Global Cyber Pulse: Update

Cyber Attack
July 4, 2024 | Cybersecurity

Stay ahead in the dynamic world of cybersecurity.

Here’s your concise guide to the latest trends, threats, and breakthroughs from around the globe:

1. Europol’s Major Crackdown on Cobalt Strike Abuses

Europol and partners dismantle nearly 600 illegal Cobalt Strike servers:

Overview: A concerted effort by Europol and global partners led to the takedown of 593 unlicensed Cobalt Strike servers used for cyberattacks.

Operation MORPHEUS: Conducted over four days starting June 24th, the operation involved agencies from the UK, US, Australia, Canada, Germany, the Netherlands, and Poland.

Impact: Out of 690 flagged IP addresses across 27 countries, 593 were successfully neutralized, disrupting criminal activities.

2. Twilio Authy Endpoint Exploited by Hackers

Unsecured endpoint in Twilio’s Authy app compromised:

Incident: Unidentified attackers exploited an unsecured endpoint in the Authy app, gaining access to users’ cell phone numbers.

Response: Twilio promptly secured the endpoint to prevent further unauthorized access.

Background: Authy, a popular two-factor authentication tool acquired by Twilio in 2015, is critical for enhanced account security.

3. Australia and AWS Forge $2 Billion Cyber Partnership

Australia boosts cybersecurity with AWS partnership:

Investment: The Australian government announces a $2 billion investment over the next decade to enhance cyber capabilities.

Partnership: The Australian Signals Directorate (ASD) and Amazon Web Services (AWS) will establish a Top Secret (TS) Cloud in Australia.

Benefits: The TS Cloud will secure Australia’s most sensitive information, support military operations, and create up to 2,000 local jobs.

4. Thales Study Highlights Cloud Security Challenges in India

Cloud assets are prime targets for cyberattacks in India:

Study Findings: Thales’ 2024 Cloud Security Study reveals that nearly half of Indian organizations consider all their cloud data sensitive.

Breaches: 37% of surveyed Indian firms experienced cloud data breaches, with 14% occurring in the past year.

Global Perspective: The study surveyed 2,961 IT and security professionals across 18 countries and 37 industries.

5. Massive Data Breach Hits Oceanview Life and Annuity

Oceanview and Infosys McCamish Systems disclose data breach:

Scope: The breach affected over 6 million customers’ personal information.

Details: The incident, stemming from a ransomware attack in November 2023, also compromised data for about 57,000 Bank of America clients.

Company Profile: Infosys McCamish Systems provides IT and consulting services, focusing on insurance and financial sectors.

6. FIA’s Email Compromise Leads to Data Breach

FIA (Fédération Internationale de l’Automobile), the auto racing governing body since the 1950s reveals data breach after email phishing attack:

Incident: The FIA reported that phishing attacks led to the unauthorized access of personal data from two compromised email accounts.

Impact: The breach exposed sensitive information, highlighting the ongoing risks of phishing.

Background: The FIA has been the governing body for Formula 1 and other auto racing.