Global Cyber Pulse 28th Aug, 2024 

August 28, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS 

AMD data allegedly sold on the dark web; U.S. offers $2.5 million for Belarusian hacker; MOVEit breach impacts 500,000 TDECU members; Microsoft 365 Copilot flaw risks user data; South Korea pushes social media to fight digital sex crimes; Park’N Fly breach affects 1 million customers. 

Stay tuned for more global cyber updates. 

AMD Faces Second Data Breach: Internal Communications for Sale 

Criminal groups claim to have breached AMD’s internal communications, offering stolen data on the dark web. In an August 25 post on BreachForums, hackers IntelBroker and EnergyWeaponUser took credit for the break-in, promising compromised communications, including sensitive user credentials and internal case details. This marks the second major data theft involving AMD since June 2024. 

US Offers $2.5 Million for Belarusian Hacker’s Arrest 

The U.S. Department of State is offering a $2.5 million reward for information leading to the capture of Belarusian hacker Volodymyr Kadariya, linked to a notorious malware operation. Known for spreading the Angler Exploit Kit, Kadariya allegedly infected millions of devices, generating millions in illicit revenue. The reward underscores the international hunt for cybercriminals exploiting vulnerable systems. 

Half a Million TDECU Users Affected by MOVEit Data Breach 

The Texas Dow Employees Credit Union (TDECU) disclosed that over 500,000 members had their personal data compromised in a breach involving MOVEit software. Discovered in July 2024, the year-old breach exposed sensitive information, including Social Security numbers and bank details, raising concerns about prolonged data vulnerability. 

Microsoft 365 Copilot Flaw Exposes User Data 

A cybersecurity researcher revealed a vulnerability in Microsoft 365 Copilot, allowing attackers to steal sensitive information. The flaw, detailed in an August 26 blog post, involves advanced techniques like prompt injection and ASCII smuggling, which enable the covert exfiltration of user data. This discovery highlights the ongoing risks in widely-used software platforms. 

South Korea Targets Digital Sex Crimes on Social Media 

South Korean authorities are pressuring Telegram and other social media platforms to help combat the spread of sexually explicit deepfake content. Amid growing public outrage, the government is seeking more active cooperation from these platforms to delete and block harmful materials, as part of broader efforts to address digital sex crimes. 

Park’N Fly Data Breach Affects 1 Million Customers 

Park’N Fly has informed 1 million customers in Canada that their personal and account information was compromised in a data breach. Hackers infiltrated the company’s network using stolen VPN credentials, accessing sensitive customer data in mid-July. The breach was confirmed on August 1, highlighting the vulnerabilities in remote access systems.