Weekly Cybersecurity Report | Week 27, 2024

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 27, 2024

Information security updates and events from the past week 

1 – The major telecom company KT Corporation is involved in a malware attack: more than 600,000 users were affected 

Prominent South Korean media giant KT Corporation has found itself at the center of controversy following an investigation by JTBC, a leading Korean news outlet. 

The company is accused of infecting over 600,000 users with malware, specifically targeting customers who use torrent services through Webhard’s Grid Program, a popular cloud service in Korea. 

2 – Formula 1’s governing body reveals data breach after email hacks 

The FIA ​​(Fédération Internationale de l’Automobile), the governing body of motor racing since the 1950s, reported that attackers gained access to personal data after breaking into several FIA email accounts in a phishing attack. 

The FIA ​​says it has informed the Preposé Fédéral à la Protection des Données et à la Transparence (the Swiss data protection regulator) and the National Commission Informatique et des Libertés (the French data protection regulator) about the incident. 

F1’s governing body also took additional security measures to block similar attacks in the future and said it “regrets any concern caused to the people affected”. 

https://thecyberexpress.com/fia-data-breach-emails-hacked-confirmed/ 

3 – A cyber-attack disabled the Zagreb University Hospital Center in Croatia 

A cyber-attack began targeting the Zagreb University Hospital Center (KBC Zagreb), the largest Croatian hospital, on Wednesday night, according to a report by Croatian Radio. 

The hospital shut down its IT infrastructure in response to the cyber-attack. 

KBC Zagreb’s assistant director of healthcare quality and supervision, named Milivoj Novak, said on the evening program “Otvoreno” that the shutdown of the IT system took the hospital back 50 years – to paper and pencil. 

It is unclear if the hospital was the victim of a ransomware attack. 

Novak later told a press conference that all services, including the hospital’s emergency service and medical laboratories, had been fully restored. 

However, the temporary impossibility of printing medical reports and staff having to write them by hand caused significant delays. 

4 – TeamViewer’s corporate network was hacked by a Russian attack group. 

In the announcement published by the company, it reports that it has identified unusual activity on the corporate network and activated response teams accordingly. 

The company claims that the corporate network is completely disconnected from the product’s network and the customers’ information. 

TeamViewer did not reveal who is behind the attack, but various sources indicate that it is the Russian attack group APT29, also known by the names Cozy Bear, NOBELIUM, and Midnight Blizzard. 

5 – The Patelco company, which provides various financial services in the USA, reports that its computer systems have been shut down due to a ransomware attack. 

Following the attack, all banking services provided by the company online are not available to customers, nor can bank transfers, money deposits and various payments be made. 

Some more cyber updates around the world: 

🔺 The Agropur company, one of the largest producers of dairy products in North America, reports an information leak after some of the company’s databases were exposed to the world. 

🔺 The British chain of shoe stores Shoezone reports to the London Stock Exchange about a cyber-attack after identifying an unauthorized party in the company’s network. 

🔺 Operation “Or Rishon” – Interpol, together with dozens of enforcement agencies around the world arrested about 4,000 suspects who engaged in fraud, phishing and more. 

🔺 About 6,500 bank accounts were frozen and assets worth hundreds of millions of dollars were seized. 

🔺 The immigration authority in Indonesia arrested about 100 immigrants who lived in a villa in the country and committed cyber-crimes. 

🔺 The attack group dAn0n published on its leak site the Pediatric Urology Associates company that operates medical centers in the USA. 

🔺 According to dAn0n, they have had access to the company’s network since January 2023… 

🔺 The computer and telephone systems in the Palomar Health Medical Group’s (PHMG) network of medical centers have been down for about two months (!) due to a cyber-attack. 

🔺 The Maryhaven company, which operates rehab centers in the USA, is suffering from a ransom attack carried out by the INC ransom group. Some of the company’s systems are disabled. 

The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services.