SAN MATEO, CA, June 3, 2024 — Cybersecurity news weekly roundup. Stories, news, politics, and events that impacted the network security industry last week. Brought to you by NetworkTigers.
Survey reveals what worries critical infrastructure companies
New research from Bridewell, a cybersecurity services leader, reveals that eight in ten US critical infrastructure companies are concerned about the rising risk of automated hacking. The survey included representatives from the aviation, communications, energy, water supply, transportation, media, and financial services industries. They all listed AI-driven phishing attacks, adaptive AI cyberattacks, and AI-driven exploit development as of higher concern than other threats listed, including polymorphic malware. Read more.
Endgame operation takes down four ransomware networks
Eurojust, the EU’s judicial cooperative society, has arrested four major players in international cybercrime. The operation, known as “Endgame”, involved coordination with law enforcement in Germany, the Netherlands, France, Denmark, Ukraine, Armenia, Portugal, the United States, and the United Kingdom. Over 100 servers and over 2,000 internet domains were taken offline to curb cybercriminal activity, and one main suspect is estimated to have earned over 69 million euros by renting out ransomware to other hackers. Read more.
Trojan takes down 600,000 home-office routers
Details are now emerging about the 2023 attack, called “Pumpkin Eclipse,” which took at least 600,000 small home and office routers offline across the US. It involved three router models issued by an ISP, thought to be Windstream: ActionTec T3200, ActionTec T3260, and Sagemcom. A remote access Trojan called “Chalubo” is believed to be to blame. A hardware fix is required for affected routers. Read more.
New federal cybersecurity standards by early 2025
The Biden Administration plans to roll out new cybersecurity minimum standards by early 2025. This memorandum will require government contractors and critical infrastructure companies, such as oil, gas, and financial services, to develop and share “risk sector management plans” with the Cybersecurity and Infrastructure Security Agency (CISA). Regulation is still in flux, but new guidelines may also address the risk of incursion by foreign government actors. Read more.
US Cyber Command operators on first mission to Zambia
US Cyber Command has completed its first-ever cyber defensive mission in Zambia. US cyber experts from the embassy worked with the Zambian Information Communication Technology Authority to root out threats and strengthen Zambian cybersecurity practices. The mission strengthened US-Zambian diplomatic ties and US homeland defense efforts. Read more.
European hacktivist attacks double in Q1 2024
Juhan Lepassar, the head of the European Union Agency for Cybersecurity (ENISA), has announced that cyber attacks targeting European infrastructure, specifically election efforts, have doubled from the end of 2023 to the first quarter of 2024. This significant increase in ransomware and destabilizing hacks is attributed to Russian actors. Lepassar says many of the attempts were first tested in Ukraine and then re-used across the EU. Read more.
Names and SSNs accessed in Toshiba hack
A business email compromise (BEC) attack at Toshiba has revealed the names and social security numbers of an unknown number of people across Maine and Massachusetts. The attack was discovered only this past May 2024, but compromise is thought to have occurred as early as April 2023. Toshiba America Business Solutions, the American subsidiary, is offering free two-year identity monitoring services for those affected. Read more.
Class action suit over massive ShinyHunters data breach
In response to one of the largest data breaches in history, a California law firm has filed a class action lawsuit against LiveNation and Ticketmaster, alleging that they did not adequately protect consumer data. The lawsuit contends the entertainment company violated California’s Consumer Privacy Act and failed to properly encrypt personal and financial data accessed by the infamous hacking group ShinyHunters. Read more.
Santander latest victim to of ShinyHunters
Dark Web Informer, a cybersecurity service that tracks breaches, has reported that ShinyHunters, the same company that hacked Ticketmaster, is selling access to Santander’s database for $2 million. ShinyHunters has offered Santander the option to buy back the database themselves in this ransomware attack. The database includes personal information of all 200,000 of Santander’s current and some former staff, as well as some client information from Spain, Chile, and Uruguay. The company insists that online banking details and passwords are still secure. Read more.
Russian-linked gang claims second Shell Oil hack
The Russian hacking group CIOP claims to have posted stolen data from Shell Oil on its dark web platform. The information, if accurate, contains first and last names, physical addresses, email addresses, and phone numbers for Shell clients across the UK, Australia, France, India, Singapore, the Philippines, the Netherlands, Malaysia, and Canada. This hack would be the second ransomware attack that has succeeded against Shell Oil in under two years. Read more.
More cybersecurity news
- Last week’s news
- More cybersecurity news
- All articles brought to you by NetworkTigers
