Major Incidents or Breaches

  • Harrods, a British department store, has notified customers of a data breach involving the compromise of some personal details. Four individuals were arrested in July in connection with cyberattacks targeting Harrods, Marks & Spencer, and the Co-op.

Newly Discovered Vulnerabilities

  • Akira ransomware operators have been observed breaching SonicWall SSL VPN devices even when One-Time Password (OTP) Multi-Factor Authentication (MFA) is enabled. Attackers are successfully logging in to accounts protected by MFA, indicating a potential vulnerability or bypass method affecting SonicWall VPNs.

Notable Threat Actor Activity

  • Akira ransomware activity continues to evolve, with threat actors specifically targeting SonicWall SSL VPN appliances and demonstrating the capability to circumvent MFA protections.

Regulatory or Policy Developments Affecting the Security Industry

  • The European Commission has launched an investigation into SAP over potential anti-competitive practices related to aftermarket services for its on-premise ERP software. This regulatory action may impact support models and third-party service providers in the enterprise software sector.