Weekly Cybersecurity Report | Week 28, 2024

global cybersecurity concept

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 28, 2024

Information security updates and events from the past week 

1 – The cyber team of the Houthis: A study by the Lookout company claims that the Houthis have distributed Android malware through which they steal information from victims in the Middle East. 

The malicious GuardZoo was distributed through WhatsApp and various websites and has so far affected about 450 devices located in the Middle East (Yemen, Egypt, Saudi Arabia, Qatar, Turkey and Oman). 

2 – Fujitsu confirms customer data exposed in the cyber-attack in March 

Fujitsu confirms that information related to some customers’ people and businesses was compromised during the data breach detected earlier this year. 

The Japanese technology giant states that the attack did not include ransomware but relied on a sophisticated mechanism to evade detection while filtering data. 

3 – 1.4 GB of NSA information leaked online – email addresses, phone numbers and classified government data exposed 

After reporting a massive X(Twitter) database leak today, researchers at Cyber ​​Press have discovered another sensitive data leak on a well-known hacking forum that contains 1.4 GB of classified National Security Agency (NSA) data. 

The threat actors claim that the data was allegedly obtained from a data breach of Acuity Inc., a company that works closely with the United States government and its allies. 

This breach raises serious national security concerns and highlights weaknesses in government contractors’ cyber security measures. 

The data breach forum user named “Gostingr” uploaded the classified file to the data breach forum on July 9, 2024, intending to release this large NSA database. 

https://cyberpress.org/1-4-gb-nsa-data-leaked-online/?amp=1 

4 – Hackers leak 170,000 barcodes of Taylor Swift’s ERAS Tour 

A threat actor with the alias Sp1d3rHunters has leaked 170,000 valid barcodes for Taylor Swift’s ERAS tour for free. The barcodes are valid for Taylor Swift’s upcoming concerts in Miami, New Orleans and Indianapolis. 

The threat actor demanded a $2 million ransom from Ticketmaster to avoid leaking an additional 30 million event barcodes and information on 680 million users. 

5 – Threat actor Sp1d3rHunters plans to release tickets to concerts and other events of other celebrities, including tickets to P!nk and Sting concerts, and sporting events (F1 Formula Racing, MLB and NFL). 

Next week the threat actor will leak data related to another celebrity’s events. 

6 – Health services company HealthEquity warns that it is suffering a data breach after a partner’s account was compromised and used to access the company’s systems to steal protected health information. 

The company claims that it detected the incident after detecting ‘abnormal behavior’ from the partner’s personal device and began investigating the incident. 

The investigation revealed that the partner was compromised by hackers who leveraged the hijacked account to gain unauthorized access to HealthEquity’s systems and, subsequently, access sensitive health data. 

The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services.