Author: RecordedFuture

Texas sues Allstate, alleging it violated data privacy rights of 45 million Americans
Summary: Texas Attorney General Ken Paxton is suing Allstate and its subsidiary Arity for allegedly collecting and selling cell phone location data of over 45 million Americans without consent, violating Texas’ Data Privacy and Security Act. This lawsuit marks a significant enforcement action under state-level data privacy laws, highlighting concerns about consumer data privacy in mobile applications.…
Read More
Rep. Don Bacon on cyber deterrence: ‘Speak softly and carry a big-ass stick’
Summary: Rep. Don Bacon discusses his priorities as the head of the House Armed Services cyber and innovation subcommittee, emphasizing the need for a stronger response to cyber threats, particularly from China, and the urgency of modernizing military acquisition processes. He also shares insights on the future of Cyber Command and the importance of maintaining a unified command structure.…
Read More
Marijuana dispensary STIIIZY warns of leaked IDs after November data breach
Summary: A data breach at STIIIZY, a California marijuana dispensary, exposed sensitive customer information, including IDs and passports, due to a cyberattack by the Everest gang. The company has warned affected customers and is offering credit monitoring services following the incident.

Threat Actor: Everest cybercrime gang | Everest cybercrime gang Victim: STIIIZY | STIIIZY

Key Point :

Data breach exposed personal information of customers, including drivers’ license and passport numbers.…
Read More
Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad
Summary: Three Russian nationals have been indicted for their involvement in operating cryptocurrency mixing services Blender.io and Sinbad.io, which were used to launder funds for cybercriminals, including North Korea’s Lazarus Group. The U.S. Department of Justice, in collaboration with international law enforcement, has taken significant steps to dismantle these platforms and hold the operators accountable.…
Read More
Slovakia’s land registry hit by biggest cyberattack in country’s history, minister says
Summary: A significant cyberattack on Slovakia’s land registry, attributed to a ransomware attack, has led to the shutdown of systems and physical offices, causing widespread disruption in property transactions and essential services. The attack is believed to have originated from Ukraine amid rising geopolitical tensions.

Threat Actor: Unknown | unknown Victim: Slovakian Geodesy, Cartography and Cadastre Office (UGKK) | Slovakian Geodesy, Cartography and Cadastre Office (UGKK)

Key Point :

The attack is the largest in Slovakia’s history, with attackers demanding millions in ransom.…
Read More
Bots identified pushing anti-NATO messages in Croatian presidential runoff
Summary: Researchers have identified pro-Russian bot networks attempting to influence public opinion in Croatia ahead of the presidential runoff election, primarily supporting incumbent president Zoran Milanović. These networks are promoting anti-EU and anti-NATO sentiments while amplifying pro-Milanović content.

Threat Actor: Pro-Russian Bot Networks | Pro-Russian Bot Networks Victim: Croatian Presidential Election | Croatian Presidential Election

Key Point :

Bot networks are promoting Zoran Milanović while undermining his opponent, Dragon Primorac.…
Read More
Chinese spies targeting new Ivanti vulnerability, Mandiant says
Summary: A newly discovered vulnerability in Ivanti’s Connect Secure VPN is being exploited by China-based espionage threat actors, prompting urgent action from U.S. cybersecurity agencies. Mandiant’s analysis highlights the ongoing risks and the potential for widespread exploitation of this vulnerability.

Threat Actor: UNC5221 | UNC5221 Victim: Ivanti | Ivanti

Key Point :

Mandiant identified exploitation of CVE-2025-0282 by Chinese hackers, linked to previous attacks on Ivanti products.…
Read More
RedDelta: Chinese State-Sponsored Group Targets Mongolia, Taiwan, and Southeast Asia with Evolving Cyber Threats
Insikt Group has reported that the Chinese state-sponsored group RedDelta has been actively targeting various Southeast Asian countries, including Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia, from July 2023 to December 2024. The group utilized spearphishing tactics with customized documents to distribute its PlugX backdoor. Notable targets included government entities and NGOs, with a focus on geopolitical interests in the region.…
Read More
Apple says it does not use Siri audio for advertising
Summary: Apple has reiterated its commitment to user privacy, stating that it does not use Siri audio for marketing or advertising purposes. This clarification follows a $95 million settlement related to allegations of Siri audio being shared with third parties for targeted advertising.

Threat Actor: N/A | N/A Victim: iPhone owners | iPhone owners

Key Point :

Apple confirms that Siri data has never been used for marketing profiles or advertising.…
Read More
Hackers claim to breach Russian state agency managing property, land records
Summary: A hacker group named Silent Crow has claimed responsibility for breaching the Russian government agency Rosreestr, leaking sensitive personal data of Russian citizens. The incident raises concerns about the security of government databases amidst ongoing cyber conflicts involving Russian and Ukrainian entities.

Threat Actor: Silent Crow | Silent Crow Victim: Rosreestr | Rosreestr

Key Point :

Silent Crow publicly released a portion of a database containing personal information of Russian citizens.…
Read More
Some Winston-Salem city services knocked offline by cyberattack
Summary: A cyberattack on Winston-Salem, North Carolina, has disabled online utility bill payments, prompting city officials to take certain systems offline while they investigate the incident. Despite the disruption, officials assure residents that there will be no service interruptions or late fees during this period.

Threat Actor: Unknown | unknown Victim: Winston-Salem, NC | Winston-Salem, NC

Key Point :

City officials confirmed the cyberattack on December 30, following issues discovered one day after Christmas.…
Read More
Casio warns employees, customers about data leak from October ransomware attack
Summary: In October, Japanese electronics manufacturer Casio suffered a ransomware attack that compromised data of thousands of employees, business partners, and customers. The incident was linked to phishing emails and claimed by the Underground ransomware gang, leading to significant data theft and operational disruptions.

Threat Actor: Underground ransomware gang | Underground ransomware gang Victim: Casio | Casio

Key Point :

6,456 employees, 1,931 business partners, and 91 customers had their data compromised.…
Read More
Pall Mall Process to tackle commercial hacking proliferation raises more concerns than solutions
Summary: The Pall Mall Process, initiated to combat the proliferation of commercial hacking tools, faces skepticism regarding its effectiveness in changing the trade and use of these tools. Despite growing concerns over the threats posed by commercial cyber intrusion capabilities (CCICs), significant exporting states have largely remained disengaged from the initiative.…
Read More
Ivanti warns hackers are exploiting new vulnerability
Summary: Ivanti has reported that multiple customers are affected by a new vulnerability, CVE-2025-0282, which is currently being exploited by hackers. The vulnerabilities impact several Ivanti products widely used by government agencies and a patch is available for some of the affected systems.

Threat Actor: Unknown | unknown Victim: Ivanti customers | Ivanti customers

Key Point :

Two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, have been identified in Ivanti’s products.…
Read More
Data of more than 8,500 customers breached on Green Bay Packers shopping website
Summary: The Green Bay Packers reported a data breach involving their online store, where hackers inserted malicious code to steal customer payment information. An investigation revealed that 8,514 customers were impacted, with sensitive data potentially compromised during specific dates in September and October 2024.

Threat Actor: Unknown | unknown Victim: Green Bay Packers | Green Bay Packers

Key Point :

Malicious code allowed unauthorized access to customer payment information during checkout.…
Read More