Home Security Services Archive by category Cyber Security

Cyber Security

More Than 12 Million Users Affected by Cyberattack on Japan’s KDDI

Japanese telecommunications operator KDDI has confirmed that more than 12 million users were affected by a cyberattack that took place in June this year. The incident was discovered on June 17, after unknown attackers exploited a so-called zero-day vulnerability in third-party software to gain access to an email system operated by KDDI for five Japanese internet service providers. The company stated that its mobile and fixed-line email services were not affected by the attack, as they operate on separate infrastructure.

According to available information, the email addresses of approximately 12.2 million users were compromised, while the passwords of around 7.6 million accounts also fell into the hands of the attackers. KDDI says the vulnerability was likely exploited as early as May and that the software vendor is currently working on a security patch. In cooperation with the affected internet service providers, the company has already launched a password reset process for users, while the mandatory reset of all compromised accounts is expected to be completed in the coming days.

KDDI claims that the attackers were removed from its systems immediately after the incident was discovered and that there is currently no evidence of any additional suspicious activity. The company has also announced a thorough security review of the affected software and plans to transition to more secure communication technologies in order to prevent similar incidents in the future.

Konica Minolta Croatia: The Importance of Encryption at the Source

In today’s business environment, video surveillance systems represent a key element in protecting assets, employees, and operational processes. However, the level of security provided by such systems depends not only on their functionality, but also on the way they manage the data they collect. This raises an important question: Are your data protected from the very moment they are created?

In the event of the physical theft of a device or storage medium, unprotected data can become easily accessible to unauthorized persons, exposing organizations to security, legal, and reputational risks.

Integrated Security Without Compromise

To ensure complete protection, it is essential to implement a security approach that covers the entire data lifecycle, from the moment the data are created to their storage. Such an approach includes:

Encryption at the source – Data are encrypted immediately at the moment of recording. This ensures that all records are protected from the very beginning, regardless of any potential loss or theft of the device.

Secure data transmission and storage – During transmission across the network and storage in archival systems, data remain continuously protected, without exposing any unencrypted segments.

Compliance with regulatory requirements – The implementation of advanced security standards enables organizations to meet the requirements of the GDPR and other relevant regulations more easily, while simultaneously preserving business integrity.

Privacy as the Foundation of Trust

Data protection is no longer merely a technical issue, but a key component of responsible business practices. Organizations that systematically approach data security protect not only their resources, but also the trust of their clients, partners, and employees.

In this context, encryption at the source is not an additional option, but an essential standard.

Ensure comprehensive data protection, from the moment data are created to their storage.

Comtrade Opens Security Operations Center in Sarajevo

As cyberattacks become increasingly sophisticated, organizations are more frequently faced with a critical question they cannot answer: Is our IT infrastructure under attack right now? To help companies achieve continuous security monitoring and faster incident response, Comtrade System Integration has opened a new Security Operations Center (SOC) in Sarajevo.

The new center provides organizations in Bosnia and Herzegovina with 24/7 cybersecurity monitoring, supported by a team of experts who understand the local market and can respond rapidly to security incidents. The Sarajevo SOC is part of a regional network that also includes operational centers in Belgrade and Ljubljana, combining local support with regional expertise.

According to the company, an increasing number of organizations are turning to managed cybersecurity services, as building and operating an in-house Security Operations Center requires significant investments in skilled personnel, processes, and advanced technologies. Instead of developing and maintaining complex internal infrastructure, companies can benefit from continuous monitoring, rapid threat detection, and expert support through an established SOC.

One of the key advantages of the Sarajevo center is that customers can immediately reach a team that understands their business environment, speaks their language, and can respond without the delays often associated with cross-border coordination or communication barriers.

Today, Comtrade System Integration ranks among the top 15 managed cybersecurity service providers in Europe and the top 75 worldwide. The company operates in accordance with the ISO 27001 standard and maintains the highest partnership levels with leading global cybersecurity vendors, underscoring its expertise in protecting business-critical systems.

Cyberattack Disrupts French Postal Operations as Pro-Russian Group Claims Responsibility

France’s national postal service, La Poste, experienced a significant disruption to its digital infrastructure this week after a large-scale cyberattack temporarily disabled key systems during the peak holiday delivery period. A pro-Russian hacking collective later claimed responsibility for the incident, according to French authorities.

The attack, identified as a distributed denial-of-service (DDoS) operation, forced central IT systems offline on Monday, preventing postal employees from tracking parcels and causing interruptions to online payment services linked to La Poste’s banking division. As of Wednesday morning, parts of the system had not yet been fully restored.

