The bankruptcy of genetic testing company 23andMe has raised concerns about the security of its vast collection of DNA samples. Over 15 million DNA samples, containing unique and personal information, are at risk of being sold to the highest bidder. This could lead to identity theft, cybercrime, and other malicious activities. The potential consequences of this data being sold are far-reaching and could have significant implications for individuals. There are concerns about genetic discrimination, where individuals are targeted or excluded based on their genetic characteristics. The genetic testing industry must prioritize the security and privacy of customer data to protect consumers' sensitive genetic information.
The China-linked APT group Aquatic Panda has been linked to a global espionage campaign in 2022. The campaign, codenamed Operation FishMedley, targeted seven organizations across six countries. The group used various implants, including ShadowPad, SodaMaster, and Spyder, to gain access to the targets. The campaign involved the use of five different malware families, including a previously undocumented implant called RPipeCommander. Aquatic Panda is believed to operate under the Winnti Group umbrella and has been active since at least 2019. The group's tactics and malware usage highlight the ongoing threat posed by China-linked APT groups to global organizations.
A cyberattack on Oracle Cloud has resulted in the theft of six million records. The attack was carried out by a threat actor known as "rose87168" who exploited a vulnerability in Oracle Fusion Middleware. The vulnerability, known as CVE-2021-35587, allows attackers to gain access to Oracle Access Manager without a password. The affected versions of Oracle Fusion Middleware are 11.1.2.3.0, 12.2.1.3.0, and 12.2.1.4.0. Oracle has denied that there was a breach of their cloud infrastructure, but the threat actor claims to have stolen sensitive data. Users of Oracle Cloud are advised to change their passwords and monitor their systems for signs of suspicious activity to stay safe.