Global Cyber Pulse: 15 October, 2024

Cyber Attack
October 15, 2024 | Cybersecurity

By Ashwani Mishra, Editor-Technology, 63SATS

This Global Cyber Pulse update showcases the growing sophistication and scale of cyber threats across industries, emphasizing the need for vigilance and proactive security measures.

This latest edition of Global Cyber Pulse highlights the rapidly evolving cyber threat landscape, focusing on new vulnerabilities, scams, and rising malware activity across industries. Here’s a look at the most critical updates.

Stay alert and informed to safeguard your digital assets.

AI-Driven Gmail Scam Exposed: IT Consultant’s Harrowing Experience

A sophisticated Gmail scam has recently surfaced, targeting users with cleverly disguised fake account recovery requests. IT consultant and tech blogger, Sam Mitrovic, shared his unsettling encounter with this AI-driven scam, illustrating how easily unsuspecting users can be deceived.

How the Gmail Scam Operates

The scam begins with an unexpected notification requesting approval for a Gmail account recovery—one the user never initiated. In Sam Mitrovic’s case, the request appeared to come from the United States. After denying it, Mitrovic received a phone call roughly 40 minutes later, displaying a seemingly authentic Google number.

The phone call, central to the scam, featured a polite, professional American voice claiming that there had been suspicious activity on Mitrovic’s Gmail account. The scammer heightened urgency by asking if he had logged in from a foreign country, creating alarm and attempting to manipulate him into believing the story. With a convincing caller ID and a well-rehearsed script, the scammers aimed to take control of his account.

Mitrovic’s story is a cautionary tale of how even tech-savvy individuals can be vulnerable to AI-powered scams, underscoring the importance of vigilance.

Internet Archive Partially Restored After Cyberattack

After being taken offline due to a cyberattack, the Internet Archive has returned in a limited capacity. According to founder Brewster Kahle, the platform is operational in a “provisional, read-only manner” and may require further maintenance, potentially leading to future suspensions.

Currently, users can access the Wayback Machine, which contains over 916 billion web pages. However, capturing new web pages for archival purposes is temporarily unavailable. The team has also restored email services and national library crawlers, strengthening the platform against future attacks.

Open Source Malware Surges by 156% Amid Record Consumption

With the rise in open-source software (OSS) consumption, the cybersecurity landscape is facing increased threats. Sonatype’s 10th Annual State of the Software Supply Chain Report highlights a staggering 156% increase in open-source malware since 2019, with over 704,102 malicious packages identified. Of these, 512,847 have emerged since November 2023.

This year has set a new record for OSS usage, with an estimated 6.6 trillion downloads. JavaScript (npm) accounted for 4.5 trillion of these requests, reflecting 70% growth year-over-year. Meanwhile, Python (PyPI), fueled by the rise of AI and cloud adoption, is expected to reach 530 billion package requests by the end of 2024, up 87%.

K-12 and Higher Education Under Siege by Cybercriminals

Hackers are increasingly targeting educational institutions due to the sensitive data they handle, according to Microsoft’s latest Threat Intelligence Report. The report calls education an “industry of industries,” vulnerable to a wide range of cyberattacks.

From financial records to health data, schools and universities have become prime targets for cybercriminals. These attacks range from malware-driven exploits to nation-state-sponsored espionage, capitalizing on the vast amount of personal information available within the education system.

Cisco Investigates Alleged Breach as Hackers Claim to Sell Stolen Data

Cisco has confirmed that it is investigating claims of a data breach after a threat actor began selling allegedly stolen information on a hacking forum. The actor, known as “IntelBroker,” alongside two accomplices, claimed to have breached Cisco on June 10, 2024, stealing a vast array of sensitive information.

The leaked data reportedly includes GitHub and GitLab projects, source code, API tokens, AWS private buckets, Cisco confidential documents, and more. Cisco is actively investigating the situation, but no further details have been provided at this time.

CERT-In Flags Critical Vulnerabilities in Android and Google Chrome

The Indian Computer Emergency Response Team (CERT-In) has issued two advisories—CIVN-2024-0319 and CIVN-2024-0318—warning users of multiple vulnerabilities in Android and Google Chrome. These vulnerabilities have been classified as “high severity” and could allow hackers to execute arbitrary code, leading to full system compromise.

CERT-In is urging users to take immediate action by updating their systems and software to mitigate the risk of cyberattacks. Millions of devices are potentially at risk, and CERT-In’s advisories stress the importance of maintaining up-to-date security protocols to protect against these vulnerabilities.