Week of May 3rd, 2024
Welcome to Your Cybersecurity Recap: a bite-sized weekly newsletter by cybersecurity enthusiasts, for cybersecurity enthusiasts.
Here are this week’s top takeaways:
Volkswagen Hacked, Over 19,000 Documents Stolen. Here’s What We Can Learn From This Cyber Incident
Volkswagen, one of the world’s leading automotive manufacturers, has fallen victim to a sophisticated hacking operation in a significant cybersecurity breach. Investigations suggest that the cyberattack originated in China, raising concerns over international cyber espionage and its implications for the global electric vehicle (EV) industry.
The cyberattack on Volkswagen was first detected last week. Still, details of the incident have only recently come to light following investigations first published by German broadcaster ZDF’s frontline journalism team and publication Der Spiegel .
Hackers allegedly infiltrated Volkswagen’s computer systems and siphoned gigabytes of sensitive data related to the company’s electric mobility efforts and other core operations. Volkswagen managed to recover files the hackers had sent to their servers and then deleted them. In total, the threat actors are said to have stolen an estimated 19,000 documents.
The documents reportedly list “identified targets”, including:
This attack was likely a ransomware attack. In 2023–and, by extension, this year so far–experts in the field of cybersecurity have seen that:
When it comes to being the target of a cyberattack, it’s not a matter of “if”–it’s a matter of “when.” And in the fight against threat actors, offensive security is power.
领英推荐
London Drugs Stores Remain Closed Post-Cyberattack
All London Drugs stores remained closed across Western Canada on Tuesday morning, two days after the British Columbia-based company announced it was dealing with a "cybersecurity incident."
The retail and pharmacy chain,?which has more than 80 stores across B.C., Alberta, Saskatchewan and?Manitoba, said it closed its stores "out of an abundance of caution" while it employed experts to investigate the incident.?
"Our investigation is currently assessing the extent to which any data has been compromised in the incident.?In the event our investigation determines that personal information was impacted, we will notify affected individuals in accordance with privacy laws," a representative's statement read. The company’s statement goes on to say that its investigation so far shows no evidence that customer databases have been compromised, including for pharmacy patients and its LDExtra members.?
Lastly, the statement notes that the impact of the breach on operations has been significant, and that the restoration process will continue to be rigorous.?The retailer has offered no timeline for when its stores may reopen.?
WordPress Plugin Flaw Exposes 10k+ Websites to Cyberattacks?
A critical vulnerability in the WP Datepicker WordPress plugin was identified, affecting over 10,000 active installations.? This Arbitrary Options Update vulnerability (CVE-2024-3895) has been assigned a CVSS score of 8.8, indicating a high severity level.
This vulnerability could be exploited by authenticated attackers with subscriber-level access and above to update arbitrary options, which can be easily leveraged for privilege escalation.
Such an attack could allow threat actors to create administrator accounts, posing a significant risk to affected websites.
Although WordPress is prone to miscellaneous attacks, there are best practices that can help maintain WordPress security :
If you’re seeking a third-party company to help you secure your WordPress website with a comprehensive web application security penetration test, contact our team here at Packetlabs.