Responsibility for the attack was claimed by the hacker group Noname057, which has previously been linked to a series of cyber operations targeting European institutions. Following the claim, France’s domestic intelligence service, DGSI, assumed control of the investigation, the Paris prosecutor’s office confirmed.

The disruption comes at a critical time for La Poste, which handles billions of mail items and parcels annually and employs more than 200,000 people nationwide. The outage coincided with one of the busiest logistics periods of the year, amplifying its operational impact.

French authorities view the incident within a broader pattern of hostile cyber activity attributed to Russia-aligned actors. France and its European partners argue that such attacks form part of a wider “hybrid warfare” strategy aimed at destabilizing public services, exhausting security resources, and weakening political support for Ukraine. In recent years, European investigators have documented hundreds of similar incidents involving cyberattacks, disinformation campaigns, and acts of sabotage across the region.

SoundCloud Confirms Cyberattack, User Data Partially Compromised

SoundCloud has confirmed it was the target of a cyberattack in which hackers gained unauthorized access to data belonging to approximately 20% of the platform’s users. The company said the incident was detected after suspicious activity was identified within an ancillary administrative system, prompting the immediate activation of internal incident response protocols. An investigation carried out with the support of external cybersecurity experts found that the attackers accessed a limited set of data, including email addresses and information already visible on public user profiles.

SoundCloud emphasized that sensitive information such as passwords or financial data was not exposed. Nevertheless, users have been advised to remain vigilant for potential phishing attempts that could follow the incident. With the platform estimated to have more than 100 million users, the breach could affect tens of millions of accounts.

The company stated that the attackers have been removed from its systems, although the platform subsequently faced DDoS attacks, two of which temporarily disrupted the web version of the service. Issues with VPN access reported by users in recent days were linked to security-related configuration changes introduced in response to the incident, and SoundCloud said it is actively working to resolve those problems.

Major Cloudflare Outage Temporarily Disrupts Internet Worldwide

A large portion of the global internet experienced significant slowdowns today after Cloudflare, one of the key infrastructure providers behind thousands of popular websites, suffered a major technical outage. The disruption affected numerous online services — including X (formerly Twitter), Substack, Canva and others — with users encountering a “500 internal server error” message instead of the expected content.

Interestingly, some platforms that were impacted by a similar worldwide outage earlier this month remained stable this time, likely because they have since reduced their reliance on Cloudflare’s infrastructure. Among those unaffected was ChatGPT.

This is the second major incident in less than three weeks, once again highlighting the complexity and vulnerability of the global internet ecosystem. Cloudflare provides essential services that act as a “bridge” between websites and their users, accelerating page loading and protecting sites from overload. As a result, any disruption within Cloudflare’s systems can quickly trigger a chain reaction that brings down numerous unrelated services across the internet.

Although the interruption was relatively brief, it underscored how dependent the global digital landscape has become on a handful of key technology providers — and how their technical issues can instantly become a worldwide problem.

 

Germany Launches Major NIS2 and DORA Offensive: The Strictest Era of Cyber Compliance Begins for Companies

At the end of November 2025, Germany initiated the most far-reaching cybersecurity reform of the past decade, following the Bundesrat’s adoption of the NIS2 implementation law. As a result, regulatory obligations effectively entered into force immediately, without any transitional periods — a development legal experts are calling a “compliance shock” for the business sector. At the same time, European supervisory authorities activated a key mechanism of the DORA regulation and published the first list of critical IT third-party providers, who now fall under direct EU oversight.

The Federal Network Agency (BNetzA) has already presented a draft of a new security catalogue, introducing stricter requirements for safeguarding the telecommunications supply chain. The law firm Dentons reminds that all obligations apply the moment the law takes effect, including mandatory registration with the BSI and the implementation of comprehensive cyber risk-management measures. The scope of regulated entities is expanding dramatically — from around 4,500 to almost 30,000 companies — now including logistics, food supply, and digital service providers.

DORA further tightens supervision over cloud providers, analytics companies, and software vendors serving the financial sector, introducing mandatory on-site inspections and new channels for reporting IT incidents. The common priority of both regulations is strengthened third-party risk management, meaning that suppliers can no longer rely on simple declarations of conformity but must provide evidence of their security reliability.

Regulators stress that the era of postponements is over, and companies that were counting on extended deadlines now face severe penalties and increased personal liability for management. All indicators suggest that the period leading into early 2026 will be a race to close compliance gaps across all sectors.

