State of (in)security - Week 30, 2023
Take action: Custom and proprietary cryptography is always a terrible idea. No matter how good you think you are at cryptography math, you are still one person and can make mistakes, or be pressured into designing something that's intentionally less secure. Always use well known and publicly reviewed cryptography.
Learn More
In the week between July 24, 2023, midnight and July 31, 2023, midnight we witnessed a total of:
- 11 advisory/vulnerability events
- 29 incident/data breach events
The trend is worsening, with increas in vulnerability events and incidents compared to the previous week.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 8,911,075 impacted individuals across 7 incidents, with the largest breach being the US govt contractor Maximus impacted by MOVEit vulnerability, expose 8,000,000 individuals incident exposing 8,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| healthcare | 8 |
| education | 5 |
| finance | 5 |
| insurance | 3 |
| entertainment | 2 |
| government | 2 |
| military | 1 |
| energy, oil and gas | 1 |
| legal | 1 |
| consulting | 1 |
Read the Event Details of the Week
Knowledge and Cyber Awareness
- awareness | Maximising profit - Ransomware gang pressuring victims on the public web
- awareness | How (not) to get hacked in MS office - the latest MS Office Phishing and Exploit Campaign
Vulnerabilities
- critical vulnerability | Critical Flaw reported in Metabase Business Intelligence
- critical vulnerability | Zimbra Issues a Patch for the actively exploited XSS Zero-Day Vulnerability
- critical vulnerability | Critical Zero Day vulnerabilities in Atera Windows Installers can facilitate Privilege Escalation Attacks
- critical vulnerability | Apple iOS 16.6, macOS 13.5 and iPadOS 16.6 include patches for two zero-day critical issues
- critical vulnerability | Flaw in WordPress Ninja Forms lets attackers steal WordPress submitted data
- critical vulnerability | Zenbleed critical flaw reported in AMD Ryzen 2 and EPYC CPUs
- critical vulnerability | Critical Vulnerabilities in Microsoft Message Queuing Service (MSMQ)
- critical vulnerability | TETRA radio comms used by emergency services vulnerable to man-in-the-middle attacks
- critical vulnerability | Critical Zero-Day Vulnerability in Ivanti Endpoint Manager Exploited to Attack Norwegian Government
- critical vulnerability | MikroTik Critical admin privilege elevation vulnerability exposing 900,000 devices
- critical vulnerability | Citrix ShareFile RCE Vulnerability Exploited
Incidents
- critical vulnerability | SeniorCare PAC reports data breach caused by Cognisight MOVEit incident
- critical vulnerability | Willis Towers Watson reports Data Breach via Pension Benefits MOVEit incident
- critical vulnerability | Pacific Premier Bank reports MOVEit related Third-Party Data Breach exposing Customers' SSNs
- data breach | Chattanooga Heart Institute reports data breach impacting over 170,000
- data breach | Unprotected 600,000 records from Southern Association of Independent Schools
- data breach | Michigan State University impacted by MOVEit vulnerability data breach
- data breach | Government institutions in Norway hit by cyberattack
- data breach | Fayette County emergency services reporting MOVEit related data breach
- data breach | Franklin Mint Federal Credit Union reports MOVEit related Data Breach impacting 140k Customers
- data breach | PokerStars reports MOVEit vulnerability Data Breach, exposing 110,000 SSNs
- data breach | Corebridge Financial, reports MOVEit related data breach, exposing SSNs
- data breach | Quinn Emanuel Urquhart & Sullivan reports Data Breach
- data breach | American United Life Insurance reports Data Breach exposing customers' SSNs
- data breach | Tacoma Community College staff and students impacted by MOVEit third-party breach
- data breach | Aurora National Life Assurance reports over 48,000 persons exposed in Third-Party Data Breach
- data breach | The Health Plan reports MOVEit related data breach via supplier United Bank
- data breach | Pacific Premier Bancorp reports data breach caused by MOVEit vulnerability
- data breach | Bristol Myers Squibb reports MOVEit related breach of employee SSNs
- data breach | US govt contractor Maximus impacted by MOVEit vulnerability, expose 8,000,000 individuals
- data breach | University of California Davis Health impacted by Data Breach
- data breach | Security researchers detect NATO data breach
- data breach | Bi-Bett Corporation reports Data Breach through hacked Email Account
- data breach | BC3 Impacted by MOVEit Data Breach at Student Clearinghouse
- ransomware | University of West Scotland apparently compromised by Rhysida ransomware gang
- ransomware | Yamaha Canada Music confirms being compromised by ransomware gangs
- ransomware | Website of Israel's largest oil refinery offline, suspected cyber attack
- ransomware | CardioComm heart monitoring services impacted by cyberattack
- ransomware | Wake Family Eye Care reports Ransomware Attack and Data Breach
- ransomware | Asset manager Azimut targeted by BlackCat ransomware group
