{"id":8560,"date":"2024-02-05T12:39:07","date_gmt":"2024-02-05T09:39:07","guid":{"rendered":"https:\/\/cyberone.bg\/?p=8560"},"modified":"2024-02-22T14:57:30","modified_gmt":"2024-02-22T11:57:30","slug":"weekly-cybersecurity-report-week-6-2024","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-6-2024","title":{"rendered":"Weekly Cybersecurity Report | Week 6, 2024"},"content":{"rendered":"<p>As your dedicated cybersecurity services provider,<strong> <a href=\"https:\/\/cyberone.bg\/\">Cyberone<\/a><\/strong> equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n<h2><strong>Weekly Cybersecurity Report | Week 6, 2024<\/strong><\/h2>\n<p><strong>1 \u2013 Mercedes-Benz accidentally disclosed sensitive data, including source code<\/strong><\/p>\n<p>RedHunt Labs researchers discovered that Mercedes-Benz inadvertently left a private key accessible on the Internet, exposing internal data, including the company\u2019s source code. It is unclear whether the data leak exposed customer data.<\/p>\n<p>RedHunt Labs shared its findings and notified the automaker. The security firm discovered that an authentication token belonging to a Mercedes employee was left exposed in a public GitHub repository. The discovery was made during a routine Internet scan in January.<\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/158306\/data-breach\/mercedes-benz-data-leak.html\">https:\/\/securityaffairs.com\/158306\/data-breach\/mercedes-benz-data-leak.html<\/a><\/p>\n<h3><strong>2 \u2013 The Lockbit group broke into a children\u2019s hospital in Chicago and demands a ransom.<\/strong><\/h3>\n<p>Basically, it goes against the rules that Lockbit published in the past \u2013 so, it claimed, that it does not attack hospitals\u2026 Today it claims that if they have money for computers then they have money to pay a ransom.<\/p>\n<h3><strong>3 \u2013 Schneider Electric Corporation suffers from a ransomware attack carried out by the Cactus attack group<\/strong><\/h3>\n<p>Schneider Electric is an international corporation for products in the field of production, transmission and control of power supply system\u2019s originating and centered in France. As of 2019, the company had revenues of approximately 27 billion euros and employs approximately 155,000 people worldwide.<\/p>\n<p>Some of the company\u2019s systems are disabled and according to various reports it seems that the attackers stole a lot of organizational information.<\/p>\n<p>The Cactus Group has not yet published Schneider on the leak site, which apparently indicates ongoing negotiations between the parties.<\/p>\n<h3><strong>4 \u2013 Football Australia data leak exposes player contracts and fans\u2019 personal details<\/strong><\/h3>\n<p>Passports, player contracts and more have been available online for almost two years due to a Football Australia (FA) data breach that cyber security researchers say includes information on every Australian fan and customer of the governing body.<\/p>\n<p>The leak was discovered when keys to the FA\u2019s storage server were hardcoded into an HTML page of the FA website.<\/p>\n<p>They had access to 127 \u201cbuckets\u201d of FA data on Amazon Web Services, which included data such as players\u2019 personally identifiable information, ticket purchases and details and code about the FA\u2019s digital infrastructure.<\/p>\n<p><a href=\"https:\/\/www.theguardian.com\/sport\/2024\/feb\/01\/football-australia-data-leak-breach-exposes-players-contracts-fans-personal-details\">https:\/\/www.theguardian.com\/sport\/2024\/feb\/01\/football-australia-data-leak-breach-exposes-players-contracts-fans-personal-details<\/a><\/p>\n<h3><strong>5 \u2013 The Malaysian telecom provider Aminia was hit by a pro-Israeli cyber attack<\/strong><\/h3>\n<p>The pro-Israeli hacktivist group, R00TK1T ISC Cyber Team, turned to Malaysian entities, marking their first cyber-attack on Aminia.<\/p>\n<p>The group claims to have compromised the portals of Aminia\u2019s managed WiFi and billing services, suggesting a potential data breach. The attack followed the group\u2019s threat to damage the internet infrastructure in Malaysia.<\/p>\n<p>The hacktivist group posted a message on the affected portal, warning Aminia of the coming hit and exposing vulnerabilities within the company.