Weekly Cybersecurity Report | Week 3, 2024

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a comprehensive overview of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 3, 2024

1 – Innefu Labs Data Breach: Major Cyber Attack Hits Indian Cyber Security Firm

An Indian cyber security company known for its advanced artificial intelligence and data analysis solutions called Innefu Labs has reportedly fallen victim to a sophisticated cyber-attack.

The Innefu Labs breach is not only a blow to the company, with its annual revenues exceeding $25 million, but also to its wide range of customers, including corporate and government sectors.

Founded in 2012 by Tarun Wig and Abhishek Sharma, Innefu Labs offers identity authentication, predictive intelligence and data protection products to various enterprise and government customers.

https://thecyberexpress.com/indian-cybersecurity-innefu-labs-data-breach/amp/

2 – The Foxsemicon company from Taiwan was hit by a cyber attack

Foxsemicon Integrated Technology (FITI Group), a subsidiary of Foxconn that specializes in semiconductor parts manufacturing equipment, experienced a cyber-attack on Tuesday (January 16).

Hackers took over the company’s website and publicly demanded a ransom payment, while threatening to release 5TB of customer information. The hack also threatened the livelihood of the company’s employees and its reputation.

https://www.taiwannews.com.tw/en/news/5079976

3 – Widespread cyber-attacks in Australia: Guzman y Gomez, Dan Murphy’s, Binge and Event Cinemas customers targeted by hackers

Thousands of customers have been caught up in a massive cyber-attack on some of Australia’s best-known brands.

At least 15,000 Australians with Guzman y Gomez, Dan Murphy’s, video streaming service Binge and Event Cinemas accounts were affected.

Their personal details have apparently been compromised in the past two months in what authorities believe was a targeted attack.

It turns out that attackers bought stolen login information from cybercriminals abroad and accessed customers’ online accounts to make fraudulent transactions.

Many affected customers have saved their credit card information on the company’s websites or have gift cards for online purchases.

https://www.dailymail.co.uk/news/article-12970887/Guzman-y-Gomez-Dan-Murphys-Binge-Event-Cinemas-customers-targeted-hackers.html

4 – Mississippi Health System Ransomware Attack Affects 253,000 Customers

A health system in Mississippi is notifying nearly 253,000 people that their sensitive information was compromised in a “sophisticated and malicious ransomware” attack that

also shut down IT systems for several days last summer. The Rhysida cybercriminal gang claimed responsibility for the attack.

Singing River Health System, which operates three hospitals and more than a dozen medical clinics serving the Mississippi Gulf Coast, told the Maine attorney general’s office Friday that 38 Maine residents were among the 252,890 people affected by the incident.

In the immediate aftermath of last summer’s attack, laboratory testing and radiology were among the patient services affected by the IT systems outage. For a time, Singing River’s Epic electronic medical record system went offline as the company responded to the incident.

https://www.bankinfosecurity.com/mississippi-health-system-ransomware-attack-affects-253000-a-24100

5 – Clearview loses $1.1 million in a cyber attack

Clearview Company in December 2023 experienced a cyber security incident where an internal email address was compromised and used by threat actors to direct the transfer of certain company funds to a third-party account, resulting in a loss.

Upon learning of the breach, Clearview said it immediately alerted its technology provider, which temporarily disabled certain information technology functions.

After confirmation that the cyber security risk has been removed from Clearview’s system, the company has restored its information technology functions without material impact on operations,” it said.

https://www.rigzone.com/news/clearview_loses_11mm_to_cyberattack-16-jan-2024-175399-article/

6 – Ransomware attack targeting the Lutheran World Group

The Lutheran World Federation (LWF) has fallen victim to cyber extortion, Finnish news agency STT reports on Sunday.

The Finnish Evangelical Lutheran Church is one of the largest members of the LWF, a worldwide Lutheran organization.

Earlier this month, the attackers carried out ransomware attacks on the federation and released screenshots of the captured material, including images of people’s passports.

