{"id":8570,"date":"2024-02-09T12:09:02","date_gmt":"2024-02-09T09:09:02","guid":{"rendered":"https:\/\/cyberone.bg\/?p=8570"},"modified":"2024-02-22T14:57:50","modified_gmt":"2024-02-22T11:57:50","slug":"weekly-cybersecurity-report-week-7-2024","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-7-2024","title":{"rendered":"Weekly Cybersecurity Report | Week 7, 2024"},"content":{"rendered":"

As your dedicated cybersecurity services provider, Cyberone<\/a><\/strong> equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n

Weekly Cybersecurity Report | Week 7, 2024<\/strong><\/h2>\n

1 \u2013 Attackers managed to steal 25 million dollars from an international company after a video meeting faked using Deep Fake<\/strong><\/h3>\n

An employee of the international company, based in Hong Kong (the company\u2019s name was not published), received a phishing email from the finance director where he was told that a money transfer needed to be made, the employee feared that it was a malicious email but saw that there was also a summons to a video call with all the relevant people and decided to come up to talk.<\/p>\n

The employee went to the video meeting where, except for him, all the other employees were faked using Deep Fake, including the finance manager.<\/p>\n

During the meeting, the fake finance manager instructed the employee where and how to make the transfers and the employee did make 15 different transfers amounting to $25 million.<\/p>\n

It took several days for the employee to realize that he had been defrauded, after he asked other company officials about the transfer.<\/p>\n

2 \u2013 Ransom and communication \u2013 The Medusa group advertises the Digital company that provides cellular services in Venezuela.<\/strong><\/h3>\n

According to Medusa, Digitel has 5 million customers, the ransom is $5 million.<\/p>\n

3 \u2013 The Trigona Group advertises the Claro communications company that provides cellular services in 18 countries in South America.<\/strong><\/h3>\n

The company reports that following the attack it is forced to disable and isolate some of the systems.<\/p>\n

4 \u2013 The AlphV group announced this week that it hacked the Technica company that provides IT services to US government entities, including the FBI.<\/strong><\/h3>\n

The group claimed that it has 300GB of information, including sensitive government information that it will publish soon.<\/p>\n

5 \u2013 Hackers broke into AnyDesk servers and stole source code and keys<\/strong><\/h3>\n

Effects of the attack is access to sensitive customer information, counterfeiting of AnyDesk software.<\/p>\n

The company\u2019s recommendation is to reset user passwords and update software and increased vigilance<\/p>\n

Uncracked versions:<\/p>\n

* 7.0.13 and above.<\/p>\n

* 6.15.5 or higher (32-bit).<\/p>\n

* 5.11.4 or higher (64-bit).<\/p>\n

6 \u2013 Chinese hackers hid in the US infrastructure network for 5 years<\/strong><\/h3>\n

China\u2019s Volt Typhoon cyber espionage group penetrated a critical infrastructure network in the United States and remained undetected for at least five years before being discovered, according to a joint advisory from CISA, the NSA, the FBI and partner Five Eyes agencies.<\/p>\n

Volt Typhoon hackers are known to widely use \u201clife off the ground\u201d (LOTL) techniques as part of their attacks on critical infrastructure organizations.<\/p>\n

They also use stolen accounts and leverage strong operational security, which allows them to avoid detection and maintain long-term persistence on compromised systems.<\/p>\n

Learn more here: https:\/\/www.bleepingcomputer.com\/news\/security\/chinese-hackers-hid-in-us-infrastructure-network-for-5-years\/<\/a><\/p>\n

7 \u2013 3 million smart toothbrushes were used in a DDoS attack.<\/strong><\/h3>\n

It sounds more like science fiction than reality, but Swiss newspaper Aargauer Zeitung reports that around three million smart toothbrushes have been hijacked by hackers to launch a distributed denial of service (DDoS) attack. The innocent gadgets that became soldiers in the botnet army \u2013 knocked out a Swiss company for a few hours and caused damages of millions of euros.<\/p>\n

While details are scarce, it is known that the affected toothbrushes ran Java, a popular language for Internet of Things (IoT) devices. Once infected, a global network of malicious toothbrushes launched their successful attack.<\/p>\n

The toothbrushes achieved this by flooding the Swiss site with fake traffic, effectively knocking out services, disabling them and causing widespread disruption.<\/p>\n

Learn more here: https:\/\/www.zdnet.com\/home-and-office\/smart-home\/3-million-smart-toothbrushes-were-just-used-in-a-ddos-attack-really\/<\/a><\/p>\n

