The Week in Breach News: 1/01/25 – 1/07/25
This week: It may be a new year, but cybercriminals are still up to the same old tricks. This week, nation-state threat actors hit the U.S. Treasury and a Russian railcar manufacturer, a malicious insider leaks healthcare data and our new State of the Dark Web 2025 eBook debuts.
The U.S. Department of the Treasury
Exploit: Hacking (Nation-state)
Industry: Government
The U.S. Treasury Department revealed that a Chinese state-sponsored Advanced Persistent Threat (APT) actor breached Treasury workstations in what was officials characterized as a “major incident”. The breach, discovered on December 8, involved hackers exploiting a vulnerability in BeyondTrust’s Remote Support product to steal a key and bypass security, enabling the threat actors to access unclassified documents and workstations. Treasury is working with law enforcement and other federal agencies to evaluate the impact and address the threat.
How It Could Affect Your Customers’ Business: This incident underscores the growing threat posed by state-sponsored cyber actors and highlights vulnerabilities in third-party software supply chains.
Kaseya to the Rescue: Learn to mitigate a company’s risk of damage from often email-based cyberattacks like ransomware in A Comprehensive Guide to Email-based Cyberattacks. GET THE GUIDE>>
Russia – RegionTransService
领英推荐
Exploit:?Hacking (Nation-state)
Industry: Logistics & Transport
Ukraine’s Defence Intelligence (DIU) has reportedly carried out a significant cyberattack on Russian rail freight transportation management company RegionTransService LLC, disabling all of its servers. The attack, executed on January 4, 2025, allegedly crippled the company’s operations, impacting 78 servers and 211 workstations and erasing the company’s backups. RegionTransService is a key facilitator of Russian military logistics.
How it Could Affect Your Customers’ Business:The cyberattack, which wiped out the company’s digital infrastructure, highlights the ongoing use of cyber operations in the conflict between Russia and Ukraine.?
Kaseya to the Rescue: ?Learn about five ways that businesses may be in danger of trouble from the dark web in an infographic that’s also perfect for sharing on social media! DOWNLOAD IT>>
New email deliverability troubleshooting guide for Microsoft Office 365 users
The?Resolving BullPhish ID Email Deliverability Conflicts in Microsoft 365?guide will help you identify and resolve the root causes of the most common email deliverability conflicts for Microsoft 365 users.
Access this new guide in the BullPhish ID Release Notes.?READ IT>>