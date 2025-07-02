news
Security and Windows TCO Leftovers
Security Week ☛ Airoha Chip Vulnerabilities Expose Headphones to Takeover
Vulnerabilities in Airoha Bluetooth SoCs expose headphone and earbud products from multiple vendors to takeover attacks.
Security Week ☛ Ahold Delhaize Data Breach Impacts 2.2 Million People
The ransomware attack against grocery giant Ahold Delhaize has resulted in the personal information of millions getting stolen.
Security Week ☛ Hawaiian Airlines Hacked as Aviation Sector Warned of Scattered Spider Attacks
Scattered Spider is targeting airlines and the recent WestJet hack is believed to be the work of the notorious cybercrime group.
Windows TCO / Windows Bot Nets
The Guardian UK ☛ Qantas confirms cyber-attack exposed records of up to 6 million customers
The data includes customer names, email addresses, phone numbers, birth dates and frequent flyer numbers. It did not contain credit card details, financial information or passport details.
Tech Central (South Africa) ☛ [Crackers] tighten grip as ransomware epidemic hits South Africa hard
According to The State of Ransomware in South Africa Report 2025 by cybersecurity firm Sophos, the median ransom demanded rose shot up from US$165 000 (R2.9-million) in 2024 to a staggering R17-million in 2025.
On average, South Africa firms that fell victim to a ransomware attack and engaged with the attackers ended up paying about 64% of the ransom demanded of them.
Cyble Inc ☛ Qilin Solidifies Claim As Top Ransomware Group
With 86 claimed victims for the month of June, Qilin was more than 50 claimed attacks ahead of rivals like Akira, SafePay, Play, and INC (image below). Cyble said the data is preliminary and could rise somewhat as all the data is finalized, but Qilin is essentially assured of finishing in the top spot.
Google ☛ Protecting the Core: Securing Protection Relays in Modern Substations
As substations become more digitized, incorporating IEC 61850, Ethernet, USB, and remote interfaces, relays are no longer isolated devices, but networked elements in a broader SCADA network. While this enhances visibility and control, it also exposes relays to digital manipulation and cyber threats. If compromised, a relay can be used to issue false trip commands, alter breaker logic, and disable fault zones. Attackers can stealthily modify vendor-specific logic, embed persistent changes, and even erase logs to avoid detection. A coordinated attack against multiple critical relays can lead to a cascading failure across the grid, potentially causing a large-scale blackout.
India Times ☛ M&S CEO: Most of cyberattack impact will be behind us by August
Marks & Spencer CEO Stuart Machin informed shareholders that the majority of the cyberattack's impact from April is expected to be resolved by August. The remaining half of the online store is slated for full restoration within four weeks. Rebuilt systems are also anticipated to be operational by August, aiming for a complete customer experience.
India Times ☛ ICC says new cybersecurity incident has been contained
