. The flaw tracked as CVE-2024-21412 is a Windows Defender SmartScreen flaw that allows specially crafted downloaded files to bypass these security warnings.

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. The flaw tracked as CVE-2024-21412 is a Windows Defender SmartScreen flaw that allows specially crafted downloaded files to bypass these security warnings.

UnitedHealth Group confirmed in late February that Change Healthcare systems and services were shut down after a cyberattack by "Nation-state" hackers, which was later linked to the BlackCat ransomware gang. Change Healthcare is the largest payment exchange platform used by doctors, healthcare providers, and patients in the U.S. healthcare system and by more than 70,000 pharmacies, while UHG has contracts with over 1.6 million health professionals and 8,000 healthcare facilities across all 50 U.S. states.

With remote work becoming so commonplace, identity and access management software has grown in importance in recent years. Roid Enterprise Mobility Management enables secure selection, deployment and management of Android devices and services.

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. Last month, Fortinet disclosed a critical remote code execution bug in the FortiOS operating system and the FortiProxy secure web proxy, which the company tagged as "Potentially being exploited in the wild."

The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed. PixPirate is a new Android malware first documented by the Cleafy TIR team last month seen targeting Latin American banks.

Google awarded $10 million to 632 bug hunters last year through its vulnerability reward programs. Google's 2023 highlights include newer reward categories, including finding flaws in its AI products and Android phone apps, plus a brand-new Bonus Awards program that periodically pays out time-limited, extra rewards for specific vulnerability targets.