Top news stories this week
- Brake in the system. Cyberattack halts Jaguar Land Rover operations.
- Don't drift. Cloudflare latest company to announce data breach linked to Salesloft Drift attack.
- Good tech in bad hands. Criminals leverage artificial intelligence and incident response tools.
- Big heist. Attack on fintech firm Evertec's subsidiary, Sinqia.
- Make it sew. Failure to patch in Singapore sees surge in malware infections.
- Trouble in the ‘Magic Kingdom’. Disney pays price for poor data management.
1. Cyberattack halts Jaguar Land Rover operations
Jaguar Land Rover (JLR) suffered a cyber attack that forced the company to take critical IT systems offline, disrupting car sales and production. A hacking group that previously targeted Marks and Spencer and other British brands has claimed responsibility. It is unconfirmed whether customer data has been stolen.
So what?
This underscores the need for robust cyber threat intelligence programmes. By understanding the threat landscape, companies can anticipate attacks and make informed decisions on preparation, detection, and response.
[Researcher: Tlhalefo Dikolomela ]
2. Cloudflare latest company to announce data breach linked to Salesloft Drift attack
Cloudflare is the latest company to reveal it has been impacted by the Salesloft Drift breaches, joining other names including Google Workspace, Palo Alto Networks, and Zscaler. Salesloft announced it will shortly take Drift (a marketing software-as-a-service product) temporarily offline due to the widespread supply chain attack.
So what?
Organisations should routinely perform comprehensive assessments and maintain continuous monitoring of their third party relationships and security practices.
[Researcher: Miles Arkwright]
3. Artificial intelligence and incident response tools are used by cyber criminals
Anthropic has discovered that its product was used by threat actors to commit cyber crimes. These activities include writing malicious code, deciding which data to exfiltrate, crafting extortion demands, and getting fraudulent remote jobs at top US companies.
Separately, criminals have been identified using the digital forensics tool Velociraptor to gain foothold into organisations without deploying malware.
So what?
Whilst threat actors are known to adopt legitimate tools to carry out their malicious activities, the use of artificial intelligence and incident response tools signals their tactical evolution and makes these activities harder to detect.
[Researcher: Milda Petraityte]
4. USD 130 million cyber heist on fintech Sinqia’s payment system
Hackers have conducted an attack against Sinqia Pix environment, Brazil's instant payment system. The hackers attempted to steal USD 130 million from HSBC and Artta, using stolen credentials from an IT vendor’s account to get access. Sinqia halted transaction processing on Pix with Evertec announcing that a portion of the stolen funds have been recovered.
SO WHAT?
It is crucial to implement incident response procedures and monitor for unauthorised access. Companies should also consider enforcing strong authentication for vendors to protect against credential theft.
[Researcher: Claire Yin]
5. Failure to patch in Singapore sees surge in malware infections
The latest edition of the annual Singapore Cyber Landscape report revealed a lack of progress in addressing fundamental controls such as patching. This is cited as a major reason behind a 67 percent year-on-year spike in 2024 in systems infected by malware.
So What?
It is important that all stakeholders – not just IT admin – maintain vigilance and discipline in ensuring that fundamental controls and security practices are implemented on a timely basis.
[Researcher: Lester Lim]
6. Disney pays price for poor data management
Media giant Disney has agreed to pay USD 10 million in claims for failing to impose correct tagging on its YouTube channel, leading to unauthorised data collection and targeted advertising, violating the US Children's Online Privacy Protection Act (COPPA).
SO WHAT?
With regulators intensifying their focus on data protection, strong data protection policies and controls have become essential for any Information Security Management efforts, regardless of a company’s size.
[Researcher: Jenny Eysert]