8 \u2013 Verizon internal data breach affects more than 63,000 employees<\/strong><\/h3>\n

Verizon Communications warns that an internal data breach is affecting nearly half of its workforce, exposing sensitive employee information.<\/p>\n

A data breach notification shared with the Maine Attorney General\u2019s Office reveals that a Verizon employee gained unauthorized access to a file containing sensitive employee information on September 21, 2023.<\/p>\n

The company discovered the breach on December 12, 2023, nearly three months later, and determined it contained sensitive information of 63,206 employees.<\/p>\n

Learn more here: https:\/\/www.bleepingcomputer.com\/news\/security\/verizon-insider-data-breach-hits-over-63-000-employees\/#google_vignette<\/a><\/p>\n

9 \u2013 Cameroon\u2019s electricity company suffers from a cyber attack<\/strong><\/h3>\n

Cameroon\u2019s electricity company, Eneo, has warned that it is suffering from a cyber attack that occurred on January 29 and significantly destroyed its computer system.<\/p>\n

The company did not provide details about the intrusion, but did say that some apps were disabled as a precaution and to enable measures to secure their system. Prepaid and warranty operations were significantly affected.<\/p>\n

Learn more here: https:\/\/itweb.africa\/content\/8OKdWqDXArbqbznQ<\/a><\/p>\n

10 \u2013 A Chicago hospital reports a cyber security incident this week<\/strong><\/h3>\n

Saint Anthony Hospital in West Chicago confirmed that hackers gained access to the hospital\u2019s computer network in December. The hospital stated that some patient files were copied.<\/p>\n

Investigators were still working to discover the full extent of the security breach as of Friday.<\/p>\n

Last month, an investigation involving law enforcement and cybersecurity experts confirmed that some patient information files were copied on December 18.<\/p>\n

The hospital says that it is working to \u201cexamine existing policies and procedures and implement additional ones as needed.\u201d<\/p>\n

Learn more here: https:\/\/www.cbsnews.com\/chicago\/news\/chicago-hospital-cybersecurity\/<\/a><\/p>\n

11 \u2013 The popular Australian health brand Elite Supplements falls victim to a cyber attack<\/strong><\/h3>\n

Customers of a popular supplement brand have been warned that their personal information has been compromised after the company was hacked.<\/p>\n

Elite Supplements notified its customers in an email that the company was under a cyberattack, which caused \u201cone or more unknown parties to gain access\u201d to some online customer data.<\/p>\n

The company first became aware of the possible breach on January 30 and \u2018took the breach very seriously\u2019 before notifying its customers shortly after 6pm on Saturday.<\/p>\n

However, customers were assured that no credit card, sensitive payment data or passwords were compromised.<\/p>\n

Instead, the hackers gained access to the names, shipping addresses, email addresses and phone numbers of online customers.<\/p>\n

Learn more here: https:\/\/www.dailymail.co.uk\/news\/article-13041023\/Elite-Supplements-cyber-attack.html<\/a><\/p>\n

12 \u2013 Hackers reveal a vulnerability in the Airbus EFB application, which compromises aircraft data<\/strong><\/h3>\n

Cyber security researchers at penetration testing company Pen Test Partners have been testing the security of various electronic flight bags (EFB), IoT and vehicles for several years. Due to their extensive research, a fault in the Flysmart+ Manager package from Airbus was identified and addressed 19 months after the initial exposure.<\/p>\n

Airbus-owned IT services provider NAVBLUE has developed the Flysmart+ Manager app for iPad, which synchronizes and installs airline data in other apps, including EFBs.<\/p>\n

According to a report by Pentestpartners, this app has security controls disabled, allowing it to communicate with servers using insecure methods, which could allow an attacker to change aircraft performance data or adjust airport information.<\/p>\n

Learn more here: https:\/\/www.hackread.com\/hackers-airbus-efb-app-vulnerability-aircraft-data\/#google_vignette<\/a><\/p>\n

\u00a0<\/p>\n

The attacks highlighted in this report aren\u2019t just incidents; they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 7, 2024 1 \u2013 Attackers managed to steal 25 million dollars from an international company after […]<\/p>\n","protected":false},"author":6,"featured_media":8612,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[57,65,56],"class_list":["post-8570","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates","tag-cybersecurity","tag-weekly-cybersecurity-report","tag-weekly-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=8570"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8570\/revisions"}],"predecessor-version":[{"id":8571,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8570\/revisions\/8571"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8612"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=8570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=8570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=8570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}