Chinese Hackers Breach US Broadband Providers, Adobe Commerce e-stores hacked: Your Cybersecurity Roundup
Chinese Hackers Breach US Broadband Providers, Compromising Sensitive Data
A new report reveals that Chinese hackers have infiltrated several US broadband providers, potentially compromising sensitive government communications data. The attack, attributed to the Salt Typhoon group, targeted Verizon, AT&T, and Lumen Technologies.
The hackers gained access to network infrastructure used for court-authorized wiretapping, raising concerns about the security of sensitive information. While the extent of the data breach remains unclear, the incident highlights the ongoing threat posed by Chinese state-sponsored cyberattacks.
The Chinese government has denied any involvement in the attack, claiming the allegations are fabricated. However, US law enforcement agencies have linked previous cyberattacks to Chinese state-backed actors, including the Flax Typhoon group.
Cloudflare Defends Against Record-Breaking DDoS Attack
Cloudflare has successfully mitigated a massive distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps). This record-breaking attack is part of an ongoing campaign targeting multiple industries, including financial services, internet, and telecommunications.
The attackers utilized hyper-volumetric L3/4 DDoS attacks and leveraged compromised devices like ASUS routers to amplify their impact. The campaign has been active since early September, demonstrating the ongoing threat posed by cybercriminals.
Cloudflare’s infrastructure was able to effectively defend against the attack, protecting its customers from disruption. The company emphasized the importance of robust network capacity and advanced security measures to mitigate such attacks.
Adobe Commerce e-stores hacked in CosmicSting Exploitation
A critical vulnerability, known as CosmicSting (CVE-2024-34102), has allowed threat actors to compromise over 4,000 Adobe Commerce and Magento stores. This vulnerability, which allows for arbitrary code execution, has been actively exploited by multiple threat groups since its discovery.
Cybercriminals have used CosmicSting to steal sensitive customer data, including payment information. The vulnerability can also be combined with CVE-2024-2961 to gain further control over compromised systems.
Seven distinct threat groups, including Bobry, Polyovki, Surki, Burunduki, Ondatry, Khomyaki, and Belki, have exploited CosmicSting. These groups have infected thousands of online stores, demonstrating the widespread impact of this vulnerability.
Despite ongoing warnings and patches, many organizations remain vulnerable to CosmicSting attacks. Administrators of Adobe Commerce and Magento e-stores are urged to upgrade their installations as soon as possible to mitigate the risk.
