Cybersecurity Exec Brief: FBI Removes Chinese Malware | Location Data Aggregator Breach Exposed

Register for the 2024 Cybersecurity Year in Review Webinar here: https://risk3sixty.com/webinars/2024-cybersecurity-year-review FBI Mass Deletes Chinese Malware from Thousands of US Computers U.S. authorities have successfully disrupted the operations of the Chinese state-backed hacking group "Twill Typhoon" (also known as "Mustang Panda"), responsible for a years-long espionage campaign targeting millions of computers worldwide. In a court-authorized operation in August 2024, U.S. law enforcement, in coordination with French authorities and the cybersecurity firm Sekoai, eradicated the malware, "PlugX," from over 4,200 infected systems in the United States. The malware, which had been in use since 2014, allowed the hackers to collect sensitive data from various government and private sector targets, including European shipping companies and Chinese dissident groups. This action is part of a broader effort by the U.S. to counter Chinese-backed cyber threats, which have been described by national security officials as an "epoch-defining threat." More reading: https://finance.yahoo.com/news/doj-confirms-fbi-operation-mass-163513709.html Threat Actors Breach Large Location Data Aggregator Hackers have claimed responsibility for breaching Gravy Analytics, the parent company of Venntel, which has been selling vast amounts of smartphone location data to U.S. government agencies, including the military and FBI. The hackers allege they have stolen an extensive array of data, including customer lists, industry information, and highly sensitive location data detailing individuals' movements. They have threatened to publicly release the data unless the company responds within 24 hours. This breach highlights the ongoing privacy risks associated with the location data industry, which has long been criticized for its sale of detailed consumer data to both corporate and government clients. The stolen data includes precise location coordinates and timestamps, potentially exposing millions of people to tracking and privacy violations. The hack has drawn attention to the lack of comprehensive federal privacy protections, with experts warning that the data could be used for dangerous purposes, such as identifying high-risk individuals or monitoring sensitive locations. More reading: https://www.404media.co/hackers-claim-massive-breach-of-location-data-giant-threaten-to-leak-data/