{"id":9653,"date":"2025-02-28T16:24:08","date_gmt":"2025-02-28T13:24:08","guid":{"rendered":"https:\/\/cyberone.bg\/?p=9653"},"modified":"2025-02-28T16:24:08","modified_gmt":"2025-02-28T13:24:08","slug":"weekly-cybersecurity-report-week-9-2025","status":"publish","type":"post","link":"https:\/\/cyberone.bg\/en\/weekly-cybersecurity-report-week-9-2025","title":{"rendered":"Weekly Cybersecurity Report | Week 9, 2025"},"content":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone<\/a><\/strong>\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.<\/p>\n

Weekly Cybersecurity Report | Week 9, 2025<\/h2>\n

1 \u2013 DISA Global Solutions, a leading provider of employee screening services in the US, has announced a significant data breach affecting more than 3.3 million people.<\/strong><\/h3>\n

The company, which provides drug, alcohol and background screening services to more than 55,000 organizations and a third of the Fortune 500 companies, disclosed the incident in an official report to the Maine Attorney General.<\/p>\n

\u2013 The attackers remained in the system undetected for more than two months<\/p>\n

\u2013 Sensitive information on millions of people who underwent background checks was stolen<\/p>\n

The information exposed includes:<\/p>\n

\u2013 Social Security numbers<\/p>\n

\u2013 Financial information including credit card numbers<\/p>\n

\u2013 Government identification documents<\/p>\n

\u2013 Other personal information collected during employee screening processes<\/p>\n

2 \u2013 French telecommunications provider Orange confirmed that its systems had been breached after a hacker published internal documents claiming to have stolen thousands of files containing user records and employee data. The attacker, who is affiliated with the ransomware group HellCat, published the information on the Darknet forum after a failed extortion attempt.<\/strong><\/h3>\n

\u2013 According to the attacker, about 12,000 files with a volume of 6.5GB were stolen<\/p>\n

\u2013 The information includes 380,000 unique email addresses, source code, invoices and contracts<\/p>\n

\u2013 Most of the information belongs to the Romanian branch of the company<\/p>\n

\u2013 The attacker claims to have had access to the company\u2019s systems for more than a month<\/p>\n

\u2013 The company confirmed that \u201cthe operation in Romania was the target of a cyber attack\u201d<\/p>\n

\u2013 The breach occurred in a non-critical office application and did not affect customer activity<\/p>\n

\u2013 Cybersecurity and IT teams are working to assess the scope of the breach and minimize its impact<\/p>\n

\u2013 The company undertakes to comply with all legal obligations and cooperates with the relevant authorities<\/p>\n

https:\/\/www.bleepingcomputer.com\/news\/security\/orange-group-confirms-breach-after-hacker-leaks-company-documents<\/a><\/p>\n

3 \u2013 Crypto bank Infini hit From Cyber \u200b\u200bAttack: $49.5 Million Stolen Due to Private Key Leak<\/strong><\/h3>\n

Initial investigation points to a private key leak as the cause of the attack.<\/p>\n

\u2013 The funds were stolen from Infini\u2019s USDC Vault wallet in two separate transactions<\/p>\n

\u2013 First withdrawal: 11,455,666 USDC tokens<\/p>\n

\u2013 Second withdrawal: 38,060,996 USDC tokens<\/p>\n

\u2013 The stolen funds were converted to 17,696 Ethereum and transferred to a new wallet<\/p>\n

4 \u2013 Cyber \u200b\u200bAttack Hits the Most Sensitive Security Center in the US<\/strong><\/h3>\n

Anne Arundel County in Maryland, which hosts the most important US security centers including the NSA headquarters, is under a cyber-attack that is still ongoing.<\/p>\n

The county authorities were forced to disable some of their online services and limit internet access to protect the systems.<\/p>\n

\u2013 The attack is defined as an ongoing event lasting several days<\/p>\n

\u2013 Authorities do not yet know when they will be able to return to full operation<\/p>\n

\u2013 Emergency services are operating despite the attack<\/p>\n

\u2013 Expert cyber teams have been mobilized to handle the incident<\/p>\n

\u2013 National Security Agency (NSA) and US Army Cyber \u200b\u200bCommand<\/p>\n

