---
title: "Android 15 Enhances Security, Nissan Data Breach, Ethereum Theft Apprehension, Cybersecurity News [May 13, 2024] | DuoCircle"
description: "This week’s cybersecurity news is packed!"
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-21-of-2024/"
---

Quick Answer

Cybersecurity stories from the week of May 13, 2024: Android 15 introduced new anti-malware and anti-fraud measures within Google Play Protect, including live threat detection and tighter sideloading restrictions for high-risk app permissions. Nissan North America disclosed a data breach affecting more than 53,000 employees with Social Security numbers and personal data exposed. Two brothers were arrested for stealing $25 million in Ethereum through a 12-second MEV exploit against Maximal Extractable Value bots. The FBI seized BreachForums for the second time, taking down the resurrected hacking forum tied to numerous data-breach listings. And the FCC named Royal Tiger as the first 'tagged' robocall threat actor under its new disruption framework, freezing US carriers' ability to terminate calls from associated entities.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-21-of-2024%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Android%2015%20Enhances%20Security%2C%20Nissan%20Data%20Breach%2C%20Ethereum%20Theft%20Apprehension%2C%20Cybersecurity%20News%20%5BMay%2013%2C%202024%5D&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-21-of-2024%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-21-of-2024%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-21-of-2024%2F&title=Android%2015%20Enhances%20Security%2C%20Nissan%20Data%20Breach%2C%20Ethereum%20Theft%20Apprehension%2C%20Cybersecurity%20News%20%5BMay%2013%2C%202024%5D "Share on Reddit") [ ](mailto:?subject=Android%2015%20Enhances%20Security%2C%20Nissan%20Data%20Breach%2C%20Ethereum%20Theft%20Apprehension%2C%20Cybersecurity%20News%20%5BMay%2013%2C%202024%5D&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-21-of-2024%2F "Share via Email") 

![cybersecurity news](https://media.mailhop.org/duocircle/images/2024/05/what-is-dkim-7.jpg) 

This week’s [cybersecurity](/) news is packed! We’ve got Google stepping up its game with [anti-malware](/resources/malware-and-its-defense-mechanism) features for Android 15, a data breach impacting **Nissan employees**, the takedown of a major hacking forum, and a case of stolen Ethereum cryptocurrency involving two brothers. Plus, the FCC is taking aim at robocalls with a new classification system. Want to know more? Read on!

## Android 15 Introduces Enhanced Anti-Malware and Anti-Fraud Measures for Google Play Protect

Google [announced this](https://security.googleblog.com/2024/05/io-2024-whats-new-in-android-security.html) week that a ton of new security features will come with Android 15 and **Google Play Protect**.

_The new features are being introduced to keep Google users safe from scams, [malware](/resources/upatre-malware-spams), and phishing and also assist developers in building more secure applications._ Android 15 will **conceal OTPs** (One Time Passwords) from notifications, expand restricted settings so that permissions are required for apps to access certain data, **hide sensitive information** like passwords and card details while screen sharing, and will also give you warnings if you are connected to **unencrypted cellular networks**.

But that’s not all. Google Play Protect will also come with on-device live [threat detection](/email-security/how-ai-powered-email-solutions-can-level-up-security-teams/) and will monitor all applications, flagging them for suspicious activities. You can also **disable an app** **until Google reviews** its safety.

All of these features will be available before the end of the year with the **official release** of [Android 15](https://en.wikipedia.org/wiki/Android%5F15). 

## Nissan North America Data Breach Affects More Than 53,000 Employees

This week, Nissan North America disclosed a [data breach](https://edition.cnn.com/2024/04/12/business/roku-security-breach-user-accounts/index.html) where 53,000 of its **current and former employees** were affected. 

The [threat actors attacked the car giant](https://securityaffairs.com/155360/security/nissan-oceania-suffers-cyberattack.html) in early November 2023 by targeting its **external VPN** (Virtual Private Network) and shutting down some of the organizational systems. Nissan said that no data was encrypted and informed its employees about the [cyberattack](/phishing-protection/the-7-stages-of-a-typical-cyberattack/).

