Weekly Cybersecurity Report | Week 34, 2024

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 34, 2024

Information security updates and events from the past week 

Trump’s election headquarters claims: Iranian hackers managed to break into the email accounts of senior officials at the headquarters and stole documents in order to interfere in the US elections. 

The Politico website was the first to report the incident after an anonymous source started sending them the documents he stole. 

Crypto company Unicoin reports that an attacker managed to gain access to the company’s Google G-Suite management interface, changed passwords for all employees and locked them all out of accounts. 

In a report published by the company to the stock exchange, it states that the attack lasted four days during which the attacker had full control over the accounts. 

It is not yet clear what the attacker stole and what information was exposed, but at this stage there is no evidence that he stole digital coins from the company’s crypto wallets. 

The company Microchip Technology, which specializes in the production of semiconductors and supplies chips to the American defense industry, suffered a major cyber-attack a few days ago 

The attack significantly disrupted the company’s activities, especially in some of its factories, and affected its ability to fulfill orders. 

The company detected suspicious activity on its IT systems on August 17, and by August 19 it had confirmed that several servers and business processes were affected by the attack. 

In response to this breach, the company isolated the affected systems and shut down some of them as a precaution. The company also brought in external cyber security experts to assist in the investigation and return of operations to normal. 

So far, the company has not determined whether this incident has a significant financial impact, but estimates indicate that it is a ransomware attack. 

No attack group has yet claimed responsibility for the attack, but the group is apparently waiting for progress in negotiations before going public 

Another threat to US national security now by TP-Link routers 

Members of the US Congress have asked the Commerce Department to investigate the cybersecurity risks posed by Chinese technology company TP-Link’s Wi-Fi routers. 

They asked to investigate the security risks of this company by the end of August and, if necessary, to apply restrictions on TP-Link products in America 

Ransom attack on the city of Flint in the United States 

The phones and computers of employees in the city of Flint, Michigan, which has a population of about 80,000, were disrupted by a ransomware attack that began on Wednesday. 

A timetable has not yet been set for restoring the systems, and the city can only accept cash or check payments for water, sewer and tax bills, as the online and credit card systems are down 

Taiwan University under unique DLL Backdoor attack 

A never-before-seen “backdoor” known as Msupedge is targeting victims in Taiwan using a unique communication technique. 

After researchers captured the malware deployed in an attack on a university in Taiwan, they determined that it was communicating with its command and control (C2) server using DNS traffic—a well-known, but rare, technique. 

Toyota confirmed that its network was breached after a threat actor leaked a 240GB archive of data stolen from the company’s systems 

“We are aware of the situation. 

The issue is limited in scope and is not a multi-system issue,” Toyota said when asked to verify the threat actor’s claims. 

The company added that it is “dealing with those affected and will provide assistance if necessary”, but has not yet provided information on when it discovered the breach, how the attacker gained access and how many people the data was exposed to in the incident. 

https://www.bleepingcomputer.com/news/security/toyota-confirms-breach-after-stolen-data-leaks-on-hacking-forum/ 

100,000 affected by Jewish Home Lifecare data breach 

New York-based nonprofit health care organization Jewish Home Lifecare revealed that a data breach disclosed earlier this year affects more than 100,000 people. 

Jewish Home Lifecare, now called “The New Jewish Home” and specializing in providing healthcare services to the elderly, informed customers in February that it had discovered unusual activity on its network on January 7. 

The hackers may have gained access to information related to patients and other members of the community, including their name, address, date of birth, social security number, financial account details, payment card details, passport number and registration and medical treatment details. 

The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.