Weekly Cybersecurity Report | Week 18, 2024

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 18, 2024

Information security updates and events from the past week 

1 – Hackers from China broke into the payroll system provider of the Ministry of Defense in Great Britain and stole information of about a quarter of a million users. 

The hack was carried out in the payroll management system used by the Ministry of Defense and financial information of the Ministry’s employees and other users was stolen. 

The British Ministry of Defense reports that no significant delays in salary payments are expected following the hack. 

https://www.bbc.com/news/uk-68967805 

2 – The US government publishes a new document on artificial intelligence security, detailing the principles to ensure the responsible development and use of AI. 

The document describes the risks associated with AI, such as bias, invasion of privacy, and misuse, and offers guidelines for mitigating these risks. 

The document emphasizes the importance of transparency, accountability and control in AI and calls on governments, industry, and academia to work together to develop ethical standards for AI and create appropriate oversight mechanisms. 

Among the main principles of the document are: 

  • Transparency: Clear and understandable information about AI systems must be published, including how they work, the data used to train them, and the risks involved. 
  • Accountability: Clear mechanisms must be defined for attributing the results of AI systems. 
  • Control: Steps must be taken to ensure the use of AI in a safe and reliable manner. 
  • The document is a significant step towards a more responsible development of AI. However, the challenge is to develop more effective tools for detecting and treating biases in AI. 

3 – El Salvador suffers from a massive leak of biometric data 

Resecurity has identified a massive leak of personal information (PII) of over five million citizens of El Salvador on the dark web, affecting more than 80% of the country’s population. 

The threat actor, known as ‘CiberinteligenciaSV’, posted the 144GB data on Breach Forums, writing that the leak included 5,129,518 high-definition images, each tagged with the appropriate Salvadoran DUI (DUI) number. 

Resecurity estimates that the real attackers of this breach seem to have an interest in obfuscating their involvement, using the Guacamaya group and its unofficial proxies to create uncertainty around the real threat actors and the attack chain that caused the data push. 

4 – Extreme right websites in Europe were hacked and vandalized 

The websites of far-right media outlets were hacked and defaced late Thursday, with subscriber data and other internal website data leaked as part of an apparently politically motivated attack. 

A notice posted temporarily on the front page of the sites, Post Millennial and Human Events, appeared to be written by Post Millennial editor Andy Ngo. 

The message, with the color of the pride flag as a background, claimed that Ngo is in the process of transitioning to a woman and is taking the name Angelina Ngo. The message also included links to download datasets of Post Millennial subscribers, mailing lists, and details about the site’s writers and editors. 

A conservative activist and journalist provocateur, Ngo regularly presents anti-transgender commentary and analysis. 

No public claim of responsibility for the attack has yet been received. 

5 – Cyber and health – several events from the last few days: 

  • The Ascension company, which operates about 180 hospitals and medical centers in the USA, reports the shutdown of computer systems and disruptions in the various services due to a cyber-attack. 
  • The company DocGo, which provides mobile medical services, reports that medical information of patients was leaked following a cyber-attack. 
  • NHS Dumfries and Galloway in Scotland reports that medical information has been leaked following a ransomware attack. The INC ransom group claimed responsibility for the attack. 
  • The French imaging institute Coradix-Magnescan reports that extensive disruptions are occurring in patient queues due to a cyber-attack. 

The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services.