Space Bears Ransomware Targets Atos SE in Major Cyberattack
Atos SE, the France-based global leader in cloud computing and cybersecurity services, has confirmed a major cybersecurity breach involving the ransomware group Space Bears. The cybercriminals claim to have compromised Atos’ database, extracting sensitive data by exploiting a known vulnerability. The attack is part of a growing wave of ransomware campaigns that target large corporations for financial extortion.
The attack occurred on December 28, 2024, and led to the deployment of file-encrypting malware that disrupted Atos’ servers. In response, Atos issued a public statement acknowledging the breach and assured that an investigation was underway. While the company has yet to release detailed information about the scope of the breach, it promised to provide updates as the investigation progresses.
The timing of the attack is particularly notable. It occurred just weeks after Atos had announced the completion of its financial restructuring plan, which had been overseen by its creditors. The timing has raised concerns about whether the cyberattack was linked to these internal corporate changes, though there is no official statement connecting the two events at this time.
As a leading player in cybersecurity, Atos’ own infrastructure and its clients’ data were likely a key target for the cybercriminal group. Atos’ response to the breach and its commitment to uncover the full details of the attack will be closely watched by the cybersecurity community and its clients, who rely on the company for cloud and cybersecurity services.
Android’s ‘Find My Device’ Feature Triggers False Alerts
Android users have been facing a frustrating issue with the Find My Device feature, as it has been sending out false alarms for the past two weeks. These notifications are triggered when registered devices are moved, but the alarms are incorrectly set off even when the devices remain in trusted locations, such as within the home.
The issue appears to be most prevalent for households with both Android and Apple iOS devices. Experts speculate that the interference between these two operating systems, coupled with Bluetooth-enabled devices, is behind the false alerts. The problem seems to be exacerbated when Android devices are in close proximity to Apple devices, causing cross-platform interference that triggers unnecessary notifications.
To address the issue, cybersecurity professionals are recommending that Android users activate the whitelisting feature on their devices, that should be activated by default. Whitelisting allows users to specify which devices and locations are trusted, helping to streamline the alert system and reduce the occurrence of false alarms. By restricting alerts to only those situations where there is a genuine risk, whitelisting can help improve the user experience for those affected by the bug.
While the issue has been widespread, Android’s development team has not yet released an official fix. However, users can take steps to mitigate the problem by updating their settings and minimizing the chances of receiving erroneous alerts.
AT&T and Verizon Defend Their Networks Against Cyber Espionage Claims
In response to allegations of being targeted by the Chinese-linked Salt Typhoon cyber espionage campaign, American telecom giants AT&T and Verizon have issued statements confirming that their networks remain secure from any compromise related to the threat. The Salt Typhoon campaign, which has reportedly been active since 2016, is believed to have targeted multiple telecom networks across North America, with particular focus on espionage activities aimed at government officials and sensitive communications.
The controversy surrounding these claims escalated after Anne Neuberger, a White House official, suggested in a public statement that eight North American telecom networks were impacted by the campaign, with AT&T possibly being the ninth target. This revelation raised concerns about the scope and impact of the espionage operation, which allegedly involved the theft of sensitive data, including government communications.
FBI officials later corroborated these concerns, noting that Salt Typhoon may have compromised data related to government officials’ calls and messages. However, both AT&T and Verizon have vigorously denied any breach of their networks, reassuring the public that their security measures are robust and have successfully thwarted any attempts at espionage.
These statements come in the wake of growing scrutiny of foreign cyber activities targeting critical infrastructure in the West. The Salt Typhoon campaign, reportedly linked to Chinese state-sponsored hackers, highlights the ongoing threat posed by cyber espionage, particularly against telecom networks, which are essential for secure communications and data transmission.
AT&T and Verizon’s swift responses have been welcomed by both the telecom industry and government officials, who continue to monitor the situation closely to ensure that such vulnerabilities do not compromise national security. The FBI’s ongoing investigation into the Salt Typhoon campaign is expected to provide further insights into the extent of the threat and the potential targets of these malicious activities.
