Here are some interesting updates about cybersecurity threats and new trends.
Investigation Reveals Facebook Groups Bypass Uber, DoorDash Safety Checks
A new report from the Tech Transparency Project reveals a thriving black market on Facebook, where users openly buy, sell, and rent driver accounts for Uber, DoorDash, and Deliveroo, bypassing the platforms’ background checks and identity requirements. Researchers identified at least 80 such groups, some with tens of thousands of members, enabling people to pose as credentialed drivers or delivery workers under false identities.
Meta, Facebook’s parent company, removed several groups after CNN flagged them but dozens remain active, highlighting enforcement challenges. Uber, DoorDash, and Deliveroo all prohibit account sharing or selling and claim to have robust safeguards, including real-time identity checks and regular account deactivations, but the report suggests these measures are insufficient. High-profile incidents, such as assaults by unauthorized drivers, underscore the dangers.
The report also criticizes Meta’s reliance on automated moderation and calls for more human oversight to curb fraudulent groups. While some posts in these groups are scams, many are authentic, with accounts offered for rent for as little as $652. The persistence of these groups exposes ongoing security gaps in both social media and gig economy platforms, raising urgent questions about user safety and regulatory oversight.
Source: CNN
Marks & Spencer Hit by Major Ransomware Attack Linked to Scattered Spider
A major cyberattack on Marks & Spencer (M&S) has been attributed to the hacking collective Scattered Spider, a group known for previous high-profile attacks on MGM Resorts and Caesars Entertainment. The attackers used ransomware, specifically the DragonForce encryptor, to lock critical M&S systems, crippling operations, halting hiring, and suspending online orders for over a week. This disruption has led to significant financial losses, with M&S’s stock market value dropping by over £500 million and online sales-which average £3.8 million daily-completely paused. The attack reportedly began as early as February, when hackers stole key data, including Active Directory password hashes, enabling them to move laterally within M&S’s network.
Source: The Guardian
Power Restored After Historic Blackout Leaves Spain and Portugal in Chaos
A massive blackout struck Spain, Portugal, and parts of southern France on Monday, plunging tens of millions into darkness and causing widespread disruption. Power was restored to nearly all affected areas within hours, but significant transport disruptions-including halted trains and delayed or canceled flights-were expected to persist into the following days. The cause of the outage remains unclear, though Spanish Prime Minister Pedro Sanchez reported that 15 gigawatts of power-about 60% of Spain’s demand at the time-were lost in just five seconds. Portugal’s Prime Minister blamed Spain for the incident, emphasizing that the problem did not originate in Portugal.
The blackout halted elevators, knocked out traffic lights, and shuttered businesses, creating chaos in major cities such as Madrid and Lisbon. Emergency services responded to hundreds of incidents, and both countries declared states of emergency. Authorities ruled out a cyberattack, but experts warned it could take weeks to determine the exact cause. Portugal was especially vulnerable because it imports much of its morning electricity from Spain. While most essential services were quickly restored using backup systems, the transport sector faced ongoing challenges, and the economic and logistical fallout was expected to last for days.
Source: CNN
Spotify Back Online After Brief Widespread Disruption
Spotify experienced a major outage on Wednesday morning, with tens of thousands of users worldwide reporting problems accessing the music streaming service. The disruption began around 6:20 a.m. or 8:45 a.m. Eastern Time, depending on the source, and peaked just before 9:30 a.m., when nearly 50,000 incidents were reported on Downdetector.com. Most users had trouble loading the app, playing songs, or using the search function, though some could still access previously downloaded music. The outage affected both the app and website, and users across the U.S., Europe, and other regions were impacted.
Spotify acknowledged the issue on its official X (formerly Twitter) status account, assuring users that it was investigating and working to resolve the problem The company did not specify the cause of the outage but denied rumors that it was due to a security breach or hack. By just after noon Eastern Time, Spotify announced the issue had been fixed and that services were back to normal.
Source: Forbes
