News Roundup — June 12th 2024 edition.

This week in cybersecurity, Snowflake, Advanced Auto Parts, and LendingTree faced breaches. Club Penguin fans hacked a Disney server, stealing 25GB of data. Shell was affected by a vendor data breach, and Chinese hackers breached 20,000 Fortigate systems. Cleveland shut down its IT systems after a cyberattack.

Biometric vulnerabilities highlighted authentication risks, and CISA warned of criminals impersonating its employees. Life360 faced extortion after a Tile data breach, and authorities arrested a ransomware specialist. Forced labor camps fueled billions in cyber scams.

Snowflake cloud accounts had credential issues, and the New York Times suffered a GitHub breach. Massachusetts lost $445,000 in an email scam, and GitHub repositories were targeted in extortion attacks. Microsoft reversed a controversial cybersecurity decision, and a SolarWinds flaw was flagged by NATO. Hotel kiosks exposed guest data, and attacks surged on Check Point’s VPN zero-day flaw.

The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever

Club Penguin fans breached Disney Confluence server, stole 2.5GB of data

Shell investigation reveals vendor data breach

Chinese hackers breached 20,000 FortiGate systems worldwide

Ransomware attack on England's health system highlights life-threatening impact of cybercrime

City of Cleveland shuts down IT systems after cyberattack

Scores of Biometrics Bugs Emerge, Highlighting Authentication Risks

CISA warns of criminals impersonating its employees in phone calls

Life360 says hacker tried to extort them after Tile data breach

Police arrest Conti and LockBit ransomware crypter specialist

Forced-Labor Camps Fuel Billions of Dollars in Cyber Scams

China state hackers infected 20,000 Fortinet VPNs, Dutch spy service says

Process to Verify Software Was Built Securely Begins Today

AI trained on photos from kids' entire childhood without their consent

Snowflake Cloud Accounts Felled by Rampant Credential Issues

New York Times Internal Data Nabbed From GitHub

Massachusetts town loses $445,000 in email scam | StateScoop

GitHub Repos Targeted in Cyber-Extortion Attacks

Microsoft rolls back 'dumbest cybersecurity move in a decade'

SolarWinds Flaw Flagged by NATO Pen Tester

Hotel Check-in Kiosks Expose Guest Data, Room Keys

FCC pushes ISPs to fix security flaws in Internet routing

Attacks Surge on Check Point's Recent VPN Zero-Day Flaw

Technology, Regulations Can't Save Orgs From Deepfake Harm

7,000 LockBit decryption keys now in the hands of the FBI, offering victims hope

Crimson Palace: Chinese Hackers Steal Military Secrets Over 2 Years

DuckDuckGo offers "anonymous" access to AI chatbots through new service