As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 29, 2024
Information security updates and events from the past week
1 – Bassett Furniture, one of the largest furniture companies in the US, disables the production lines due to a ransomware attack.
According to the company, the computer systems were disabled after on 10.7 an unauthorized party was identified in the network who managed to encrypt various servers.
Following the shutdown of the computer systems, the company had to shut down the production lines as well.
The option to purchase new furniture is still available but delivery to customers will likely be delayed.
No insurgent group has claimed responsibility for the attack currently.
2 – The Rite Aid pharmacy chain reports that the information of about 2.2 million users was leaked due to a ransomware attack.
The Ransomhub Group claims responsibility for the attack as it advertises Rite Aid on the leak site.
Rite Aid is the third largest pharmacy chain in the US, it operates about 1,700 pharmacies in 16 states.
3 – The AT&T company reports a wide leak of information, of about 109 million customers, after attackers gained access to the company’s Snowflake account.
In a report published by the company to the stock exchange, it claims that the leaked information includes customer phone numbers, call records, etc. The company states that the leaked information does not include sensitive identifying information.
https://www.axios.com/2024/07/12/att-data-breach-cybersecurity-call-logs
4 – The ransom attack on Ticketmaster continues, the attacker cut the ransom in half (to $1 million) but publishes digital tickets for the concerts of Taylor Swift, Jennifer Lopez and other well-known singers.
When the attacker initially published barcodes for Ticketmaster tickets, they responded and claimed that these are barcodes that change every few seconds and are therefore irrelevant, but since the publication of the digital tickets on Ticketmaster they choose to remain silent.
By the way, the attacker directs the users to a link on the Ticketmaster website that explains how to use a digital ticket
5 – Clay County in the state of Indiana declared a disaster situation (Disaster declaration) following a ransomware attack.
According to the district, the attack caused limitations and disruptions in the ability to provide critical services required for the daily operation of various institutions in the district, including the court, the health department, and more
“We cannot access our data or connect digitally to some of the bodies in the country with which we work on a regular basis,” the district told the media.
Filling out a disaster declaration will allow the district to allocate funds immediately to entities affected by the attack.
At this point, no infidel group has claimed responsibility for the attack.
Speaking of US counties, last week Monroe County in Indiana also suffered a ransomware attack with the Blacksuit attack group claiming responsibility for the attack.
Dallas County also reported this week that in the ransomware attack on the county, which took place in 2023, the information of about 200,000 residents was stolen.
In 2023, about 95 different districts reported a ransom attack, in 2024 the number of districts that reported a ransom attack is 50 so far.
6 – An attack group called NullBulge publishes all Disney Slack correspondence for download.
According to the group, this is content taken from 10k channels, including correspondence, files and more. A total of 1.1TB of information is available for download via torrent.
The interesting part of the story – the group claims that they received help from the inside and that one of the Disney employees connected them to Slack.
At some point, according to them, the employee got cold feet and kicked them out of the network.
The group publishes the employee’s name and claims that it owns all his personal information.
The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services.
