Global Cyber Pulse: 9th September 2024

India’s Cybersecurity Budget
September 9, 2024 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

American car rental company Avis disclosed a data breach, ransomware hit 83% of organizations last year, the “RAMBO” attack exploits electromagnetic radiation from RAM to steal data from air-gapped computers, Ukraine launched a cyberattack on Russian military resources, the FBI targeted a dark web marketplace run by Russian and Kazakh nationals, and North Korean hackers used LinkedIn job scams to deploy malware — stay ahead of the curve by keeping up with these latest global cybersecurity threats and trends.

Avis Data Breach Exposes Customer Information

American car rental company Avis disclosed a data breach after attackers accessed a business application in early August 2024, stealing customers’ personal information. The breach lasted from August 3 to August 6, and the company quickly took action to block access, investigate the breach, and notify authorities. Impacted customers were informed of the breach and potential exposure of their sensitive data.

Ransomware Strikes 83% of Organizations in the Past Year

A staggering 83% of organizations have faced at least one ransomware attack in the past year, with nearly half experiencing multiple attacks, according to Onapsis. Among those affected, 61% reported downtime lasting over 24 hours. While 69% of organizations engaged with threat actors, opinions on ransom payments varied, with 34% always paying, 21% paying occasionally, and 45% never paying.

RAMBO Attack: New Side-Channel Threat to Air-Gapped Systems

The “RAMBO” attack, or “Radiation of Air-gapped Memory Bus for Offense,” exploits electromagnetic radiation from RAM to steal data from air-gapped computers. Even without internet connections, isolated systems used in critical sectors like defense and nuclear energy can be compromised through this method, developed by Israeli researchers who have previously devised similar covert data exfiltration techniques.

North Korean Hackers Use LinkedIn Job Scams to Deploy Malware

North Korean cyber actors are using fake job offers on LinkedIn to deliver “COVERTCATCH” malware to developers. The attacks start with a coding test delivered via a ZIP file containing the malware, which targets macOS systems. The malware then downloads additional payloads to establish persistence and compromise the device, as reported by Mandiant.

FBI Targets Dark Web Marketplace Run by Russian, Kazakh Nationals

Two men, Alex Khodyrev and Pavel Kublitskii, have been indicted in the U.S. for managing the WWH Club dark web marketplace. From 2014 to 2024, they allegedly facilitated the sale of stolen personal and financial data, operating various dark web sites that served as hubs for cybercrime training and transactions.

Ukraine Launches Cyberattack on Russian Military Resources

Ukraine’s Main Directorate of Intelligence (HUR) announced a cyberattack targeting Russian companies involved in the war effort. The operation disrupted resources of companies producing electronic components and military infrastructure, resulting in data destruction, server access, and website defacement, as part of Ukraine’s broader cyber campaign against Russian forces.