Cyber Research Highlights for the Week of May 20th

This week’s cyber research reveals significant discoveries and incidents in the cybersecurity realm as of 20th May.
**Top Attacks and Breaches**:
– A data breach exposed 500GB of sensitive biometric data from Indian police, military personnel, and public workers, raising concerns over election security.
– Western Sydney University reported a data breach compromising student personal information, detected during routine security reviews.
– Albany County in New York is investigating a cybersecurity incident detected before Memorial Day, with no data exfiltration evidence found so far.
– Gala Games suffered a $22 million loss due to a cryptocurrency theft, highlighting the minting and selling of unauthorized GALA coins.
– PC Tattletale, a spyware application, experienced a security breach, resulting in website defacement and data leaks.
– OmniVision Technologies disclosed a data breach following a ransomware attack by the Cactus Ransomware group, warning of sensitive data exposure.
– An Indian national pleaded guilty to wire fraud conspiracy for stealing over $37 million via a spoofed Coinbase Pro website.
– Cencora, a key pharmaceutical provider, confirmed a significant breach, exposing sensitive patient information from 11 major drug companies.
**Vulnerabilities and Patches**:
– Google patched an actively exploited Chrome zero-day vulnerability, CVE-2024-5274, related to the V8 JavaScript engine.
– GitLab addressed critical vulnerabilities that could lead to account takeovers, including an OAuth authentication flaw with Bitbucket.
– Veeam disclosed a critical vulnerability, CVE-2024-29849, allowing unauthenticated logins to Veeam Backup Enterprise Manager.
**Threat Intelligence Reports**:
– Check Point Research uncovered a cyber espionage campaign by Chinese threat actor Sharp Dragon targeting governmental organizations in Africa and the Caribbean.
– The activities of Void Manticore, an Iranian threat actor, were revealed, showing involvement in destructive attacks and influence operations targeting various countries.
– The emergence of Embargo ransomware, developed in Rust and employing double extortion tactics, marks a shift towards more sophisticated ransomware.
– A new threat actor, Unfading Sea Haze, has been identified, targeting entities in the South China Sea for geopolitical intelligence, aligning with Chinese interests.
These developments underscore the evolving and dynamic nature of cyber threats, emphasizing the importance of vigilance and timely security measures in the digital domain.