SETU Waterford grapples with fallout from cyberattack 

South-East Technological University continues to grapple with the fallout of a cyberattack that was detected late last week, with WiFi and phones still out of action across its Waterford campuses. 

Source: https://www.rte.ie/news/munster/2024/1106/1479414-setu-waterford/
 

Schneider Electric confirms dev platform breach after hacker steals data 

Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company’s JIRA server. 

“Schneider Electric is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms which is hosted within an isolated environment,” Schneider Electric told BleepingComputer. 

Source: https://www.bleepingcomputer.com/news/security/schneider-electric-confirms-dev-platform-breach-after-hacker-steals-data/
  

Over 700 cybersecurity incidents in Ireland last year 

The National Cyber Security Centre (NCSC) received 5,276 reports last year, 721 of which were confirmed as cybersecurity incidents. This led to the opening of 309 investigations. 

Source: https://www.rte.ie/news/business/2024/1105/1479075-cyber-security-reports/
 

Nokia investigates breach after hacker claims to steal source code 

Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the company’s stolen source code. 

“Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia,” the company told BleepingComputer. 

Source: https://www.bleepingcomputer.com/news/security/nokia-investigates-breach-after-hacker-claims-to-steal-source-code/
  

NCSC Details ‘Pygmy Goat’ Backdoor Planted on Hacked Sophos Firewall Devices 

The UK’s National Cyber Security Centre (NCSC) has published technical documentation of a sophisticated network backdoor being planted on hacked Sophos XG firewall devices and warned that the malware was designed for a broader range of Linux-based network devices. 

Source: https://www.securityweek.com/ncsc-details-pygmy-goat-backdoor-planted-on-hacked-sophos-firewall-devices/
  

Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41 

Interpol announced it arrested 41 individuals and taken down 1,037 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime in an international law enforcement action titled Operation Synergia II. 

Source: https://www.bleepingcomputer.com/news/security/interpol-disrupts-cybercrime-activity-on-22-000-ip-addresses-arrests-41/
  

210,000 Impacted by Saint Xavier University Data Breach 

Saint Xavier University last week started notifying over 210,000 individuals that their personal information was compromised in a data breach in July 2023. 

The incident was discovered on July 21, 2023, but the investigation into the matter revealed that the unauthorized access to the university’s systems occurred weeks before. 

Source: https://www.securityweek.com/210000-impacted-by-year-old-saint-xavier-university-data-breach/
  

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System 

Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. 

The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to “Android/data,” “Android/obb,” and “Android/sandbox” directories and its sub-directories, according to a code commit message. 

Source: https://thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html 

DocuSign Abused to Deliver Fake Invoices 

Threat actors are abusing DocuSign to deliver emails to unsuspecting users and bypass email protection mechanisms, Wallarm warns. 

Unlike traditional phishing, which involves spoofed email messages mimicking known brands aimed at harvesting credentials or installing malware, this campaign relies on the trusted e-signing service to deliver malicious content. 

Source: https://www.securityweek.com/docusign-apis-abused-to-deliver-fake-invoices/
  

Iranian APT Group Targets IP Cameras, Extends Attacks Beyond Israel 

An Iranian cyber-operations group, Emennet Pasargad — also known as Cotton Sandstorm — has broadened its attacks, expanding its targets beyond Israel and the United States and targeting new IT assets, such as IP cameras. 

Source: https://www.darkreading.com/vulnerabilities-threats/iranian-group-targets-ip-cameras-extends-attacks-beyond-israel  

Smarttech247