Amazon blames Iran for combining cyber espionage with physical attacks

Amazon has released details on two cases in which Iranian threat actors combined digital espionage with physical attacks, a practice the company refers to as “cyber-enabled kinetic targeting.” The first case involves the group Imperial Kitten (also known as Tortoiseshell), linked to Iran’s IRGC, which over a two-year period progressed from cyber reconnaissance to a physical strike. According to Amazon, the group compromised a ship’s AIS system in December 2021 and, by August 2022, had gained access to additional maritime platforms and onboard CCTV cameras to collect real-time visual intelligence. In January 2024, they searched AIS location data for a specific vessel, which just days later, on February 1, became the target of a Houthi missile attack. Amazon says the link between the cyber reconnaissance and the subsequent strike is “unmistakable,” even though the attack itself was unsuccessful.

The second case concerns MuddyWater, a group tied to Iran’s MOIS, which in May 2025 prepared a server for cyber operations and, by June 17, used the same infrastructure to access a compromised CCTV server streaming live footage from Jerusalem. Researchers believe the footage was used to support the planning of a June 23 missile attack, after which Israeli authorities warned citizens to immediately disconnect internet-exposed cameras. Amazon stresses that existing terms such as “cyber-kinetic operations” or “hybrid warfare” lack precision, and proposes a new definition for campaigns where cyber activities directly support physical strikes. The company warns that this type of operation will become increasingly common as nation-states recognize the strategic advantage of combining digital reconnaissance with kinetic attacks.

Amazon urges companies to adjust their security strategies and expand threat models, noting that even entities that previously considered themselves uninteresting to attackers may now be targeted for tactical intelligence collection.

Dubai Launches “Scan Smart” Campaign to Combat QR Code Fraud

The Dubai Electronic Security Center (DESC) launched the “Scan Smart” campaign, which took place from 24 to 30 October as part of Cybersecurity Awareness Month, with the goal of raising public awareness about QR code–related risks. As QR codes become increasingly common in restaurants, hotels, shops, events, and other public spaces, the risk of tampering or malicious replacement continues to grow. In the first half of 2025 alone, more than 4.2 million global attempts to forge QR codes were recorded, underscoring the urgent need for public education. Through the initiative, DESC aimed to empower citizens and businesses to recognize legitimate codes, avoid compromised ones, and report suspicious activity.

DESC Chief Executive H.E. Yousuf AlShaibani stated that the campaign reflects the center’s commitment to building a safer digital environment for Dubai’s residents and visitors. As part of the campaign, DESC introduced interactive kiosks and an educational microsite, along with RZAM — a free browser extension that detects risky websites triggered after scanning QR codes.

Dozens of F&B venues across the city participated as “Scan Smart Partners,” displaying branded materials and offering visitors free coffee and exclusive discounts. These partners helped create everyday “micro hubs” of digital awareness, where the public could learn about safe QR scanning in a relaxed environment. DESC encouraged users to always verify QR codes before scanning and to report any suspicious attempts, strengthening community cyber resilience and supporting the wider vision of a safer digital ecosystem in the UAE.

Google sues operators of the “Lighthouse” phishing platform that targeted millions of users

According to the cybersecuritynews.com portal, Google has filed a lawsuit against a criminal operation known as “Lighthouse,” a sophisticated phishing-as-a-service platform that has reportedly affected more than one million people across over 120 countries. Google’s security researchers determined that this is one of the most damaging scam networks in recent years, structured to exploit well-known brand identities in order to deceive victims.

The platform enables attackers to launch large-scale “smishing” campaigns — phishing attacks delivered via SMS messages instead of email. Fraudsters impersonate companies such as E-Z Pass, USPS, and other toll service providers, sending links that direct victims to fraudulent websites. These websites are designed to look legitimate, tricking users into revealing passwords, financial information, and other sensitive data.

Google analysts uncovered at least 107 malicious website templates featuring Google’s branding on fake login screens, further increasing the risk of credential theft. In the United States, the operation has, according to the same source, facilitated the theft of data from tens of millions of credit cards, resulting in a massive financial impact.

Google’s lawsuit cites multiple laws, including RICO, the Lanham Act, and the Computer Fraud and Abuse Act. At the same time, the company is implementing additional security measures — from AI-powered systems that detect suspicious messages to enhanced account recovery options — to help users regain control of compromised accounts more quickly and safely.