Weekly Cybersecurity Report | Week 45, 2024

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 45, 2024

Information security updates and events from the past week 

1 – A cybersecurity-attack led to the shutdown of the emergency, monitoring and navigation systems in vehicles intended for transporting prisoners. 

The attack was reported by the British company Microlise, which provides various services in the field of logistics and vehicles. 

Services such as monitoring, navigation, and other systems. 

One of Microlise’s clients is the Serco company, which provides the Ministry of Justice in the country with transport services for prisoners in unique protected vehicles. 

Following the attack, Serco employees were notified that some of the systems installed in the vehicles would not work, including the vehicle’s navigation and monitoring systems, the emergency alarm system, and more 

The company states that as far as it knows, prisoners did not abuse the situation. 

2 – Nine months of credit card theft – SelectBlinds reports that approximately 200,000 customers were harmed after the attacker damaged credit card information on the company’s sales site. 

The damage was identified in September of this year, even though it was planted on the site where the company’s products (curtains, windows, etc.) are sold, already in January. 

During these months, the attacker managed to steal all the users’ details, including credit card details. 

Following the attack, messages were sent to users and the passwords were reset for all affected accounts. 

3 – Courts in the state of Washington suffer disruptions due to a cyber-attack. 

The disruptions began after an unauthorized factor was identified in the network and various measures were taken to minimize the damage. 

While in some courts the activity continues as usual, in other courts they announced disruptions such as postponement of hearings, etc. 

4 – Memorial Hospital and Manor Hospital in Georgia reports a systems shutdown due to a ransomware attack. 

The attack group Embargo took responsibility for the attack because of which the medical personnel do not have access to the patient’s medical file and other systems. 

5 – Schneider Electric company confirms an attack on the development platform after the hacker stole data 

Schneider Electric has confirmed that a developer platform was breached after a threat actor claimed to have stolen 40GB of data from the company’s JIRA server. 

“Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project executions tracking platforms that is hosted within an isolated environment,” Schneider Electric said. 

“Our global incident response team mobilized immediately to respond to the incident. Schneider Electric products and services were not affected.” 

https://www.securityweek.com/schneider-electric-launches-probe-after-hackers-claim-theft-of-user-data/ 

6 – A cybersecurity-attack on the telematics provider Microlise damaged the company’s data and also disrupted the tracking services for DHL and Serco (gold customers of the company) 

Following the attack, Microlise’s share price fell by 16% 

Serco: reports that tracking and assistance alarms on prisoner transport vehicles have been disabled, forcing crews to rely on alternative safety measures, such as checking in every 30 minutes and using paper maps. 

DHL Company: Shipment tracking has been affected. DHL has since resumed tracking capabilities but has not disclosed details of its delivery schedules. 

“As a trusted technology provider, Microlise’s role in asset tracking has made it an attractive target for attackers. Cybercriminals are increasingly realizing that disrupting a single provider can have far-reaching effects across multiple customers,” said the company director. 

7 – A Russian attack group announces that it hacked Verdad, an oil and gas corporation in the USA 

Verdad Resources is an oil and gas company in Colorado, their assets include over 91,000 acres and 270 wells that produce more than 7,000 barrels of oil per day. 

The control server of a corporation is under the control of the attackers as well as the corporate network, it has not yet been published how much information was stolen or compromised 

8 – Portsmouth UK City Council was hit by a cybersecurity-attack. 

The United Council was attacked by the group NoName057(16), pro-Russian hackers who also hit the towns of Salford and Middlesbrough. 

Portsmouth said council services were not affected, and residents’ data was not at risk. 

“We can confirm that the Portsmouth City Council website is under cyber-attack, which means you will experience problems when trying to use the website” 

“We are working to resolve the problem as soon as possible and apologize for the inconvenience caused.” 

9 – Nokia investigates breach after hackers claim to have stolen source code 

Nokia is investigating whether a third-party vendor was hacked after a hacker claimed to be selling the company’s stolen source code. 

“Nokia is aware of reports that an unauthorized actor has claimed to have gained access to certain third-party contractor data and possibly Nokia data,” the company said. 

“Nokia takes the incident seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data were affected. We continue to monitor the situation closely.” 

 The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.