\u2013 US Naval Academy and Federal Bureau of Investigation (FBI)<\/p>\n

\u2013 Defense Information Systems Agency<\/p>\n

\u2013 National Museum of Cryptology and Homeland Security Offices<\/p>\n

The district office: \u201cWe are working proactively to ensure the security of our systems. At this point, we are still learning the full scope of the impact of the attack.\u201d<\/p>\n

5 \u2013 US mineral company loses half a million dollars in email fraud attack<\/strong><\/h2>\n

NioCorp Developments, a company traded on Nasdaq, reported that hackers took over its Valentine email system and managed to transfer $500,000 that was originally intended for payment to a supplier to their accounts.<\/p>\n

Details of the attack:<\/p>\n

\u2013 Hacking into the company\u2019s email systems<\/p>\n

\u2013 Transfer of funds intended to provide to the attackers\u2019 accounts<\/p>\n

\u2013 The company discovered the hack on its own<\/p>\n

\u2013 An immediate complaint was filed with law enforcement authorities<\/p>\n

Signity of the damage:<\/p>\n

\u2013 The amount stolen constitutes 4.5% of the company\u2019s annual loss<\/p>\n

\u2013 The company has not yet begun to generate revenue from its operations<\/p>\n

\u2013 The investigation is ongoing to assess the full extent of the damage<\/p>\n

\u2013 It is not yet clear whether it will be possible to recover the stolen funds<\/p>\n

The company is working with financial institutions and law enforcement authorities to recover the funds that were transferred in error, and at the same time has begun an investigation to assess the scope of the incident and fix the breaches.<\/p>\n

6 \u2013 The British water company Southern Water reported that a ransomware attack carried out in February 2024 cost it approximately \u00a34.5 million (approximately $5.7 million). The company, which provides water and sewage services to millions of customers in the South England, noted that the attack did not affect the operation of systems, financial systems or customer interfaces. The Black Basta ransomware group claimed responsibility for the attack.<\/strong><\/h3>\n

The company\u2019s 2024 financial report stated that the costs associated with the attack include expenses for external cybersecurity experts, legal advice and other actions taken in response to the incident.<\/p>\n

7 \u2013 Ransomware attack on large Siberian dairy plant, attackers used malware from the Lockbit group.<\/strong><\/h3>\n

A large dairy plant in southern Siberia, Semyonishna, reports that last December they were attacked by a ransomware attack.<\/p>\n

According to the Russian Federal Security Service (FSB), the attackers used AnyDesk software to spread the malware on the corporate network that was not even protected by antivirus.<\/p>\n

The Semyonishna plant is a major producer of dairy products in the region, including milk, butter, cream, cheese and yogurt.<\/p>\n

Various reports indicate that the attack occurred shortly after the company provided aid, including drones, to Russian soldiers fighting in Ukraine. Vladimir Levitsky, CEO of Sayanmoloko, said the attackers sent printouts to the company\u2019s printers with messages denouncing the company\u2019s contributions to the Russian military. He said the attack did not affect milk processing but disrupted the company\u2019s ability to label products in accordance with the government\u2019s tracking system.<\/p>\n

\u00a0<\/p>\n

The cybersecurity attacks highlighted in this report aren\u2019t just incidents, they\u2019re blueprints of the adversary\u2019s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services<\/a>.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"

As your dedicated cybersecurity services provider,\u00a0Cyberone\u00a0equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape. Weekly Cybersecurity Report | Week 9, 2025 1 \u2013 DISA Global Solutions, a leading provider of employee screening services in the US, has […]<\/p>\n","protected":false},"author":6,"featured_media":8597,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[],"class_list":["post-9653","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-weekly-cyber-updates"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9653","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/comments?post=9653"}],"version-history":[{"count":1,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9653\/revisions"}],"predecessor-version":[{"id":9654,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/posts\/9653\/revisions\/9654"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media\/8597"}],"wp:attachment":[{"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/media?parent=9653"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/categories?post=9653"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberone.bg\/en\/wp-json\/wp\/v2\/tags?post=9653"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}