Global Cyber Pulse: 11 November 2024

November 11, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

A ransomware attack on a key defense unit was revealed in the DoPT report, Newpark Resources faces a ransomware attack but continues operations, the City of Sheboygan deals with a cyberattack leading to a ransom demand, Transparent Tribe and IcePeony target Indian organizations in espionage campaigns, and a malicious PyPI package with 37,000 downloads is found stealing AWS credentials.

Stay tuned for the latest cyber updates.

Ransomware Attack on Key Defense Unit Revealed in DoPT Report

The 2023-24 annual report from India’s Department of Personnel Training (DoPT) has disclosed a ransomware attack on a critical defense unit in 2023, as reported by The Hindu.

The report highlights a series of severe cyber incidents, including a major data breach and DDoS attacks targeting key infrastructure. Details on the defense unit’s location remain undisclosed, though the report underscores the national security implications handled by the Central Bureau of Investigation (CBI).

Cyberattack on City of Sheboygan Leads to Ransom Demand

The City of Sheboygan faces a cyber crisis following unauthorized network access and a ransom demand. The breach prompted immediate action, with officials isolating affected systems and initiating forensic analysis.

City leaders have reassured the public of full cooperation with law enforcement, though the ransom demand remains under negotiation.

Newpark Resources Faces Ransomware Attack but Keeps Operations Running

Texas-based Newpark Resources disclosed a ransomware breach that disrupted access to its information systems.

Despite limitations in reporting and business applications, manufacturing and field operations continued via downtime protocols. The financial impact is under assessment, though Newpark maintains the incident is not expected to have a long-term effect on operations.

South Korea Accuses Pro-Kremlin Hackers of Cyber Attacks Over Ukraine Policy

Following Seoul’s decision to monitor North Korean troops in Ukraine, South Korean government and civilian websites have faced intensified cyberattacks from pro-Russian hacker groups.

Officials confirmed limited service disruptions and have bolstered cybersecurity vigilance as hacktivist threats continue.

Transparent Tribe and IcePeony Target Indian Organizations in Espionage Campaigns

India’s government entities are in the crosshairs of a joint cyber campaign led by Pakistan-based Transparent Tribe and a China-linked group, IcePeony.

Utilizing cloud-based tools for control, these groups employ malware like ElizaRAT and ApoloStealer, as reported by Check Point, with intentions focused on espionage and data theft.

Malicious PyPI Package with 37,000 Downloads Found Stealing AWS Credentials

A deceptive Python package, ‘fabrice,’ was uncovered after stealing Amazon Web Services credentials from developers.

Masquerading as the popular ‘fabric’ package, ‘fabrice’ managed to avoid detection for years, revealing gaps in retroactive scanning measures within software repositories.