But this year, Nissan discovered that the threat actor behind the attack accessed files that contained employee data (Social Security Numbers and Personal Identifiers). Now, Nissan has sent [data breach notification letters](https://www.documentcloud.org/documents/24662755-nna-sample-incident-notice) to all the impacted former and current employees and has **filed a report** with the Maine Attorney General’s office.

It is also collaborating with cybersecurity experts to investigate and contain the attack and offering free 24-month credit monitoring and [identity theft protection](https://www.cnbc.com/select/what-is-identity-theft-protection/) services to the affected employees. This type of incident highlights the **urgent need** for [phishing protection](/email/phishing-protection) solutions.

[![phishing protection](https://media.mailhop.org/duocircle/images/2024/05/spf-record-7500.jpg)](https://media.mailhop.org/duocircle/images/2024/05/spf-record-7500.jpg)

## Brothers Apprehended in $25 Million Ethereum Blockchain Theft Case

The U.S. DoJ (Department of Justice) [charged two](https://www.justice.gov/opa/pr/two-brothers-arrested-attacking-ethereum-blockchain-and-stealing-25m-cryptocurrency) brothers, Anton and James Pepaire-Bueno, this week for manipulating the [Ethereum blockchain](https://www.geeksforgeeks.org/what-is-ethereum/) to steal $25 million worth of cryptocurrency **in just 12 seconds**.

The brothers are facing charges of [wire fraud](https://www.cutimes.com/2024/05/17/former-credit-union-employee-sentenced-in-2-million-wire-fraud-scheme/), conspiracy to commit wire fraud, and [money laundering](https://www.theguardian.com/technology/article/2024/may/17/binance-executive-denied-bail-in-nigeria-over-money-laundering-charges), which contain the maximum **penalty of 20 years in prison** if they are convicted. The IRS-CI (IRS Criminal Investigation) conducted the investigation with the help of the New York City Police and U.S. Customs and Border Protection.

_The threat actors used their backgrounds in **computer science and math** to exploit the Ethereum blockchain._ They accessed pending private transactions and manipulated them to make away with the crypto funds, and then refused to return them. Apparently, they have been planning the attack since December 2022 and used multiple cryptocurrency addresses, foreign exchanges, shell companies, and a **privacy layer network** to study the victims and conceal their identities and the [stolen crypto](https://www.reuters.com/technology/cybersecurity/north-korea-laundered-1475-mln-stolen-crypto-march-say-un-experts-2024-05-14/).

They are **highly skilled** and even deployed bait transactions so they could identify the victim’s trading patterns and exploit a [vulnerability](/email-security/unpatched-dogwalk-a-new-microsoft-zero-day-vulnerability/) in the [MEV Bots](https://medium.com/coinmonks/mev-bots-101-what-are-mev-bots-and-how-are-they-making-millions-c91406d9334a)‘ **relay code** to get the full content of the block prematurely. Then, they re-ordered the block and published them in the Ethereum blockchain to benefit themselves. 

## FBI Takes Down BreachForums Hacking Forum Linked to Data Breaches

The FBI seized the hacking forum **BreachForums** on Wednesday with help from international partners. 

_BreachForums was known for trading, selling, and leaking stolen data._ It replaced previous forums like **RaidForums and Breached**, both of which were taken down by law enforcement. This all happened after some [stolen data from a law enforcement portal in Europe](https://www.bleepingcomputer.com/news/security/europol-confirms-web-portal-breach-says-no-operational-data-stolen/) (Europol, to be exact) showed up on BreachForums last week.

Seems like that was the last straw for the FBI. They swooped in on Wednesday and **took control of the whole website**. You can see a message on display on the seized BreachForums website, which confirms the FBI’s control and their review of the site’s data. Law enforcement is also encouraging users to contact them with information about [cybercrime activities on the forum](https://www.hackread.com/hacker-leaks-scraped-chess-com-user-records/). They gained access to user data like email addresses, I.P. addresses, and private messages.

The FBI also took down **BreachForums’ Telegram channel** and some others linked to the forum’s admins. There are even rumors floating around that they might have arrested one of the admins, a threat actor called Baphomet.

