{"id":8764,"date":"2024-05-27T10:35:00","date_gmt":"2024-05-27T07:35:00","guid":{"rendered":"https:\/\/cyberone.bg\/?p=8764"},"modified":"2024-05-27T10:37:00","modified_gmt":"2024-05-27T07:37:00","slug":"weekly-cybersecurity-report-week-20-2024","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-20-2024","title":{"rendered":"Weekly Cybersecurity Report | Week 20, 2024"},"content":{"rendered":"<p>As your dedicated cybersecurity services provider,<strong> <a href=\"https:\/\/cyberone.bg\/\">Cyberone<\/a><\/strong> equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n<h2><strong>Weekly Cybersecurity Report | Week 20, 2024<\/strong><\/h2>\n<h4><b><span data-contrast=\"auto\">Information security updates and events from the past week<\/span><\/b><span data-ccp-props=\"{&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559739&quot;:60}\">\u00a0<\/span><\/h4>\n<h3><b><span data-contrast=\"auto\">1 &#8211; A cyber-attack in Kansas City has been shutting down a large part of the municipality&#8217;s services for about a month, including some of the cameras placed on the roads and used to investigate accidents, etc.<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h3>\n<p><strong>Kansas City:\u00a0<\/strong><\/p>\n<ul>\n<li><span data-contrast=\"auto\">Last week there was a report of a cyber-attack at the Charter School.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">In January, the services of the Kansas City Public Transportation System (KCATA) were shut down due to a ransomware attack.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">On December 23 Liberty Hospital in Kansas City suffered a widespread cyber-attack.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<li><span data-contrast=\"auto\">On January 20, Kansas City City Hall was shut down for several days due to a ransomware attack.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/li>\n<\/ul>\n<h3><b><span data-contrast=\"auto\">2 &#8211; China stole geopolitical secrets from the Middle East, Africa, and Asia<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">A Chinese state-linked threat group has been exfiltrating emails and files from high-level government and military targets across the Middle East, Africa, and Southeast Asia every day since late 2022.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Operation Diplomatic Specter, an espionage campaign described in a new report by Palo Alto&#8217;s Unit 42, targets foreign ministries, military bodies, embassies and more in at least seven countries on three continents. Its goal is to obtain classified and other sensitive information about geopolitical conflicts, diplomatic and economic missions, military operations, political meetings and summits, politicians, and senior military personnel, and above all, embassies and foreign ministries.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The campaign continues, and the attackers have already demonstrated a willingness to continue spying, even after being exposed and located from compromised networks.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/china-apt-stole-geopolitical-secrets-from-middle-east-africa-and-asia\"><span data-contrast=\"none\">https:\/\/www.darkreading.com\/threat-intelligence\/china-apt-stole-geopolitical-secrets-from-middle-east-africa-and-asia<\/span><\/a><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h3><b><span data-contrast=\"auto\">3 &#8211; Student data exposed in Western Sydney University data breach<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">Western Sydney University (WSU) has notified students and academic staff of a data breach after threat actors breached its Microsoft 365 and SharePoint environment.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">WSU University is an educational institution in Australia that offers a wide range of undergraduate, graduate and research programs across various disciplines. It has 47,000 students and more than 4,500 permanent and seasonal employees and operates on a budget of 600 million dollars (USD).<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">In a statement published today on the Western Sydney University website, the university warned that hackers had accessed its Microsoft Office 365 environment, including email accounts and SharePoint files.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h3><b><span data-contrast=\"auto\">4 &#8211; The well-known e-script company MediSecure was hit by a large-scale ransomware data breach<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">Australia-based e-prescription provider MediSecure has shut down its website and phone lines following a ransomware attack, allegedly originating from a third-party vendor.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The incident affected people&#8217;s personal and health information, but the extent of this is still unclear currently.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<h3><b><span data-contrast=\"auto\">5 &#8211; A spy app was found in the check-in systems of 3 hotels in the USA<\/span><\/b><span data-ccp-props=\"{}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"auto\">Security researcher Eric Daigle discovered a commercial spyware application, called pcTattletale, in the check-in systems of at least three Wyndham hotels across the US.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The app is often used by parents to monitor their children&#8217;s online activities or by employers to track employee efficiency and internet usage.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">Daigle discovered commercial tracking software in hotel check-in systems while investigating consumer-grade spyware (known as stalkerware).\u202f<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">pcTattletale <\/span><span data-contrast=\"auto\">is software designed for monitoring and recording activities of computer users.\u00a0<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">The software was used by someone to take screenshots of hotel reservation systems, including guest details. Daigle also discovered a vulnerability in the monitoring software that allows anyone to access the screenshots taken by the app.<\/span><span data-ccp-props=\"{}\">\u00a0<\/span><\/p>\n<p><strong><em>The attacks highlighted in this report aren&#8217;t just incidents, they&#8217;re blueprints of the adversary&#8217;s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our <a href=\"https:\/\/cyberone.bg\/en\/services\">services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 20, 2024 Information security updates and events from the past week\u00a0 1 &#8211; A cyber-attack in [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":8597,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[57,65,56],"class_list":["post-8764","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates","tag-cybersecurity","tag-weekly-cybersecurity-report","tag-weekly-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8764","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=8764"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8764\/revisions"}],"predecessor-version":[{"id":8765,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/8764\/revisions\/8765"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8597"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=8764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=8764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=8764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}