Weekly Cybersecurity Report | Week 40, 2024

As your dedicated cybersecurity services provider, Cyberone equips you with timely and in-depth information about current cyber attacks. Discover a weekly cybersecurity report of the latest exploits and breaches shaping the ever-evolving cybersecurity landscape.

Weekly Cybersecurity Report | Week 40, 2024

Information security updates and events from the past week 

1. The British police announced today (Thursday) that they are investigating a cybersecurity attack that hit 19 train stations throughout the kingdom, including some of the largest stations there.
   Among others, the list includes London Bridge station, Houston station in the capital city, Manchester Piccadilly and Edinburgh Waverley. As part of the cyber-attack, passengers who tried to connect to the Wi-Fi network received messages that, according to the police, were Islamophobic.
2. Journalist Arrest in Cambodia: Journalist Mac Dara, who won awards for exposing the cyber industry and fraud in Cambodia, was arrested by the authorities following his reports on fraudulent operations based on identity theft (“Pig Butchering”) that also involve human trafficking. This activity involves creating a fake identity, establishing trust with the victim, and then tricking them into investing or borrowing money.
3. Significant software vulnerabilities: Jenkins, a popular automation tool, has released updates to fix serious vulnerabilities. In addition, an SQL vulnerability was discovered in Ivanti EPM, which was exploited against certain systems.
4. Charges against the Iranians: The US Department of Justice filed charges against three members of Iran’s Revolutionary Guard following targeted cyber-attacks against Donald Trump’s 2024 election campaign, which included stealing documents and attempting to distribute them to the press.
5. Cybersecurity attacks in the public and private sectors: Notable cyber-attacks occurred in the US, when an attack on the systems of several federal agencies was confirmed using unpatched weaknesses in the Ivanti EPM software, including the exploitation of a SQL vulnerability that led to data leakage and damage to local networks. In addition, reported attacks Ransomware that affected critical systems in Europe and the US, including health institutions and energy companies.
6. Shutting down a global botnet network: The FBI dismantled a network of infected computers, which contained about 19 million computers from 200 countries, which were used for financial fraud and other cybercrimes in the scope of billions of dollars. This operation is considered one of the most successful in the field of online crime recently.
7. Alerts of attacks on financial institutions: The International Monetary Fund (IMF) has warned of the increasing risk to financial institutions, with cyber-attacks in this sector posing a threat to global financial stability. According to the report, about 20% of the cyber-attacks reported in the last twenty years were in the financial sector.

The attacks highlighted in this report aren’t just incidents, they’re blueprints of the adversary’s arsenal. To protect your business you need the right partner. Cyberone is here to help! Check out our services.