When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
APT activity is up, too, as global tensions remain at a serious high.
It’s packed with privacy-boosting tools and makes short work of geo-restrictions, all without costing the earth.
Check out NordVPN for yourself with a 30-day money-back guarantee.
However, the potential havoc this operation could have wrought means its my #1 pick.
TheXZ Utils backdoor attack, classified as CVE-2024-3094, was first publicly disclosed on March 29, 2024.
As if that wasnt bad enough, it almost wasnt caught at all.
It included over 4000 separate datasets, 600 of which contained over a million records.
Now, before we go any further I should point out that these arent completely new credentials.
This is an aggregate database, made out of compilations of many different previous breaches and data leaks.
Want to learn more about metadata and the danger it poses?
Check out our detailedguide to metadata.
So far, we know that high-profile targets of this campaign include the Trump and Harris campaigns.
Other individuals who were the victims of direct surveillance included politicians, intelligence officials, and government personnel.
The mass collection of metadata is particularly worrying.
In this context, metadata is information about your phone calls.
Its not the contents, but its stuff like the participants, durations, and cell tower locations.
Metadata can reveal social relationships, movements, and networks which can all provide invaluable insights for intelligence purposes.
This isnt the first time this year that Chinese-backed APTs have conducted wide-scale operations across the US, either.
The campaign leveraged hundreds of compromised small office routers infected with the KV Botnet malware.
Its also clear that healthcare providers are now very much considered a legitimate target by ransomware gangs.
The attack disrupted essential services, delaying blood tests, transfusions, and other diagnostics.
Hospitals declared critical incidents, prioritizing emergency care while diverting non-urgent cases.
Qilins motives appeared financial, although they publicly claimed the attack was a geopolitical retaliation against the UK.
Law enforcement officials and cybersecurity experts, however, dismissed these claims as baseless.
Healthcare organizations are increasingly lucrative targets, with the sector often willing to pay substantial ransoms.
High-profile payouts, likeUnitedHealth Groups $22 millionearlier in 2024, have made healthcare a focal point for cybercriminals.
This isnt the first or the last time the NHS has been hit this year, either.
Earlier in the year,NHS Dumfries and Gallowaywas also targeted by the hacker group INC Ransom.
This widespread access made it a high-value target.
