Global Cyber Flash: 27th Aug, 2024  

Cyber Attack
August 27, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS 

Uber faces a $324 million fine for a European data breach, while the NSA releases a guide to counter advanced cyber threats using event logging. Additionally, 31% of global organizations reported SaaS data breaches in 2023, Patelco Credit Union notifies 726,000 customers of a ransomware attack, and the American Radio Relay League paid a $1 million ransom following a cyberattack.  

Stay informed with our concise guide as we navigate the complex and evolving landscape of cybersecurity. 

Uber Hit with $324 Million Fine for European Data Breach 

The Dutch Data Protection Authority (DPA) has fined Uber 290 million euros ($324 million) for improperly transferring personal data of European taxi drivers to the US. 

The Dutch regulator determined that Uber failed to safeguard the data adequately, violating GDPR regulations. 

Uber has since ended the violation, but the breach represents a significant infraction under European data protection laws. 

NSA Releases Guide to Combat Advanced Threats Using Event Logging Best Practices 

To counteract living off the land (LOTL) techniques, the NSA has published a comprehensive guide on event logging and threat detection. 

The guide addresses best practices for securing cloud services, enterprise networks, mobile devices, and operational technology (OT) networks. 

Advanced persistent threat actors (APTs) are increasingly using LOTL techniques to avoid detection, making these guidelines essential for IT and OT decision-makers, network administrators, and critical infrastructure providers. 

The cybersecurity information sheet was developed in collaboration with international partners including the Australian Cybersecurity Centre, the Canadian Centre for Cyber Security, and the UK’s National Cyber Security Centre. 

31% of Global Organizations Experienced SaaS Data Breach in 2023, Report Finds 

Nearly a third (31%) of global organizations suffered a data breach in their SaaS applications last year, according to AppOmni’s State of SaaS Security 2024 Report. 

The report, based on a survey of 644 enterprises across six countries, highlights a 5% increase in breaches, driven by challenges in gaining visibility and control over cloud environments. 

Organizations are increasingly struggling to secure their SaaS environments, leading to a rise in data breaches. 

Patelco Credit Union Notifies 726,000 Customers of Ransomware Breach 

Patelco Credit Union has alerted 726,000 customers about a data breach caused by a RansomHub ransomware attack earlier this year. 

The RansomHub gang claimed responsibility for the attack and published the stolen data on their extortion portal in August 2024. 

Patelco, a major American credit union, provides a range of financial services and holds assets exceeding $9 billion. 

American Radio Relay League Pays $1 Million Ransom After Cyberattack 

The American Radio Relay League (ARRL) disclosed that it paid a $1 million ransom following a May 2024 ransomware attack. 

The attack, which encrypted multiple systems within ARRL’s network, was a highly coordinated act of organized crime. 

The ransomware group compromised both on-site and cloud-based systems weeks before deploying the ransomware, using information purchased on the dark web. 

Stealthy CAPTCHA-Solving Service ‘Greasy Opal’ Uncovered in Cyberattacks 

Arkose Cyber Threat Intelligence Research (ACTIR) has uncovered a long-standing group, dubbed ‘Greasy Opal,’ that has been providing CAPTCHA-solving services to cyber-attackers since 2009. 

Based in the Czech Republic, Greasy Opal offers products and solutions to multiple customers, including cyber threat actors, enabling them to bypass security measures. 

The group’s tools were identified while investigating attacks on Arkose Labs’ customers, revealing a decade-long operation that had previously flown under the radar.