Security Affairs
Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Russian cyber spies stole data and emails from UK government systems

Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media. Earlier this year, Russia’s foreign intelligence service stole internal emails and data on individuals from the UK government. The news was first reported by Recorded Future News, which obtained an official description of the incident […]

UK London councils

Earlier this year, Russian cyber spies breached UK government systems and stole sensitive data and emails, reported The Record media.

Earlier this year, Russia’s foreign intelligence service stole internal emails and data on individuals from the UK government. The news was first reported by Recorded Future News, which obtained an official description of the incident report.

The description of the report was obtained under the Freedom of Information Act, it revealed that the incident follows an attack carried out by a nation-state actor on a supplier of the department’s corporate systems, and linked the security breach to Microsoft’s January announcement.

In January, Microsoft warned that some of its corporate email accounts were compromised by a Russia-linked cyberespionage group known as Midnight Blizzard. The company notified law enforcement and relevant regulatory authorities.

Microsoft also announced that the Russia-linked APT Midnight Blizzard that hit the company in late November 2023 has been targeting organizations worldwide as part of a large-scale cyberespionage campaign.

The Record Media speculate that Microsoft’s government customers may have discovered that they were impacted by the breach months after the IT giant discovered the attack.

“Just the day after the data breach report was filed with Britain’s data protection regulator, the U.K. and allies issued a joint statement condemning malicious cyber activity by the Russian intelligence services — although this specifically focused on the activity of a different Russian agency, the GRU, which was blamed for attacks on the German Social Democratic Party.” reported The Record Media.

Microsoft stated that there is no evidence that any customer-facing systems hosted by Microsoft were compromised as a result of the attack disclosed in January.

“We have found no evidence that any Microsoft-hosted customer-facing systems have been compromised as a result of the attack against Microsoft that we shared in January. As we shared at the time, the threat actor accessed a very small percentage of Microsoft corporate email accounts.” a spokesperson for Microsoft told The Record. “We provided notifications to customers who corresponded with the impacted Microsoft corporate email accounts.”

A government spokesperson confirmed that there is no evidence of compromised operational data from the Home Office.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, UK government)