InfoSecBulletin Cybersecurity for mankind
On September 16, 2024, Globe Pharmaceuticals Ltd., a major pharmaceutical company in Bangladesh, was hit by a ransomware attack detected by the BCSI Threat Intelligence Platform, highlighting ongoing cyber vulnerabilities in established firms.
The Attack Unfolds:
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
Globe Pharmaceuticals experienced a ransomware attack on September 16th, but the method of attack is unclear. Two days later, the new group ValenciaLeaks took credit for the attack, adding Globe to their list of victims without revealing how they gained access.
The Data Leak:
On September 18th, ValenciaLeaks released a 200MB data sample on the dark web site. This data was analyzed and found to include:
Bank Details: Sensitive financial information that may increase the company’s risk exposure..
Official Excel Sheets: Possible sensitive internal data is linked to operations.
Configuration files: Information that could expose the company’s network and increase security risks.
Private Keys: Confidential encryption keys pose a threat to the company’s data security. Internal emails may contain sensitive business information. The leak of this information risks Globe Pharmaceuticals’ financial and operational security and underscores the widespread effects of ransomware attacks.
What This Means:
The attack on Globe Pharmaceuticals shows that cyber threats are changing. Organizations must realize that even if they think their systems are secure, they can still be targeted.
Here are some simple ways companies can stay safe::
Regular Security Audits: Regularly checking security measures can help find and fix weaknesses before they are taken advantage of.
Data Encryption: Encrypting sensitive data ensures that even if stolen, it remains protected.
Employee Training: Train staff to identify phishing and social engineering to prevent breaches.
Incident Response Plan: Having a plan in place enables quick and effective responses to minimize damage.
Backups: Regular backups help companies recover quickly after an attack.
The ValenciaLeaks attack on Globe Pharmaceuticals Ltd. highlights the urgent need for organizations to enhance their cybersecurity. Being proactive and vigilant will help companies better protect their data and reputation in a dangerous digital environment.
