KIANEWS 
HMD Global today unveiled its latest smartphone, the HMD Fusion, an affordable device whose idea is to change functions and style with a shell. This is how the HMD Fusion will initially be distributed, but additional devices will be available later this year.
Nokia's source code has reportedly been compromised by a third-party breach
05. 11. 2024 Tuesday / By: Robert Denes / The key / Exact time: BST / Print this page
T hreat actor IntelBroker, working with another actor known as EnergyWeaponUser, allegedly obtained Nokia's source code through a third-party contractor, selling sensitive information and critical company tools on dark web forums. This alarming breach, allegedly by a contractor directly involved in Nokia's internal device development, is just the latest in a series of supply chain attacks targeting major tech players.
According to IntelBroker, the scope of the alleged Nokia intrusion covers highly sensitive devices that could open the door to serious security risks. The stolen data is said to consist of:
The attackers even provided a file tree as evidence to establish their credibility with potential buyers on BreachForums, a notorious dark web platform. If confirmed, these details highlight a glaring vulnerability in Nokia's security framework that originates not from Nokia's own systems, but from a third-party contractor involved in internal processes.
Worrying pattern: third-party breaches are becoming the new target. The latest attack on Nokia follows another third-party breach in early 2024. In June, a hacker named "888" leaked the personal and contact information of thousands of Nokia and Microsoft employees on BreachForums.
Like the current breach, this breach was attributed to a vulnerability in a third-party contractor's systems, rather than a direct breach of Nokia or Microsoft's servers.
These events highlight a trend in cybersecurity threats as more threat actors turn their attention to less secure vendors and service providers that interface with large enterprises. This shift puts additional pressure on companies to secure not only their internal systems, but also their vendors, which often serve as entry points for attackers.
The problem of third-party vulnerabilities is not limited to Nokia. Recently, IntelBroker's name has surfaced in connection with other high-profile computer incidents, all of which exploit various third-party connections. Such attacks have proven particularly dangerous because they allow attackers to infiltrate well-protected organizations through their vendors.
One prominent example is IntelBroker's recent attack on IT service provider BornGroup. Using the critical Jenkins vulnerability (CVE-2024-23897), IntelBroker gained access to BornGroup's systems, which in turn led to the exposure of sensitive data from prominent clients including Bank of Ireland, BTEC and Cartier. This breach is a reminder that as digital ecosystems become increasingly interconnected, a compromised vendor can potentially compromise many large enterprises.
CloudSEK's AI-based threat intelligence platform XVigil has marked another IntelBroker claim, this time involving Cisco Systems, further illustrating the breadth of the threat actor's operations. IntelBroker claims to have accessed Cisco's systems on June 10, 2024, and claims to have extracted a large amount of data, including:
Although Cisco's breach is said to be a direct compromise of originates, rather than a third-party vulnerability, nevertheless raises alarm because of the wide reach of Cisco's customer network, which spans the critical infrastructure, finance and government sectors worldwide. If authenticated, this breach could pose a serious risk to the global supply chain that relies on Cisco's hardware and networking solutions.
IntelBroker and collaborators like EnergyWeaponUser represent a shift in cybercrime tactics as actors pool resources and exploit vendor vulnerabilities to broaden the impact of their attacks. These partnerships underscore the trend for isolated threat actors to form networks and use third-party vulnerabilities as shared entry points into otherwise heavily defended organizations.
As these incidents demonstrate, the era of isolated cyber breaches is fading and new attack vectors are emerging in interdependent digital ecosystems. For large enterprises and their customers, the message is clear: cyber security must look beyond corporate walls and encompass the entire supply chain, requiring strict security standards and proactive oversight. Only by addressing these evolving vulnerabilities can companies build a more resilient defense against cyber threats in today's connected world.
Via Link