With cyber threats constantly on the rise, staying informed about the latest news and developments in the field is essential for maintaining digital safety. Because of this, cybersecurity remains a critical concern for organisations, governments, and individuals. In this blog post, we will explore the top cybersecurity news stories from this week, shedding light on significant events, and noteworthy security incidents.
This biggest news story of this week is, undoubtedly, the takedown of the notorious LockBit ransomware group. Other significant news stories include a warning from President Biden about the cyber vulnerability of US ports, a notable Microsoft Exchange Flaw which could impact thousands, and a ransomware attack on Schneider Electric.
Lockbit Cybercrime Gang Disrupted by Britain, US and EU
APT group LockBit has been disrupted in a rare international law enforcement operation. The operation was run by Britain’s National Crime Agency (NCA), the US FBI, Europol and a coalition of international police agencies, according to a post on the group’s extortion website. Notably, LockBit were behind a ransomware attack on Royal Mail in early 2023, which cost the company over $12m.
Biden Vows to Boost Port Cybersecurity
Earlier this week, President Joe Biden issued an executive order and established a federal rule with the objective of enhancing the cybersecurity measures at the nation's ports to guard against possible cyber threats. The administration aims to set out a series of cybersecurity guidelines that port operators nationwide must adhere to, akin to standardised safety regulations designed to mitigate the risk of harm or damage to individuals and infrastructure.
Higher Education Institutions Suffer DDoS Attacks
Higher education institutions in the UK this week have been impacted by widespread distributed denial of service (DDoS) attacks. One of the affected institutions is The University of Cambridge.
Students from multiple colleges have been alerted to the development, which has been impacting critical education IT services like CamSIS and Moodle. This story highlights the importance of strong supply chain security in educational institutions.
Microsoft Exchange Flaw CVE-2024-21410 Could Impact Thousands, According to Researchers
Researchers have identified roughly 28,000 internet-facing Microsoft Exchange servers (out of 97,000 serves) vulnerable to CVE-2024-21410. The CVE-2024-21410 vulnerability represents a bypass vulnerability that can be leveraged by malicious actors to circumvent the SmartScreen user experience. Exploiting this vulnerability enables the injection of code, potentially resulting in unauthorised code execution. This could, in turn, lead to the exposure of sensitive data, a compromise in system availability, or a combination of both.
With new vulnerabilities, such as this one, being disclosed all the time, the importance of attack surface management cannot be understated.
Cactus Ransomware Claim to Steal 1.5TB of Schneider Electric Data
The Cactus ransomware group asserts that it successfully pilfered 1.5 terabytes of data from Schneider Electric following a breach of the company's network last month. As evidence of their claims, 25 megabytes of purportedly stolen data were disclosed on the operation's dark web leak site this week. The leaked content includes snapshots displaying passports of various American citizens and scanned documents of non-disclosure agreements.
Saying well-informed about the latest advancements in the industry remains incredibly important in the fight against cybercrime. By staying up to date with relevant news, leaders can make informed decisions, proactively implement security measures, and effectively shield their organisations from cyberattacks. Maintaining a vigilant mindset, embracing best practices, and leveraging cutting-edge technologies are all crucial components in building a secure digital future.