The FBI is now **searching for information** about BreachForums and its members from victims and the public. If you know something, you can contact them via email, Telegram, or the [new dedicated subdomain](https://breachforums.ic3.gov/) on their official website. 

## FCC Unveils Royal Tiger as Inaugural Tagged Robocall Threat Actor

The FCC (Federal Communications Commission) has taken a significant step in its fight **against robocalls** by [designating](https://docs.fcc.gov/public/attachments/DOC-402506A1.pdf) its first official robocall threat actor-a group called the Royal Tiger.

_Royal Tiger is a group operating across India, the United Kingdom, the United Arab Emirates, and the United States_. They are accused of [placing robocalls](https://www.bleepingcomputer.com/news/legal/us-fines-man-99-million-for-thousands-of-disturbing-robocalls/) impersonating **government agencies, banks**, and utility enterprises. These calls make use of [spoofed phone numbers](https://www.cbsnews.com/pittsburgh/news/greensburg-police-warn-of-scam-spoofing-law-enforcements-phone-number/) and **promote misleading offers** like credit card interest rate reductions to entice the victims.

The group is allegedly led by Prince Jashvantlal Anand and Kaushal Bhavsar, who are said to be **operating several entities** in the U.S. linked to [illegal robocalls](https://apnews.com/article/fcc-elections-artificial-intelligence-robocalls-regulations-a8292b1371b3764916461f60660b93e6). These entities include VoIP organizations Illum Telecommunication Limited (Illum), P.Z. Telecommunication LLC (P.Z. Telecom), and One Eye LLC (One Eye). They have also been linked to routing robocalls through Texas-based Great Choice Telecom, an enterprise that was previously sanctioned by the FCC and FTC for similar offenses. 

[![anti-phishing-software](https://media.mailhop.org/duocircle/images/2024/05/buy-smtp.jpg)](https://media.mailhop.org/duocircle/images/2024/05/buy-smtp.jpg)

The FCC’s new classification system, the C-CIST (Consumer Communications Information Services Threat), will assist state, national, and international bodies in identifying and tracking individuals or threat actors who are abusing telecommunications for [robocall scams](https://wtop.com/business-finance/2024/04/reston-firm-warns-robocall-tax-scams-are-getting-more-sophisticated/). You can also report suspecting people or organizations to the FCC at **[CCIST@fcc.gov](mailto:CCIST@fcc.gov)**.

## Topics

NewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 6m  Cyber Security News Update, Week 1 of 2022  Jan 7, 2022 ](/blog/announcements/cyber-security-news-update-week-1-of-2022/)[  News 7m  Cybersecurity News Update, Week 1 of 2023  Jan 1, 2023 ](/blog/announcements/cyber-security-news-update-week-1-of-2023/)[  News 5m  EasyPark Data Breach, Ohio Lottery Cyberattack, GTA 5 Leak, Cybersecurity News \[December 25, 2023\]  Jan 4, 2024 ](/blog/announcements/cyber-security-news-update-week-1-of-2024/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Android 15 Enhances Security, Nissan Data Breach, Ethereum Theft Apprehension, Cybersecurity News [May 13, 2024]","description":"This week’s cybersecurity news is packed!","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-21-of-2024/","datePublished":"2024-05-20T19:16:45.000Z","dateModified":"2025-05-19T11:09:26.000Z","dateCreated":"2024-05-20T19:16:45.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-21-of-2024/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1039,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/05/what-is-dkim-7.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Android 15 Enhances Security, Nissan Data Breach, Ethereum Theft Apprehension, Cybersecurity News [May 13, 2024]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-21-of-2024/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Android 15 Enhances Security, Nissan Data Breach, Ethereum Theft Apprehension, Cybersecurity News [May 13, 2024]","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-21-of-2024/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Android 15 Enhances Security, Nissan Data Breach, Ethereum Theft Apprehension, Cybersecurity News [May 13, 2024]","description":"This week’s cybersecurity news is packed!","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-21-of-2024/","datePublished":"2024-05-20T19:16:45.000Z","dateModified":"2025-05-19T11:09:26.000Z","dateCreated":"2024-05-20T19:16:45.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-21-of-2024/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1039,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2024/05/what-is-dkim-7.jpg","caption":"cybersecurity news","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```