<\/p>\n<p>The telecom provider Aminia provides diverse services and systems for effective analysis by artificial intelligence. In cooperation with world leaders, Aminia offers GPON, FiberLan, Wi-Fi and more.<\/p>\n<p><a href=\"https:\/\/thecyberexpress.com\/cyberattack-on-aminia-cybersecurity-incident\/amp\/\">https:\/\/thecyberexpress.com\/cyberattack-on-aminia-cybersecurity-incident\/amp\/<\/a><\/p>\n<h3><strong>6 \u2013 DDoS attacks on Tekken 8 game<\/strong><\/h3>\n<p>Since its last launch, the game has faced an unexpected adversary \u2013 DDoS attacks.<\/p>\n<p>Unfortunately, this is not an isolated case; More recently, other notable games such as Diablo 4 and Destiny 2 have faced similar challenges, highlighting the pervasive nature of this cyber threat.<\/p>\n<p>In the context of Tekken 8, players and streamers have reported instances where their gameplay or live streams have been abruptly stopped due to these attacks.<\/p>\n<p><a href=\"https:\/\/dataconomy.com\/2001\/24\/29\/tekken-8-ddos-attacks\/\">https:\/\/dataconomy.com\/2001\/24\/29\/tekken-8-ddos-attacks\/<\/a><\/p>\n<h3><strong>7 \u2013 314,000 patients were affected by a cyber-attack on the CompleteCare Health network<\/strong><\/h3>\n<p>A health system serving patients in southern New Jersey, CompleteCare Health Network, recently confirmed that the protected health information of 313,973 patients may have been compromised in a ransomware attack in October 2023.<\/p>\n<p>An unauthorized third party gained access to certain CompleteCare Health Network computer systems and attempted to use ransomware to encrypt files.<\/p>\n<p>CompleteCare Health Network said it was a sophisticated ransomware attack that was detected and stopped on or around October 12, 2023.<\/p>\n<p>Third-party cybersecurity experts were hired to investigate the attack and determine the nature of any unauthorized activity, and whether any patient data was involved.<\/p>\n<p><a href=\"https:\/\/www.hipaajournal.com\/completecare-health-network-data-breach\/\">https:\/\/www.hipaajournal.com\/completecare-health-network-data-breach\/<\/a><\/p>\n<h3><strong>8 \u2013 King Charles hires expert on \u00a375,000 salary to prevent cyber-attacks on royal family<\/strong><\/h3>\n<p>King Charles is hiring a \u00a375,000-a-year technology expert to protect Buckingham Palace\u2019s computer systems from cyber-attacks.<\/p>\n<p>The successful candidate will head a team that will ensure cyber security for the royal family, and they will work closely with agents at the government\u2019s National Cyber Security Center.<\/p>\n<p>As part of the job, they will also have to encourage all 800 staff at the royal residence to be aware of the threat. They will have to be \u201ccalm under pressure\u201d, good at identifying risks, and provide good and cheap options to solve them.<\/p>\n<p>The specialist will work 37 and a half hours per week along with 25 vacation days per year and benefits such as an allowance of 15% employer contribution. The selected candidate will also receive free entry to all Royal Palaces and a 20% discount at Royal Collection Trust stores.<\/p>\n<p><a href=\"https:\/\/www.mirror.co.uk\/news\/royals\/king-charles-hiring-75000-year-31990587\">https:\/\/www.mirror.co.uk\/news\/royals\/king-charles-hiring-75000-year-31990587<\/a><\/p>\n<h3><strong>9 \u2013 New leaks reveal a network of Iranian intelligence and cyber companies<\/strong><\/h3>\n<p>New evidence shows that Iran\u2019s intelligence and military services are linked to cyber activity targeting Western countries through their network of contractor companies.<\/p>\n<p>A series of long-running leaks and doxxing efforts led by anti-Iranian activists and dissident networks exposed a complex network of entities linked to the Islamic Revolutionary Guard Corps (IRGC) involved in cyberattacks and information manipulation campaigns.<\/p>\n<p>Cyber threat intelligence provider Recorded Future discusses some of the findings in a new report, published on January 25, 2024.<\/p>\n<p>It was found that at least four intelligence and military organizations associated with the Revolutionary Guards communicate with most of the parties in the cyber field.