Global Cyber Pulse: 6 November, 2024

November 6, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

Singtel identifies malware linked to Chinese hackers, Schneider Electric faces a unique ransomware demand, and Pakistani hackers target Indian entities.

Meanwhile, the FBI seeks public help in tracking Chinese cyber attackers, Google Cloud mandates MFA by 2025, and Italy’s Intesa Sanpaolo faces scrutiny over a data breach.

Stay tuned for more global cyber updates

Singtel Breach Linked to Chinese State Hackers

Singapore’s largest telecom provider, Singtel, confirmed the detection and removal of malware linked to Volt Typhoon, a Chinese state-backed group.

The hack, reportedly part of a larger campaign, serves as a potential precursor to attacks on U.S. telecoms. Authorities across the “Five Eyes” alliance warn of embedded network infiltration, possibly for future disruption.

Schneider Electric Faces Ransomware Demanding $125K…in Baguettes!

French multinational Schneider Electric reports a cyber breach as ransomware group Hellcat demands $125,000 in “baguettes” to avoid leaking sensitive data.

The breach, likely via Schneider’s Atlassian Jira system, has led the energy giant to launch an internal investigation, while services remain unaffected.

Pakistani Hackers Target High-Profile Indian Entities with Custom Malware

Cybersecurity firm Check Point reveals ongoing attacks by Pakistan-linked group APT36, deploying “ElizaRAT” malware against Indian organizations.

The malware, distributed via phishing and cloud services like Telegram, has targeted key Indian entities throughout 2024 in a sustained espionage campaign.

FBI Appeals to Public in Hunt for Chinese Cyberattackers

The FBI is seeking public help in identifying hackers behind a series of global cyber intrusions tied to Chinese state-backed groups. The breaches, exploiting firewall vulnerabilities, reportedly involve malware designed for data exfiltration and cyber espionage, with connections to groups like APT31 and APT41.

Google Cloud to Mandate MFA for All Users by 2025

Google Cloud announces it will enforce multi-factor authentication (MFA) for all users by 2025, aiming to bolster account security.

The rollout will be gradual, with three phases, and enterprises will receive advance guidance to facilitate MFA integration smoothly.

Italy’s Intesa Sanpaolo Criticized Over Data Breach Disclosure

Italy’s data protection authority has admonished Intesa Sanpaolo for downplaying a data breach impacting thousands, including high-profile figures.

Following revelations of unauthorized account access, Intesa has fired the implicated employee and been instructed to inform affected clients promptly.