In response, the LWF confirmed that it was aware of the blackmail attempt. The federation, however, declined to comment on the number of people’s information affected or whether there are Finns in this group.

About 65 percent of the people in Finland belong to the country’s Evangelical Lutheran Church.

https://yle.fi/a/74-20069341

7 – Australian travel agency data leak puts thousands of tourists at risk

Melbourne-based travel agency Inspiring Vacations left a massive 26.8GB database publicly exposed, without any security measures such as authentication or passwords.

The leak was discovered by cybersecurity researcher Jeremiah Fowler and reported to WebsitePlanet. Fowler came across a publicly disclosed database containing 112,605 records spanning 26.8 gigabytes owned by Australian travel agency Inspiring Vacations.

Exposed data includes high-resolution passport photos, travel visa approvals, and itinerary or ticket files. Most of the people in the records were Australian citizens, but identification documents from New Zealand, Great Britain and Ireland were also found.

The number of passports affected is unclear, but around 1,000 identification documents were found in a limited sample – other files listed customer passport numbers and other personally identifiable information (PII). The file names were constructed to include the person’s name in clear text.

The database stored data on 13,684 customers, including names, email addresses, travel costs and destinations, contained in 48 Excel spreadsheets.

It also contained 24,000 routing documents and electronic tickets, some showing partial credit card numbers, and internal company documents, including 17,000 tax invoices for partners and associates.

https://www.hackread.com/aussie-travel-agency-data-leak-tourists-at-risk/

8 – The Saudi Ministry of Foreign Affairs was allegedly affected by a serious data breach, affecting over 1.4 million employees

The Ministry of Foreign Affairs of Saudi Arabia has allegedly fallen victim to a massive data breach. The data breach of the Saudi Foreign Ministry allegedly exposed personal information of more than 1.4 million employees affiliated with the ministry.

To verify the allegation of a breach of information in Saudi foreign affairs, the ministry was contacted via e-mail for confirmation. The office has not yet given an official response.

https://thecyberexpress.com/saudi-foreign-affairs-data-breach/amp/

9 – A ransomware attack on a US Navy shipbuilder leaked the information of nearly 17,000 people

A ransomware attack in April on a company that builds ships for the US Navy exposed the information of nearly 17,000 people, according to documents filed with regulators this week.

The regulatory filing comes nearly nine months after several local Wisconsin news outlets reported that Fincantieri Marine Group — the U.S. arm of Italian shipbuilder Fincantieri — faced a ransomware attack that caused widespread production problems.

The company did not respond to requests for comment at the time but sent a statement to the United States Naval Institute (USNI) and the Green Bay Press Gazette confirming that it had experienced a cybersecurity incident that caused a “temporary disruption to certain of its computer systems.”

The company said at the time that its network security officials “immediately isolated the systems and reported the incident to the relevant agencies and partners.”

https://therecord.media/fincantieri-shipbuilder-us-navy-wisconsin-ransomware?&web_view=true

10 – The GitLab company warns against a critical vulnerability of zero-click account hijacking

GitLab has released security updates for both Community Edition and Enterprise Edition to address two critical vulnerabilities, one of which allows account hijacking without user interaction.

The vendor strongly recommends updating all vulnerable versions of the DevSecOps platform as soon as possible (manual updating is required for self-hosted installations) and warns that if there is no specific deployment type (omnibus, source code, helm chart, etc.) of a mentioned product, it means all types are affected.”

https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/

11 – Halara is investigating a data breach after a hacker leaked information for 950,000 people

Popular sportswear brand Halara is investigating a data breach after data on nearly 950,000 customers was allegedly leaked on a hacking forum.

The Hong Kong-based company was founded in 2020 and quickly became very popular thanks to the many videos promoting its clothing on TikTok.

The company said it is aware that customer data has allegedly been stolen and leaked online and is investigating a possible breach.

https://www.bleepingcomputer.com/news/security/halara-probes-breach-after-hacker-leaks-data-for-950-000-people/

 

The attacks highlighted in this report aren’t just incidents; they’re blueprints of the adversary’s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services.