Weekly Cyber News: 2nd - 6th Dec 2024
Cyber Security Associates
Providing Cyber Security Solutions designed to Protect your People
The cyber security landscape keeps changing, with new threats and tools emerging every week. It can be easy to lose track of what’s happening, but we’ve rounded up the latest news you need to know about - keep reading to learn more.
SpyLoan Android malware on Google Play installed 8 million times
A new set of 15 SpyLoan Android malware apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa.
The apps were discovered by McAfee, a member of the 'App Defense Alliance,' and have now been removed from Android's official app store.
Data published online following data breach at Alder Hey
A statement posted on the trust’s website on 28 November 2024, said: “We are aware that data has been published online and shared via social media that purports to have been obtained illegally from systems shared by Alder Hey and Liverpool Heart and Chest Hospital NHS Foundation Trust.
“We are working with partners to verify the data that has been published and to understand the potential impact.
Italian Football Team Bologna Suffers Cyber-Attack.
Italian football team Bologna Football Club 1909 has had data compromised following an attack against its internal security systems.
The attack was claimed by the RansomHub ransomware operation, which has since exposed all of the exfiltrated information after the football team refused to pay the demanded amount even after a two-day extension.
In a statement, the team said: “Bologna FC 1909 S.p.a. would like to communicate that a ransomware cyber-attack recently targeted its internal security systems.
Supply chain technology provider Blue Yonder faces ransomware attack
Blue Yonder, a supply chain technology provider, has faced a ransomware incident. According to the organization, its managed services hosted environment experienced disruptions on November 21, 2024. These disruptions were determined to be the result of a ransomware attack. In response, Blue Yonder has enacted defensive and forensic protocols, including partnering with an external cybersecurity firm for recovery purposes.
NCSC warns of gap between cyber threats and resilience
It has sounded the warning in its newly published annual review, accompanied by its chief executive officer, Richard Horne, describing the cyber risks facing the nation as “widely underestimated”.
The review makes clear that the situation is making the public sector vulnerable.
“The NCSC believes that the severity of the risk facing the UK is being widely underestimated, and that the cyber security of critical infrastructure, supply chains and the public sector must improve,” it says.
MoD employee passwords stolen by Russian hackers
The Ministry of Defence (MoD) has been hit by a serious security breach, with passwords belonging to nearly 600 employees stolen and leaked onto the dark web. The cyberattack, believed to have been perpetrated by Russian hackers, has exposed sensitive information of both military personnel, civilian staff and defence contractors.
FBI tells telecom firms to boost security following wide-ranging Chinese hacking campaign
Federal authorities on Tuesday urged telecommunication companies to boost network security following a sprawling Chinese hacking campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.
The guidance issued by the FBI and the Cybersecurity and Infrastructure Security Agency is intended to help root out the hackers and prevent similar cyberespionage in the future. Officials who briefed reporters on the recommendations said the U.S. still doesn't know the true scope of China's attack or the extent to which Chinese hackers still have access to U.S. networks.
Read More: FBI tells telecom firms to boost security following wide-ranging Chinese hacking campaign
EU Council Proposes New Cybersecurity Laws
New laws proposed to introduce alert system and encourage adoption of certification schemes.
The Council of the European Union has announced the adoption of two new laws to improve the overall cybersecurity across the continent.
The new laws establish a cybersecurity shield that calls for member states to cooperate in detecting and responding to cyber-attacks, and amend the EU’s Cybersecurity Act (CSA) of 2019 to ensure adequate security standards for managed security services.
Deloitte Allegedly Breached by Hackers
Ransomware group Brain Cipher claims to have carried out a significant breach of Deloitte UK.
Emerging ransomware group Brain Cipher has claimed responsibility for a supposed cyber-attack on Deloitte UK, alleging it has exfiltrated over 1TB of compressed data.
The group has issued a deadline of December 15 for the company to respond. While the breach remains unverified, Brain Cipher has listed Deloitte UK as a victim on its dark web data leak site.
Read More: Deloitte allegedly breached by hackers
Operation Destabilise Hits Money Laundering and Crime Groups
Two Russian speaking networks, which enabled payments for cyber-criminal groups, taken down
Networks which supported and laundered millions of dollars in ransomware payments have been disrupted by the UK’s National Crime Agency (NCA).
Named Operation Destabilise, the international effort exposed and disrupted Russian money laundering networks, including laundering over $2.3 million of suspected ransoms paid in crypto by victims of the Ryuk ransomware group.
The NCA named the groups as ‘Smart’ and ‘TGR’, and its activity has so far led to 84 arrests, as well as the seizure of over £20m in cash and cryptocurrency.
U.S. prosecutors indict 19-year-old hacker: suspected of intruding into telecommunications companies and causing serious losses
According to charges made public on Wednesday local time, 19-year-old Remington Ogletree was suspected of attacking two telecommunications companies and a U.S. financial institution, stealing data and customer virtual currencies, causing a $4 million (IT Note: The current loss is approximately RMB 29.099 million). He is believed to be cooperating with the “Scattered Spider” hacker group, which has previously been linked to attacks on well-known companies such as MGM Resorts International and Caesars Entertainment.
If you want to keep your data safe from the latest cyber threats, then we can help - don’t hesitate to get in touch with the dedicated cyber experts at CSA.