{"id":9555,"date":"2025-01-06T10:48:20","date_gmt":"2025-01-06T07:48:20","guid":{"rendered":"https:\/\/cyberone.bg\/?p=9555"},"modified":"2025-01-06T10:48:20","modified_gmt":"2025-01-06T07:48:20","slug":"weekly-cybersecurity-report-week-1-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-1-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 1, 2025"},"content":{"rendered":"<p>As your dedicated cybersecurity services provider,<strong>\u00a0<a href=\"https:\/\/cyberone.bg\/\">Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n<h2>Weekly Cybersecurity Report | Week 1, 2025<\/h2>\n<p>&nbsp;<\/p>\n<h3><strong>1 &#8211; Information on approximately 800,000 vehicles was leaked from Cariad, a company that provides various technological services to automotive companies.<\/strong><\/h3>\n<p>The information was stored in a database that contained several weaknesses that provided access to unauthorized parties in various ways.<\/p>\n<p>The information contained the real-time locations of hundreds of thousands of vehicles, including police vehicles, vehicles of government officials, politicians, and more.<\/p>\n<h3><strong>2 &#8211; Cyberattack on the US Treasury Department<\/strong><\/h3>\n<p>Hackers supported by China managed to break into the Treasury Department&#8217;s systems through an external cybersecurity service provider (BeyondTrust).<\/p>\n<p>The attack allowed access to unclassified information and employee workstations.<\/p>\n<p>The attackers used a stolen access key to bypass security mechanisms. The BeyondTrust service was disabled immediately after the hack was detected.<\/p>\n<p>The attack was investigated by the FBI, CISA, and security experts Cyber, currently, there are no signs of continued access or theft of additional information, a detailed report will be published in 30 days.<\/p>\n<p>A spokesman for the Chinese embassy claimed that the allegations were baseless and called on the US to refrain from speculation.<\/p>\n<p>The attack is part of a wider cyber campaign, &#8220;Salt Typhoon&#8221;, in which Chinese hackers are targeting critical American networks.<\/p>\n<h3><strong>3 &#8211; Cyber-attack on the websites of the Italian Foreign Ministry and airports in Milan<\/strong><\/h3>\n<p>The cyber-attack did not disrupt airport operations, but mainly affected passengers trying to check the status of their flights.<\/p>\n<p>Regarding the websites of the Italian Foreign Ministry and several other sites that were temporarily unavailable due to a DDoS attack<\/p>\n<p>A Russian group called NoName57 is responsible for this attack, it also attacks Israeli sites daily, but it doesn&#8217;t really have an impact<\/p>\n<h3><strong>4 &#8211; Volkswagen data breach: Data of 800,000 electric vehicle owners leaked<\/strong><\/h3>\n<p>Volkswagen accidentally exposed the personal information of 800,000 electric vehicle owners, including their location data and contact details.<\/p>\n<p>The breach, which occurred due to a misconfiguration in the systems of Cariad, Volkswagen&#8217;s software subsidiary, left sensitive data stored in the Amazon cloud publicly accessible for months.<\/p>\n<p>The information exposed included precise GPS data, which allowed detailed movement profiles of the vehicles and their owners to be created.<\/p>\n<p>This breach not only compromised the privacy of citizens, but also affected high-profile individuals such as politicians, business leaders, and law enforcement officers.<\/p>\n<p>The breach was discovered by Chaos Computer Club (CCC), a German hacker group known for its ethical hacking methods. The CCC immediately notified Volkswagen of the vulnerability, allowing the company to address the issue before it could be exploited maliciously<\/p>\n<h3><strong>5 &#8211; Cyberattack hits Japan Airlines, delays ticket sales<\/strong><\/h3>\n<p>A cyberattack hit Japan Airlines (JAL) on Thursday, the attack began at 7:24 a.m. and affected internal and external systems.<\/p>\n<p>The Associated Press reported that the attack knocked out routers, causing system failures and the suspension of ticket sales for departures on Thursday.<\/p>\n<p>The cyberattack caused delays of more than 30 minutes for 24 domestic flights.<\/p>\n<p>JAL&#8217;s systems are back in full operation after the attack.<\/p>\n<p><a href=\"https:\/\/www.reuters.com\/technology\/cybersecurity\/japan-airlines-systems-hit-by-cyberattack-ntv-says-2024-12-26\/\">https:\/\/www.reuters.com\/technology\/cybersecurity\/japan-airlines-systems-hit-by-cyberattack-ntv-says-2024-12-26\/<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><span data-ccp-props=\"{}\">\u00a0<\/span><strong><em>The cybersecurity attacks highlighted in this report aren&#8217;t just incidents, they&#8217;re blueprints of the adversary&#8217;s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our <a href=\"https:\/\/cyberone.bg\/en\/services\">services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 1, 2025 &nbsp; 1 &#8211; Information on approximately 800,000 vehicles was leaked from Cariad, a company that provides [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":8600,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-9555","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=9555"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9555\/revisions"}],"predecessor-version":[{"id":9556,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9555\/revisions\/9556"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8600"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=9555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=9555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=9555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}