Cyber News

This Week in Cyber: 11th December 2023 – 15th December 2023

In the ever-evolving world of technology, cybersecurity remains a critical concern for organisations, governments, and individuals. With cyber threats constantly on the rise, staying informed about the latest news and developments in the field is essential for maintaining digital safety. In this blog post, we will explore the top cybersecurity news stories from this week, shedding light on significant events, and noteworthy security incidents.

This week’s top stories include news that the UK government fears a ‘catastrophic ransomware attack’, the resurgence of log4j, and a further breach within the Toyota corporation.

UK at high risk of ‘catastrophic ransomware attack’, report says

The UK government has expressed fear around the significant threat of a ‘catastrophic ransomware attack’. Concern has been expressed that such an attack may have the capability to paralyse the nation due to inadequate planning and insufficient investment, according to a parliamentary committee. In a strongly worded report, the joint committee on the national security strategy highlights the looming risk of a severe cyber assault on the country's critical national infrastructure (CNI). The National Cyber Security Centre (NCSC) defines CNI as vital national assets crucial for societal operations, encompassing energy supply, water supply, transportation, health, and telecommunications.

When it comes to CNI, many organisations are unaware of the extent of how many devices are connected to any given network at any given time. Asset discovery and attack surface management continues to be an essential for organisations of all sizes and across all industries.


Ukraine mobile network hit by 'cyberattack'

Ukraine's primary mobile network, Kyivstar, reports being subjected to a "significant hacker attack," resulting in customers experiencing disruptions in phone and internet services. Kyivstar's CEO hinted at potential Russian involvement in the incident. President Oleksandr Komarov of Kyivstar revealed that hackers successfully penetrated the company's infrastructure by exploiting an internal employee account, thereby breaching the company's security measures. Ukrainian security services are actively investigating the matter, while Moscow has refrained from providing any comments.

When it comes to mitigating the risk of hacks via an internal employee account, it’s critical for business leaders to manage the access of all privileged and admin user. Tools, like Privileged Access Guard, can control access to critical systems, in real time.

Lazarus hackers drop new RAT malware using 2-year-old Log4j bug

It has been reported that the infamous North Korean hacking group, Lazarus, continues to leverage CVE-2021-44228, also known as "Log4Shell," to introduce three novel malware strains coded in DLang. Among these are two remote access trojans (RATs) identified as NineRAT and DLRAT, along with a malware downloader named BottomLoader. The utilisation of the D programming language is an uncommon choice in cybercrime activities, likely selected by Lazarus to enhance evasion of detection measures.

Toyota warns customers of data breach exposing personal, financial information

Toyota Financial Services (TFS) has issued a cautionary notice to its customers, revealing that it has fallen victim to a data breach. The company discloses that the attack resulted in the exposure of sensitive personal and financial information. TFS, a subsidiary of Toyota Motor Corporation, operates globally, extending its services to 90% of the markets where Toyota vehicles are sold, offering auto financing solutions to its diverse customer base. This is also not the first-time companies across the Toyota corporation have been breached.

Generally, any organisation is a viable target for hackers, no matter the size. For more information on how to protect organisations of all sizes from attacks, visit our blog.

Supply chain attack targeting Ledger crypto wallet leaves users hacked

A group of hackers has successfully compromised the code underpinning a cryptocurrency protocol employed by various web3 applications and services, as reported by Ledger, a prominent company in the crypto industry. In an announcement on the social media platform X (formerly Twitter), Ledger disclosed that an unauthorised party had disseminated a "malicious version" of its Ledger Connect Kit. This library serves as an essential component for decentralised applications (dApps) developed by external entities, enabling them to connect to the Ledger wallet service. Ledger is known for producing widely used cryptocurrency hardware and software wallets, among other products.

In today's ever-changing cyber landscape, staying well-informed about the latest advancements in the industry remains incredibly important. By staying up to date with relevant news, leaders can make informed decisions, proactively implement security measures, and effectively shield their organisations from cyberattacks. Maintaining a vigilant mindset, embracing best practices, and leveraging cutting-edge technologies are all crucial components in building a secure digital future. Let's embrace these principles to safeguard our digital assets and pave the way for a safer tomorrow.