As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.
Weekly Cybersecurity Report | Week 22, 2024
Information security updates and events from the past week
1 Attack group Daixin claims to have hacked Dubai Municipality, encrypted thousands of servers and stolen information.
The group posted Dubai Municipality on the leak site, threatening to release the stolen information if the ransom was not paid.
According to the group, they managed to encrypt thousands of servers and a large part of the municipality’s backups and steal 60-80GB of information (“The information was stolen even though the Dubai Municipality invested a lot of resources in products to prevent information leakage…”)
2 – The Russian supermarket chain Verny reports that in recent days it has been suffering from a widespread cyber-attack that disables the chain’s computer systems and application.
Following the attack, the chain, which operates about 1,000 branches, reported that it accepts payment only in cash and that the entire online ordering system is disabled.
At this point it is not clear who is responsible for the attack, but the suspicion is that they are attackers from Ukraine.
3 – Several hospitals in London are suffering widespread disruptions due to a ransomware attack on the medical services provider Synnovis.
The company Synnovis, which provides medical services to hospitals, has not yet reported the incident, but a number of hospitals in London have already published a notice about shutting down some services and canceling appointments (and surgeries) due to the attack on the company.
In the meantime, Synnovis contented itself with a message on the company’s portal that all the company’s servers were unavailable but did not specify a transition.
At this point, no infidel group has claimed responsibility for the attack.
4 – Australian mining company reveals breach after BianLian leaked data
Northern Minerals issued a statement earlier today warning that it had suffered a cyber security breach resulting in some of its stolen data being published on the dark web.
Northern Minerals is an Australian company focused on the exploration and development of heavy rare earth elements (HRE), particularly dysprosium and terbium, used in electronics, batteries and aircraft.
The company trades on the Australian Securities Exchange (ASX) under ‘NTU’, so it is required by law to disclose any incident of data breach as soon as possible.
The company revealed today, without naming the attackers, that data was stolen from its systems at the end of March 2024 and subsequently published on the dark web.
5 – Data of 560 million Ticketmaster customers offered for sale after information leak
A threat actor known as ShinyHunters is selling what it claims is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000.
The allegedly stolen databases, first put up for sale on the Russian hacking forum Exploit, contain 1.3TB of data and full customer details (ie names, home and email addresses and phone numbers), as well as a card. Information on sales, orders and events.
They also contain customer credit card information, including backed-up credit card numbers, the last four digits of card numbers, credit card types and verification and expiration dates, with financial transactions spanning from 2012 to 2024.
The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right protection. Cyberone is here to help! Check out our services.
