As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 49, 2024
Information security updates and events from the past week
1 – Telecoms company BT Group reports it has been hit by a ransomware attack carried out by the Blackbasta group.
The company claims that the attack forced it to shut down some of its servers but that there is no impact on business operations.
Blackbasta has listed BT Group as a victim on the leak site, claiming to have 500GB of data.
2 – Vodka maker Stoli filed for bankruptcy in the US after suffering a ransomware attack in August 2024.
The company suffered a ransomware attack that caused widespread disruptions and forced them to switch to manual work. The company claims that a full return to normal will not occur before the beginning of 2025.
It is true that it sounds as if there is a close connection between the ransomware attack and the bankruptcy, and I have already seen several websites that presented this as cause and effect, but in reality, the company was suffering from extensive operational difficulties even before the attack.
The attack certainly did not make things easier for the company, but it already had legal cases that had been rolling out for many years, foreclosures of assets in Russia and debts of tens of millions of dollars.
3 – Global Corporation, which provides various solutions to the US energy industry, reports to the US Stock Exchange that attackers penetrated the company’s network and leaked files.
The company reports that it is too early to know the extent of the damage and the impact on business activity.
4 – Officials in Uganda report that the country’s central bank’s computer systems have been attacked in a cybersecurity attack and that the attackers stole $17 million.
An official report in Uganda confirms that the funds were transferred by the attackers to banks in the UK and Japan and that the British authorities have managed to freeze $7 million at this stage.
5 – Italian football club Bologna FC reports that they are suffering from a ransomware cybersecurity attack that has resulted in the leakage of sensitive information.
The Ransomhub group claims responsibility for the attack.
6 – ByteDance (TikTok’s parent company) has filed a lawsuit against an intern at the company after it claims he intentionally tampered with the company’s source code for its AI services, causing tens of millions of dollars in damages.
After he denied allegations against him, the company has filed a lawsuit against the former employee, seeking $1.1 million in damages.
7 – The city of Hoboken, New Jersey, reports a shutdown of city services due to a ransomware cybersecurity attack.
The attack also shut down all online services, the city’s courts, and more.
At this point, no ransomware group has claimed responsibility for the attack.
8 – FBI and CISA officials say that the Chinese hacking group Salt Typhoon is still inside the networks of major phone and internet providers in the United States.
The complex hacks of US telecom networks in October reported that Salt Typhoon was deep inside the networks of AT&T, Verizon, Lumen and T-Mobile. They gained access to real-time unencrypted calls and text messages, as well as metadata about the correspondence.
The same US officials believe that the hacks that affected the entire telecommunications industry are an attempt by China to carry out a large-scale espionage operation, as they were able to access the communications of senior US officials, including presidential candidates, and are urging Americans to use encrypted apps
9 – Ransomware attack on PIH Health leads to network outage at Los Angeles hospitals
Patients at PIH Health were unable to communicate with their healthcare providers on Tuesday, December 3, after a ransomware attack over the weekend led to a complete network outage, officials said.
The ransomware virus reportedly infected part of the health network’s system on Sunday, December 1. As a measure Caution, the entire network was down by I.T. and staff affecting information technology and communications systems, PIH officials said.
This includes phone calls, and web messages at three hospitals in Downey, Los Angeles and Whittier, along with outpatient facilities and home health agencies, said PIH Health spokeswoman Amanda Enriquez.
10 – Cybersecurity attack affects operations at Wirral University Teaching Hospital in the UK
Wirral University Teaching Hospital in the UK has suffered a cyberattack that has caused delays to appointments and procedures.
Wirral Hospital NHS Foundation Trust (WUTH) is an NHS Foundation Trust. It provides healthcare services to people on the Wirral Peninsula and surrounding areas in northwest England and north Wales.
The UK healthcare provider has suffered a cyberattack that has affected its systems, forcing the health organisation to postpone scheduled appointments and procedures.
In response to the security breach, the company isolated some of its systems and took part in its IT infrastructure offline.
WUTH Hospital is still dealing with disruption following the cyberattack.
The cybersecurity attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.
