CTI Weekly: Ethical hackers take over ESA satellite, paperCut vulnerability exploited for data theft, Indian insurance regulator potential breach, LockBit targets Indian loans provider and more

Key Issue:

US Ethical hackers seize control over European Space Agency satellite, marking space as a new cyber target.

Researchers conducted the first ethical hacking exercise on a European Space Agency satellite, seizing control of the nanosatellite OPS-SAT using vulnerabilities to compromise access rights. They could then modify satellite data without detection, exposing the risks of real-world cyber campaigns on civilian space systems. This demonstration highlights the need for space security as a critical infrastructure sector. Recent leaks of US intelligence warn of China’s development of similar capabilities to hijack enemy satellites for communication, weapons systems, and data interception.

Other news:

Cybercriminal

The Clop and LockBit ransomware groups exploited vulnerabilities in PaperCut printing management software to steal corporate data from servers. Meanwhile, the Bumblebee malware is being distributed through fake installers promoted on Google ads and used to deploy additional payloads on compromised devices.

Financial Services

Insiders at the Indian Insurance regulator reported a potential data breach affecting multinational insurance companies in the Indian market. LockBit ransomware targeted a major Indian loans provider in a double extortion operation, reflecting a trend of cybercriminals targeting the Indian financial services sector.

Novel Techniques

Researchers have found a new method using Role-Based Access Control to create persistent backdoors in Kubernetes clusters, allowing hackers to use the resources for Monero crypto-mining.

Hacktivism

Anonymous Sudan claims successful DDoS operations against Israeli entities in retaliation for attempts made to mediate the conflict in Sudan.

Subscribe below for more and to discover other significant cyber criminals, nation-state and hacktivist news.