05-Jul-24: In Security News Today

Cybercriminals Stole Secrets From OpenAI

Cybercriminals successfully extracted sensitive data from OpenAI, exploiting vulnerabilities in the company’s systems. The attack allowed unauthorized access to proprietary information, posing significant security risks. OpenAI clarified that attackers were not able to access the systems housing and building the AI nor were they able to access information about customers or partners.

Over $1bn in Cryptocurrency Lost to Web3 Cyber Incidents in 2024

In the first half of 2024, over $1.1 billion worth of cryptocurrency was lost in 408 on-chain security incidents, with an average cost of $2.9 million per incident. Phishing, private key compromises, and code vulnerabilities were the most common attack vectors, resulting in significant financial losses. Ethereum was the most frequently targeted blockchain, while the overall losses in H1 2024 showed a significant increase compared to the previous year, highlighting the growing threat landscape in Web3 cybersecurity.

Twilio Confirms Data Breach After Cybercriminals Leak 33M Authy User Phone Numbers

Twilio confirmed a data breach where cybercriminals leaked 33 million phone numbers from Authy, Twilio’s two-factor authentication app. The breach involved unauthorized access to an endpoint, exposing account IDs and non-personal data but no sensitive information. Twilio has secured the endpoint and urged users to update their apps and stay vigilant against potential phishing and smishing attacks.

Ethereum Mailing List Breach Exposes 35,000 to Crypto Draining Attack

A threat actor compromised Ethereum’s mailing list provider, sending a phishing email to over 35,000 addresses with a link to a malicious site draining crypto wallets. Ethereum disclosed the incident, stating it had no material impact on users. The attacker was quickly blocked, and Ethereum took steps to prevent future incidents by migrating email services to other providers.

Cloudflare Blames Recent Outage on BGP Hijacking Incident

Cloudflare experienced an outage on its DNS resolver service, 1.1.1.1, due to a BGP hijacking incident and route leak. The incident affected 300 networks in 70 countries, but Cloudflare stated that the impact was minimal in some regions. Cloudflare’s response included engaging with networks involved, disabling peering sessions, and advocating for long-term solutions like RPKI adoption and MANRS principles.

Euro 2024 Becomes Latest Sporting Event to Attract Cyberattacks

Cybercriminals are targeting the Euro 2024 football tournament by selling credentials on underground markets and launching denial-of-service attacks, with geopolitical tensions playing a role. The threat intelligence firm Cyberint warns of the risks posed to fans and their employers due to exposed credentials and potential cyberattacks. As major sporting events like Euro 2024 become high-value targets for cybercriminals and nation-state actors, cybersecurity experts anticipate an increase in DDoS attacks and other malicious activities, with a focus shifting towards the upcoming 2024 Summer Olympics.

Volcano Demon Ransomware Group Calls Its Victims To Extort Money

A new ransomware player named ‘Volcano Demon’ has surfaced, utilizing innovative locker malware and evasion tactics to cover its tracks and complicate forensic investigations. The attacker employs threatening phone calls from ‘No Caller ID’ numbers to negotiate ransoms and clears logs before exploitation, hindering detection efforts. The ransomware, known as LukaLocker, encrypts victim files with the .nba extension and uses double extortion tactics, making it crucial for organizations to implement vigilance measures like multifactor authentication and employee training to prevent compromise.

Credit Union Patelco Struggles to Recover After Ransomware Attack

A ransomware attack has left tens of thousands of Patelco customers without access to their accounts, impacting online banking systems, mobile app services, and call center operations. The credit union is working with cybersecurity experts to restore affected systems, but no estimated time for full recovery has been provided. Smaller organizations are more vulnerable to cyber-extortion attacks, with recovery from ransomware incidents typically taking around 21 to 24 days.

Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.