Woman arrested in connection with Electric Ireland customer data breach 

A woman has been arrested as part of an investigation into a potentially substantial Electric Ireland data breach last year. 

Gardaí said the woman, who is aged in her 20s, was taken into custody on Monday and was being detained at a station in the Dublin metropolitan area. 

Source: https://www.irishtimes.com/ireland/2024/12/03/woman-arrested-in-connection-with-electric-ireland-customer-data-breach/

Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks 

A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People’s Republic of China (PRC)-affiliated threat actors targeting telecommunications providers. 

Source: https://thehackernews.com/2024/12/joint-advisory-warns-of-prc-backed.html  

Vodka maker Stoli files for bankruptcy in US after ransomware attack 

Stoli Group’s U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company’s remaining distilleries in the country. 

Source: https://www.bleepingcomputer.com/news/security/vodka-maker-stoli-files-for-bankruptcy-in-us-after-ransomware-attack/ 

The UK is ‘widely’ underestimating online threats from hostile states and criminals, cyber security chief warns 

The UK is “widely” underestimating the severity of the threat from cyberspace, the country’s cyber security chief will warn.  

It comes as the National Cyber Security Centre (NCSC) – a part of GCHQ – revealed there had been a three-fold increase in the most serious attacks compared with a year ago. 

Source: https://news.sky.com/story/the-uk-is-widely-underestimating-online-threats-from-hostile-states-and-criminals-cyber-security-chief-warns-13265666  

Cloudflare’s developer domains increasingly abused by threat actors 

Cloudflare’s ‘pages.dev’ and ‘workers.dev’ domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities. 

Source: https://www.bleepingcomputer.com/news/security/cloudflares-developer-domains-increasingly-abused-by-threat-actors/

SpyLoan Android malware on Google Play installed 8 million times 

A new set of 15 SpyLoan Android malware apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. 

Source: https://www.bleepingcomputer.com/news/security/spyloan-android-malware-on-google-play-installed-8-million-times/ 

Decade-Old Cisco Vulnerability Under Active Exploit 

Cisco is warning customers of a security vulnerability impacting its Adaptive Security Appliance (ASA) that is actively being exploited by threat actors. 

Source: https://www.darkreading.com/vulnerabilities-threats/decade-old-cisco-vulnerability-exploit  

Bologna FC confirms data breach after RansomHub ransomware attack 

Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group. 

Source: https://www.bleepingcomputer.com/news/security/bologna-fc-confirms-data-breach-after-ransomhub-ransomware-attack/  

Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses 

Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses. 

Source: https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html 

New TLDs Like .shop, .top And .xyz Attracting Phishers 

A significant surge in phishing attacks has been unveiled by a recent study conducted by Interisle Consulting, with a nearly 40% increase in the year ending August 2024. 

The research highlights that much of this growth is concentrated in a small number of new generic top-level domains (gTLDs), such as .shop, .top, and .xyz. 

Source: https://cybersecuritynews.com/new-tlds-attracting-phishers/  

Smarttech247