<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/leaks-iran-intelligence-cyber\/\">https:\/\/www.infosecurity-magazine.com\/news\/leaks-iran-intelligence-cyber\/<\/a><\/p>\n<h3><strong>10 \u2013 Websites of President, Mtavari TV, Formula TV and SovLab were affected by cyber attacks<\/strong><\/h3>\n<p>On January 25 and 26, the websites of Mtavari TV and Formula TV, as well as the website of the Georgian president, were reportedly attacked.<\/p>\n<p>Earlier on January 23, the Soviet Historical Research Laboratory (SovLab), a civilian organization investigating Georgia\u2019s Soviet past, also reported a \u201ccoordinated\u201d cyber-attack from Russia.<\/p>\n<p>According to the RFE\/RL-Georgian Service, upon entering the president\u2019s website, a message appeared that read \u201chacked by COZY BEAR, glory to Russia.\u201d The caption has been removed from the president\u2019s website; however, it remains inactive as of 12:30 p.m., January 26, 2024.<\/p>\n<p>According to estimates, the Russian hacker group \u201cCozy Bear\u201d is connected to Russian intelligence.<\/p>\n<p><a href=\"https:\/\/civil.ge\/archives\/579092\">https:\/\/civil.ge\/archives\/579092<\/a><\/p>\n<h3><strong>11 \u2013 The Ukrainian energy giant, postal services, and transportation agencies were affected by cyber attacks<\/strong><\/h3>\n<p>Several Ukrainian state-owned critical infrastructure companies reported cyber-attacks on their systems on Thursday.<\/p>\n<p>Among the victims is the largest oil and gas company in Ukraine, Naftogaz. According to its statement, hackers attacked a data center. As of the time of writing, the Naftogaz website and call centers are not active.<\/p>\n<p>Ukraine\u2019s Cyber Security Agency said it was investigating the incident but did not provide further details. A Naftogaz spokesman said in a statement that the company\u2019s experts are currently working to resolve the incident and will provide comments on the attack later.<\/p>\n<p><a href=\"https:\/\/therecord.media\/ukraine-cyberattacks-energy-postal-transportation\">https:\/\/therecord.media\/ukraine-cyberattacks-energy-postal-transportation<\/a><\/p>\n<h3><strong>12 \u2013 Sweden\u2019s Riksbank appeals to the police following a cyber-attack that harms the IT company<\/strong><\/h3>\n<p>Sweden\u2019s central bank filed a police report after some of its IT systems were rendered inaccessible by a ransomware attack that has crippled customers of Finnish software firm Tietoevry Oyj since late last week.<\/p>\n<p>The Riksbank\u2019s HR and payroll systems were still down on Thursday following the attack, according to the spokesman. Numerous government agencies and private companies in Sweden were affected, including the country\u2019s parliament and its largest cinema chain.<\/p>\n<p><a href=\"https:\/\/www.bloomberg.com\/news\/articles\/2024-01-25\/sweden-riksbank-turns-to-police-after-ransomware-hits-tietoevry\">https:\/\/www.bloomberg.com\/news\/articles\/2024-01-25\/sweden-riksbank-turns-to-police-after-ransomware-hits-tietoevry<\/a><\/p>\n<p>\u00a0<\/p>\n<p><strong><em>The attacks highlighted in this report aren\u2019t just incidents; they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our <a href=\"https:\/\/cyberone.bg\/en\/services\">services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 6, 2024 1 \u2013 Mercedes-Benz accidentally disclosed sensitive data, including source code RedHunt Labs researchers discovered [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":8609,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[57,56],"class_list":["post-8560","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates","tag-cybersecurity","tag-weekly-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=8560"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8560\/revisions"}],"predecessor-version":[{"id":8561,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8560\/revisions\/8561"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8609"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=8560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=8560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=8560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}