State of (in)security - Week 23, 2024
Take action: Be very careful with info-stealer malware - it steals data from browsers, so never store credentials there. Be very very careful about opening unknown attachments, running programs from external USBs or downloaded from suspicious sources and use up-to-date antivirus software.
Learn More
In the week between June 3, 2024, midnight and June 10, 2024, midnight we witnessed a total of:
- 12 advisory/vulnerability events
- 25 incident/data breach events
Week over Week comparison of week 22 2024 vs week 21 2024:
- Advisories and incidents have increased. Advisories are up from 6 in week 22 to 12 in week 23. Incidents are up from 21 in week 22 to 25 in week 23.
- The number of known impacted individuals has decreased, but still within a scary range - from 563 million in week 22 to over 382 million in week 23.
We also shared 4 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 382,231,770 impacted individuals across 6 incidents, with the largest breach being the Hackers claim Advance Auto Parts data breach through Snowflake incident exposing 380,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Software Vulnerability and SDLC Exploits | 6 |
| Malware, Ransomware and Related Attacks | 3 |
| System Misconfiguration Exploits | 3 |
| Third Party Compromise | 3 |
| Social Engineering and Phishing | 1 |
| Human bad security behaviour | 1 |
| Unauthorized access | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Government | 4 |
| Finance | 4 |
| Construction | 3 |
| Healthcare | 3 |
| Food and Beverage | 2 |
| Non-profit/Charity | 1 |
| Telecommunications | 1 |
| Automotive | 1 |
| Transport/Logistics | 1 |
| Gas/Oil | 1 |
| Insurance | 1 |
| Manufacturing | 1 |
| Media | 1 |
Read the Event Details of the Week
Knowledge
- awareness | A collection of 361 million accounts leaked on Telegram added to HIBP, check now
- active exploit | CISA warns of active exploits of old Oracle WebLogic flaws
- active exploit | CISA warns of active exploit targeting old Apache Flink flaw, patch ASAP
- active attack | Hackers exploit ThinkPHP framework vulnerabilities in active attacks
Vulnerabilities
- critical vulnerability | Apache HugeGraph reports critical flaw, POC exploit code published
- critical vulnerability | Atlassian Confluence patches high severity flaw with published exploit PoC
- critical vulnerability | Baxter Welch Allyn Configuration Tool carries critical vulnerability
- critical vulnerability | CISA reports multiple flaws in Emerson Ovation system
- critical vulnerability | CISA warns of critical issue in Johnson Controls House iStar Pro Door Controller
- critical vulnerability | Flaws in EmailGPT expose users to prompt Injection risk
- critical vulnerability | Google Android June patch fixes a total of 37 flaws
- critical vulnerability | PHP fixes critical vulnerability impacting all Windows PHP versions
- critical vulnerability | Progress Telerik fixes critical auth bypass flaw, PoC published - patch now
- critical vulnerability | Seiko Solutions SkyBridge Routers critical vulnerability exposes them to command injection
- critical vulnerability | Unpatched critical vulnerabilities WZone WooCommerce Amazon Affiliates
- critical vulnerability | Zyxel releases emergency critical patch for end-of-life NAS326 and NAS542 devices
Incidents
- critical vulnerability | Hacker claims breach of Hajj and Pilgrimage Organization, selling alleged data
- critical vulnerability | Cyberattack on German CDU through CheckPoint flaw
- data breach | Hacker claims attack on architecture firm Archi Hives
- data breach | Singapore Absolute Telecom PTE reportedly breached by hackers
- data breach | ALN Medical Management (Health Prime International) reports data breach
- data breach | Loopring blockchain protocol hit by $5 million hack after 'Guardian' MFA service compromised
- data breach | Hacker claims Heineken data breach
- data breach | Peak Design has leaked customer data through unsecured database
- data breach | Hacker claims breach of Australian logistic Victorian Freight Specialists
- data breach | Australian food manufacturer Patties Foods leaks data through exposed Elastic DB
- data breach | Australian mining company Northern Minerals reports attack by BianLian ransomware gang
- data breach | Cisco releases patch for IDOR flaw in Webex that leaks meeting metadata
- data breach | Hackers claim Advance Auto Parts data breach through Snowflake
- data breach | Discovery Insure scammed into exposing customer data
- data breach | Second data breach of Telangana Police in a week
- data breach | Philippine National Privacy Commission reports Robinsons Land real estate data breach
- data breach | CoinGecko reports data breach caused by third party email provider, exposed 23k people
- data breach | Byline Bank reports data breach
- data breach | EFS Advisors reports data breach
- data breach | Philippine National Privacy Commission reports Toyota Motor Philippines breach
- data breach | Adventist Health hit by third party data breach of Signature Performance
- data breach | Source code of New York Times stolen using unsecured GitHub token
- data breach | Telangana State Police App reportedly breached, PII data of users leaked
- ransomware | Multiple London hospitals impacted by ransomware attack on Synnovis
- ransomware | Cactus ransomware gang claims attack on First Priority Restoration
