TeleMessage provides secure archiving services for a variety of messaging apps, including Telegram and WhatsApp. In this case, the security breach is of an unofficial Signal clone that parent company Smarsh offers called "TM SGNL."
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
In at least two of the attacks, those on Co-op and Marks and Spencer, the DragonForce group is confirmed to have used very similar social engineering approaches to convince the IT help desks to have an employee password reset.
UK retailer the Co-op has confirmed and apologized for the data theft stemming from a cyber attack on its systems, claimed by the Dragonforce ransomware operation.
UK retailer Harrods is the most recent victim of a cyber attack, hot on the heels of similar cybersecurity incidents affecting Marks & Spencer and the Co-op, prompting an NSCS advisory.
Microsoft claims that its new passwordless methods reduce password use by over 20% and result in users signing in faster. The company added passkeys as an option for personal accounts along with a password manager for Windows Hello early last year.
Recent revelations about a zero-click exploit targeting WhatsApp users underscore the growing threat of sophisticated spyware campaigns. This evolution in attack methodology presents a serious challenge for organizations and individuals who rely on encrypted messaging platforms for secure communication.
Canadian power utilities Emera and Nova Scotia have suffered cyber attacks that forced the companies to shut down some business application servers.
Opet notes that the SaaS model is usually the default option for whatever software a company might need, and often is the only option available. That means a global concentration of risk such that numerous third-party security breaches could cascade.”
Called the "Policy Puppetry Attack," the new prompt injection attack focuses on formatting requests to look like the contents of one of the policy files that AI models rely on for their security and safety guidelines.
Dialysis company DaVita has suffered an Interlock ransomware attack that disrupted some operations and allegedly leaked over 1.5 terabytes of sensitive patient data.










