Global Cyber Pulse: 27th September, 2024

September 27, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Stay tuned to the latest updates and news from around the globe.

Kia Cars Vulnerable to Remote Control via License Plate Hack

Cybersecurity researchers have revealed critical vulnerabilities in Kia vehicles, allowing hackers to remotely control essential functions using just a license plate. The flaw, which impacted vehicles made after 2013, has been patched. However, during the vulnerability, attackers could access sensitive personal information, including names, addresses, and phone numbers, without needing an active Kia Connect subscription.

China’s Salt Typhoon Hackers Target US Internet Service Providers

A newly discovered state-sponsored hacking group, Salt Typhoon, has been infiltrating US Internet Service Provider (ISP) networks. The advanced persistent threat (APT) is believed to be a Chinese operation, with hackers aiming to steal sensitive data and disrupt US communication infrastructure. According to reports, the Wall Street Journal revealed the infiltration of several cable and broadband providers.

Dell Faces Third Data Breach in a Week as Hacker “grep” Continues Cyberattacks

Dell has experienced its third significant data breach in a week, with the hacker known as “grep” claiming responsibility for exposing internal documents and multi-factor authentication (MFA) data. Despite the ongoing cyberattacks, Dell has yet to formally respond to the breaches.

Microsoft Warns of Ransomware Threats Expanding to Hybrid Cloud Environments

Microsoft has reported an increase in ransomware attacks targeting hybrid cloud environments, led by a cybercriminal group known as Storm-0501. The group, active since 2021, has been leveraging lateral movement from on-premises to cloud infrastructures in the United States, leading to data theft, ransomware deployment, and persistent backdoor access. Key sectors affected include government, law enforcement, and manufacturing.

MC2 Data Breach Exposes Over 100 Million Private Records

MC2 Data, a background check company, left an exposed database containing the private information of over 100 million Americans accessible online. The unprotected database, totaling 2.2TB of data, included personal records from MC2’s associated websites like PrivateRecords.net and PeopleSearchUSA. This follows a similar breach earlier in the year involving another background check firm.

UK Police Investigate Wi-Fi Hack at Train Stations

British police have launched an investigation into a cyberattack at major train stations, where passengers attempting to access Wi-Fi were shown Islamophobic messages.
The incident, managed by Telent, prompted the immediate shutdown of the Wi-Fi network, while the British Transport Police responded swiftly to the reports.