DJBSEC's CyberNews 2026-03-13
1. TELUS Digital Hit with Massive Data Breach
Canadian telecom provider TELUS Digital has confirmed a major data breach that exposed sensitive information belonging to customers and business clients. Investigators say attackers gained unauthorized access to internal systems and extracted large volumes of data. The breach could include personal details, account records, and potentially internal operational data. TELUS has launched an investigation and is working with cybersecurity experts to determine the full impact. Customers are being advised to monitor accounts for suspicious activity.
2. Authorities Dismantle SOCKSescort Proxy Network Used for Fraud
U.S. federal authorities have dismantled a large proxy network known as SOCKSescort, which was used to support fraud and cybercrime operations. The network sold access to thousands of compromised devices that acted as residential proxies for attackers. Cybercriminals used the infrastructure to hide their locations while conducting phishing, credential stuffing, and financial fraud campaigns. Law enforcement seized servers and infrastructure linked to the operation. Officials say the takedown disrupts a major tool used by cybercriminal groups.
3. OAuth Device Code Phishing Attack Targets Enterprise Accounts
Security researchers have discovered a phishing campaign abusing OAuth device code authentication flows to compromise enterprise accounts. Attackers trick victims into entering device authentication codes into legitimate login pages controlled by the attacker. Once the code is entered, attackers gain access to the victim’s cloud account without needing their password. This technique bypasses some traditional phishing protections because it uses legitimate authentication processes. Organizations are being urged to monitor OAuth device authentication activity closely.
4. Microsoft Copilot Summarization Vulnerability Exposes Sensitive Data
A vulnerability in Microsoft Copilot’s document summarization feature could allow sensitive information to be unintentionally exposed. Researchers found that Copilot could include hidden or restricted content when summarizing documents. This could potentially reveal confidential information that users did not intend to share. Microsoft is investigating the issue and working on improvements to prevent accidental data leakage. The incident highlights the growing security challenges associated with AI-powered productivity tools.
5. Possible Iranian Cyberattack Investigated at Nuclear Facility
Authorities are investigating a cyber incident at a nuclear facility that may be linked to Iranian cyber operations. Initial reports suggest the attackers attempted to access critical systems connected to the facility’s operations. Officials have not confirmed whether the attack successfully compromised any sensitive infrastructure. Cybersecurity teams are working to assess the scope and origin of the intrusion. The incident underscores the ongoing threat of cyber operations targeting critical infrastructure.
6. Microsoft Authenticator Bug Could Leak Login Codes
Researchers discovered a flaw in the Microsoft Authenticator mobile application that could expose one-time login codes under certain conditions. The issue could potentially allow attackers to intercept authentication codes used in multi-factor authentication processes. Microsoft has released an update to address the vulnerability and is urging users to update the app immediately. MFA remains a critical security measure, but this incident highlights the importance of keeping authentication tools updated. Security experts recommend enabling additional protections such as phishing-resistant authentication methods.
7. Ericsson Investigating Reported Data Breach
Telecommunications giant Ericsson is investigating a reported cyber incident that may have exposed sensitive corporate information. Early reports suggest attackers may have accessed internal systems and exfiltrated data. The company has not yet confirmed the full scope of the breach or what information may have been affected. Ericsson says it is working with cybersecurity specialists to analyze the situation. The investigation is ongoing as the company reviews potential impacts.
8. Cloudflare Anti-Bot Features Integrated with Microsoft 365
Cloudflare has announced enhanced anti-bot protections designed to integrate with Microsoft 365 environments. The new features aim to block automated login attempts and credential stuffing attacks targeting Microsoft accounts. By analyzing traffic patterns and behavior, the system can detect and stop suspicious automation activity. Organizations increasingly rely on these tools to protect cloud identity systems from large-scale attacks. The integration highlights the growing collaboration between security vendors and cloud providers.
9. Bell Ambulance Data Breach Impacts Over 238,000 Individuals
Emergency medical services provider Bell Ambulance has confirmed a data breach affecting more than 238,000 individuals. The compromised information includes personal details and potentially medical-related data. The breach reportedly occurred after attackers gained access to internal systems used for patient and operational records. The organization is notifying affected individuals and offering identity protection services. Authorities are investigating the incident while reviewing security controls.
10. Security Warning Issued Over Chinese Certificate Authority
Security researchers have raised concerns about a Chinese certificate authority linked to suspicious digital certificate activity. The certificates could potentially be used to impersonate legitimate websites or intercept encrypted communications. Governments and cybersecurity experts are warning organizations to review trust relationships with affected certificate authorities. The incident highlights the ongoing risks associated with global certificate trust chains. Security teams are being encouraged to monitor certificate issuance closely.
11. Iran Threatens U.S. Technology Companies Amid Escalating Cyber Tensions
Iran has reportedly issued warnings directed at major U.S. technology companies amid rising geopolitical tensions. Analysts believe the statements could signal increased cyber operations targeting American corporate infrastructure. Iranian-linked hacking groups have historically conducted espionage and disruptive cyber campaigns. Security experts are urging organizations to strengthen monitoring and prepare for potential retaliatory cyber activity. The situation reflects the growing role of cyberspace in geopolitical conflict.
Enjoy Reading This Article?
Here are some more articles you might like to read next: