Global Cyber Pulse: July 30, 2024

July 30, 2024 | Cybersecurity
By Ashwani  Mishra, Editor-Technology, 63SATS

From the overwhelming dominance of Russian ransomware gangs,  to the doxing of Israeli athletes’ sensitive data ahead of the Paris Olympics, the cyber landscape is fraught with peril.

NIST’s growing backlog of vulnerabilities could surge to 30,000 by 2025, while AI code tools are rampant despite organizational bans. Proofpoint’s email flaw has been exploited in a massive phishing campaign, and pro-Ukrainian hackers have targeted a Russian cyber firm. Meanwhile, the Reserve Bank of India warns of cybersecurity risks amid digitization, emphasizing threats to financial stability.

Stay ahead in the dynamic world of cybersecurity.

Here’s an update on the latest trends, threats, and breakthroughs from around the globe:

Russian Ransomware Gangs Dominate with 69% of Ransom Proceeds

Russian ransomware groups account for 69% of all ransom proceeds, showcasing their dominance in the cybercriminal landscape.

Israeli Athletes’ Data Leaked Ahead of Paris Olympics

Sensitive data of Israeli athletes participating in the Paris Olympic Games was published on Telegram in a doxing attack. The leaked information includes blood test results and login credentials, prompting France’s Anti-Cybercrime Office (OFAC) to intervene. The hacking group “Zeus” is allegedly responsible, having also leaked the military status of the athletes.

National Vulnerability Backlog Could Reach 30,000 by 2025

A backlog of unanalyzed vulnerabilities at the National Institute of Standards and Technology (NIST) could balloon to 30,000 by 2025 unless processing speeds increase significantly. The National Vulnerability Database receives over 100 new security flaw reports daily, while NIST currently processes around 30 per day, leading to a backlog of over 16,000 vulnerabilities.

AI Code Tools Rampant Despite Organizational Bans

A Checkmarx report reveals that despite 15% of organizations banning AI tools for code generation, 99% acknowledge their use. Only 29% of organizations have established governance for generative AI, highlighting significant security concerns.

Proofpoint Email Flaw Exploited in Massive Phishing Campaign

An unknown threat actor exploited an email routing flaw in Proofpoint’s defenses to send millions of spoofed phishing emails from official relays of companies like Best Buy, IBM, and Nike. Dubbed EchoSpoofing, the campaign peaked at 14 million emails per day before Proofpoint began countermeasures.

Pro-Ukrainian Hackers Target Russian Cyber Firm

The pro-Ukrainian hacker group Cyber Anarchy Squad claimed responsibility for hacking Russian information security firm Avanpost. They encrypted over 400 virtual machines, destroyed 60 terabytes of data, and leaked 390 gigabytes of information.

RBI Warns of Cybersecurity Risks Amid Digitization Surge

The Reserve Bank of India (RBI) has issued a warning about increased cybersecurity and fraud risks due to rapid digitization. While acknowledging benefits like innovation and reduced costs, the RBI emphasizes the potential threats to financial stability.