cybersecurity news

SK Telecom Breach, Massive Ransomware Outage, Beware AI Links

ByBrad Slavin
SK Telecom Breach, Massive Ransomware Outage, Beware AI Links
SK Telecom Breach, Massive Ransomware Outage, Beware AI Links
/

Hey people! Welcome to July week 2. Here comes our fresh dose of cyber bulletin that will keep you up-to-date on the latest cyber incidents and will also help you protect yourself from potential cyber scams. This week, we will talk about the SK Telecom breach in South Korea that led to penalties being levied. Next, we will focus on the Ingram Micro widespread outage. Lastly, we will discuss the chances of ChatGPT and Perplexity links being potentially malicious. 

So, let’s not waste any more time and start with the detailed bulletin.

SK Telecom breach leads to penalties and stringent legalities

SK Telecom, a mobile telecommunications service provider in South Korea, has experienced a data breach recently. The government has levied a fine on SK Telecom, as it has “failed to fulfil its obligations” of offering a secure communication system to its users.

data breach

A joint public-private investigation has been conducted against the 42,000 servers of SK Telecom. The investigation revealed that 28 of these servers were compromised by 33 distinct malware strains. As a result, the telecom service provider will now have to pay USD 21,890 (30 Million Won). The fine has been imposed because SK Telecom significantly delayed the reporting process after the breach. Apart from the penalty, the telecom service provider is also required to cater to certain stringent legal requirements. This includes conducting quarterly security assessments, enabling subscribers to cancel out the subscriptions without paying any fine, and offering users a free-of-cost USIM swap service. 

Yoo Sang-im, the Minister of Science and Information and Communication Technology, believes that this data breach at the nation’s largest telecom service provider is a staggering reminder of the vulnerability of the telecom industry and related infrastructures to cyberattacks.

Cyberattacks

Ransomware attack responsible for the massive outage at Ingram Micro

Ingram Micro experienced a ransomware attack on Thursday. The IT distributor has to bring down its website. The attack was planned strategically just before the 4th of July weekend started. Two days later, Ingram informed customers about the ransomware attack. 

Ingram took prompt action to secure the entire system and switched it to offline mode. It also implemented remedial measures. Ingram Micro collaborated with a cybersecurity company to investigate the attack further and also reported the breach to law enforcement agencies. 

As of now, the IT distributor is “working diligently” to restore the disrupted services. They have also sincerely apologized for the inconvenience caused to the vendors as well as customers. 

Cybersecurity

Ingram Micro filed an 8K form with the US Securities and Exchange Commission on Saturday.

The IT distributor has published a dedicated page this Monday to keep all the stakeholders informed about the latest updates around the cyberattack. They also notified that the subscribers can now place orders by email or phone from multiple countries like Germany, France, Italy, Brazil, and so on

As per speculations, the ransomware attack has been carried out by a group called SafePay. But official confirmation has not been made yet. So far, the data from Ingram has not been published on the Dark Web yet. 

DMARC, DKIM, and SPF help prevent phishing and spoofing, offering vital protection against ransomware threats.

ransomware attack

Beware of clicking on the links shared by ChatGPT and Perplexity

If you search for anything and everything on ChatGPT and Perplexity, then you have to see this!

Netcraft has published a report that claims AI tools can actually share malicious links that can redirect you to phishing pages. As per the report, OpenAI GPT-4.1 was asked to share 50 band links. The AI tool could share only 66% correct links. The rest of the links shared were harmful in nature and could have led users to phishing scams.

The report also mentioned about 17 K AI-written Gitbook phishing pages that promote themselves as legitimate support hubs. This may convince the users to trust the malicious links as genuine ones and then fall prey to cyberattacks.

phishing pages

Perplexity has also shared the link to a phishing site, as the researchers asked for the URL to Wells Fargo. Netcraft has observed other malpractices as well, and this is exactly why you should trust the OpenAI CEO. Recently, he said that users must not trust AI tools blindly. 

Sophisticated campaigns are being run by threat actors to “poison” AI coding assistants. Some of the cybercrooks designed a malicious API that impersonates the genuine Solana blockchain. Soon, developers mistakenly included it in their projects. The threat actors thus very cleverly managed to channel all transactions directly to their wallets

All these sophisticated tactics by threat actors are a grim reminder that artificial intelligence is not fail-proof. It is important to use the AI tools responsibly, or you can end up being scammed by a cyberattacker. 

Similar Posts

The DMARC ‘fo’ tag options and their ideal use cases

The DMARC ‘fo’ tag options and their ideal use cases

ByBrad Slavin

There are some optional tags in DMARC, and ‘fo’ is one of them. It stands for ‘failure options.’ The ‘fo’ tag allows domain owners to specify the conditions under which forensic (RUF) reports should be generated for SPF and/or DKIM authentication checks. There are four possible values for this tag: fo=0, fo=1, fo=d, and fo=s….

Email salting attacks: the whats, whys, and hows

ByBrad Slavin

Threat actors always prefer staying a step ahead of the cybersecurity mechanisms. Just when brands and organizations were feeling relieved, a whole new email-based threat attack entered the scene. Known as the email salting attack, it is a clever and sophisticated move by threat actors to bypass email security measures and spam filters. The core…

Phishing Protection: Why Are so Few Using DMARC?

Phishing Protection: Why Are so Few Using DMARC?

ByBrad Slavin

What if there existed a technology that could dramatically lower the chances of your domains being spoofed and used for phishing attacks on recipients. Would you take advantage of it? Probably not, because the technology does exist and almost nobody is using it. And the reasons why are confounding. The technology is called DMARC, which…

Top 8 email security protocols that can shield your brand’s reputation  

ByBrad Slavin

We hate to break it to you, but no matter how much you try, you cannot be invincible against malicious cyberattacks. Cybercriminals realize that email is the backbone of your organization’s communication infrastructure, which is why they leave no chance to exploit vulnerabilities. From phishing attacks to domain spoofing and business email compromise (BEC), threat…

Unlocking the Power of DMARC: Shielding You and Your Customers from Phishing Attacks

Unlocking the Power of DMARC: Shielding You and Your Customers from Phishing Attacks

ByBrad Slavin

Organizations and their customers are always facing the rising threat of phishing attacks. This article looks at DMARC and shares how businesses can leverage DMARC to protect the organization and its customers against phishing. With phishing cases on the rise with new campaigns hitting the digital world every other week, individuals must protect themselves and…

5 key contributors to DMARC’s development

5 key contributors to DMARC’s development

ByBrad Slavin

DMARC was introduced as a critical email authentication protocol in 2012. Its creation was no accident—it was a cohesion of effort by industry visionaries determined to fight phishing and spoofing attacks. This collaboration laid the foundation for a safer email ecosystem, curtailing the growing threats to digital communication.  The specification was published as an Internet…