There’s always one breach or another, but this week comes with some good news too. Google’s AI can now automatically patch vulnerabilities, which is a promising and proactive development.
On the other hand, we have an update on Asahi’s Brands ransomware attack. Meanwhile, Discord, a prominent law firm and SonicWall have fallen victim to cybercriminals.
Let's take a closer look below.
Williams & Connolly Law Firm Breach Linked to State-sponsored Hackers
Washington, DC-based law firm Williams & Connolly, known for representing political figures and major companies, confirmed that state-sponsored hackers accessed some attorney email accounts.
In a statement to New York Times, the firm stated that there's “no evidence that confidential client data was exfiltrated”.
What’s the Implication of This?
Even a small breach in a law firm can be serious, how much more a law firm of this nature. Access to email accounts could expose confidential communication, strategic planning, or sensitive legal information.
What You Can Do
Although the details of the incident are not clear, it's helpful to take note of these precautions and avoid breaches:
- Use multi-factor authentication.
- Update software regularly and keep an eye on your accounts for unusual activity.
- Prioritize cyber awareness and teach employees on how to spot phishing emails.
ICUK Telecoms Recovers After Multi-Day DDoS Attack
London-based telecom provider ICUK faced a multi-day Distributed Denial of Service (DDoS) attack that disrupted its VoIP platform and Control Panel services. The attacks started Monday evening and used DNS amplification techniques.
Cloudflare protection helped lessen the attack within hours, and ICUK confirmed its systems are now fully operational. No data was stolen, and broadband services were not affected. The company is working to strengthen network-layer security for future attacks.
What’s the Implication of This?
DDoS attacks can temporarily disable critical services and disrupt business operations. Even without data theft, such disruptions can harm customers and partners.
What You Can Do
- Businesses should ensure their DDoS protections cover both application and network layers.
- Have a response plan ready to reduce downtime if an attack occurs.
Qilin Claims Responsibility for Asahi Group Holdings Ransomware Attack
Russia-based Qilin ransomware gang claims to have stolen 27 gigabytes of data, including contracts, employee information, and financial documents, in the ransomware attack that hit Asahi Group Holdings.
While Asahi has partially resumed production, the stolen data has been published online, and the company is still assessing the full impact.
What’s the Implication of This?
Ransomware is more than locking systems. Hackers can steal sensitive data that hurts a company’s reputation, messes up operations, and exposes employee and financial information. Leaked contracts and internal documents could cause legal problems or open the door to fraud for the company and its partners. Even if operations start running again, the risk from stolen data doesn’t go away.
What You Can Do
- Keep offline backups of important files and ensure employees are trained to recognize phishing attempts.
- Have an incident response plan ready so that if data is stolen, you can act quickly to contain the damage and notify affected parties.
Discord Data Breach Exposes 70,000 Users’ IDs
Social media platform Discord confirmed a recent breach affecting a third-party service used for customer support. Around 70,000 users had photos of government IDs exposed, along with other account details such as usernames, email addresses, and messages with support teams.
Hackers say they have over 2 million photos and are trying to extort Discord. The company says only users who interacted with support or Trust & Safety teams were affected.
What’s the Implication of This?
Exposed ID documents can lead to identity theft, phishing, and fraud. Even a limited breach can affect thousands of users.
What You Can Do
- Be cautious with emails, messages, or calls asking for personal information.
- Review account activity for unusual logins or alerts.
SonicWall Cloud Backup Files Stolen
SonicWall announced that hackers accessed firewall configuration backup files stored in its cloud service. Less than 5% of customers were initially reported affected, but the full update revealed all backup files could have been accessed.
The files contain encrypted credentials and configuration data, which could increase the risk of targeted attacks. SonicWall has urged customers to check devices, reset passwords, and follow containment steps.
What’s the Implication of This?
Access to firewall configuration files can allow attackers to plan sophisticated attacks or attempt unauthorized access.
What You Can Do
- Check your cloud backups and confirm that no configuration files are exposed.
- Reset all credentials linked to your SonicWall devices, even if they seem secure.
- Keep an eye on your network for any strange or unexpected activity.
- Review who has administrative access and restrict permissions to only those who need them.
Google’s AI CodeMender Can Automatically Patch Vulnerabilities
Google’s DeepMind has introduced CodeMender, an AI agent that detects, patches, and rewrites vulnerable code automatically. It's reactive and proactive, helping developers fix new vulnerabilities and secure existing codebases.
Over the past six months, CodeMender has already upstreamed 72 security fixes to open-source projects. The tool uses a large language model to ensure patches do not break functionality and can self-correct if needed.
What’s the Implication of This?
AI-driven patching could help reduce human error and prevent exploitation of software vulnerabilities, giving developers an edge in keeping systems secure.
What You Can Do
- If you manage codebases, stay aware of tools like CodeMender and ensure you are applying security patches promptly.
- Keep testing your patches and updating your software regularly.
- Try to build a habit of checking for vulnerabilities before they become a problem.
The victims in today’s news roundup span law, telecom, food and beverage, social media, and tech. If that tells us anything, it’s that every industry is a potential target. So we all need to be prepared.
One way to do that is to stay up to date on cybersecurity, and you can do this by joining our newsletter.
Also, subscribe to our blog. Each week, we share practical tips, real case breakdowns, and updates that help businesses and individuals understand what’s happening in the cyber space. Whether you run a small business or work in a large company, these insights can help you stay one step ahead of threats.