Global Cyber Pulse: 12th Aug, 2024

August 12, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Dive into the latest in cybersecurity with our concise guide:

Daily disruptions plague hundreds of flights due to a sharp rise in GPS spoofing incidents. Meanwhile, a security breach at a Netflix production partner leaks upcoming seasons of popular series online. In response to significant data breaches, Cash App is offering $2,500 to affected users, while the notorious Hunters International unleashes the SharpRhino malware in a recent cyber attack.

Stay informed on the dynamic and ever-evolving threats and breakthroughs in the world of cybersecurity.

Netflix Faces Major Leak Scandal as Unreleased Episodes Hit the Internet

In a significant security breach, unreleased episodes from popular Netflix shows were leaked online this week. The leak, attributed to a compromise at one of Netflix’s post-production partners, included episodes from several titles including the highly anticipated “Arcane Season 2.” The breach was confirmed by Netflix in a statement last Friday, emphasizing their efforts to remove the leaked content from the internet.

According to reports, alongside “Arcane,” shows like “Dandadan,” “Ranma ½,” and “Terminator Zero” also faced early exposure, stirring controversy and disappointment ahead of their official release dates.

Developers Targeted by Malicious PyPI Package Mimicking Solana

Cybersecurity experts recently identified a malicious package on the Python Package Index (PyPI) posing as a tool from the Solana blockchain platform, designed to siphon sensitive data from unsuspecting developers. The fraudulent “solana-py” package, which mimicked the legitimate Solana Python API, attracted over a thousand downloads before its removal, highlighting the vulnerabilities in software supply chains.

The deception not only caused direct harm but also risked further breaches by being referenced in legitimate libraries, increasing the potential for widespread developer compromises.

Massive Data Breach Exposes 2.7 Billion U.S. Records

In a staggering security lapse, nearly 2.7 billion personal records of U.S. residents were leaked on a hacking forum, including sensitive details such as social security numbers, physical addresses, and possible aliases.

The leaked information, allegedly sourced from National Public Data—a company known for providing personal data for background checks and other investigatory purposes—is thought to have been scraped from public databases. This breach raises severe concerns about privacy and the security measures in place to protect such extensive datasets.

Cash App Settles for $15 Million Over Data Breach Claims

Cash App has agreed to a $15 million settlement in response to a class-action lawsuit accusing the platform of failing to prevent unauthorized access and mishandling subsequent customer complaints.

Eligible users impacted by the data breaches, including a significant incident in December 2021 that compromised personal identifiable information of 8.2 million users, have until November 18 to claim $2,500 each. This lawsuit highlights ongoing challenges in digital payment security and consumer protection.

GPS Spoofing Threatens Airline Safety, Hackers Now Can ‘Hack Time’

The aviation world is grappling with a 400% surge in GPS spoofing attacks, with about 900 commercial flights affected daily, according to OPSGROUP.

These disruptions, often concentrated around conflict zones, involve sophisticated methods that can even manipulate time signals, posing unprecedented risks to airline safety and navigation integrity. This evolving threat underscores the growing sophistication of cyber-attacks in critical infrastructure sectors.

New SharpRhino Malware Targets Through Typo-Squatting

The Quorum Cyber Incident Response team has identified a menacing new malware, SharpRhino, believed to be engineered by the criminal group Hunters International. Distributed via a typo-squatting domain resembling ‘Angry IP Scanner,’ this malware can take extensive control over infected systems.

With significant code similarities to the Hive ransomware, SharpRhino poses a formidable threat by installing trojans and demanding ransomware payments, signaling an escalation in the capabilities of cybercriminal syndicates.