State of (in)security - Week 31, 2024
Take action: When you build up a setup, do your level best to test it out in a scenario as close to reality as possible. An assumed configuration without sufficient testing - especially in large and complex systems - can cause a massive problem. That's what caused Azure to go down for hours, because the configuration error amplified the DDoS instead of stopping it.
Learn More
In the week between July 29, 2024, midnight and Aug. 5, 2024, midnight we witnessed a total of:
- 6 advisory/vulnerability events
- 15 incident/data breach events
Week over Week comparison of week 31 2024 vs week 30 2024:
- Advisories and incidents have decreased. Advisories are down from 9 in week 30 to 6 in week 31. Incidents are down from 19 in week 30 to 15 in week 31.
- The number of known impacted individuals has decreased - from just over 9.5 million in week 30 to 2.5 million in week 31.
Total impacted individuals via the events of the week
There were a total of 2,506,825 impacted individuals across 5 incidents, with the largest breach being the India's Ministry of Defence data breached via SQL injection flaw, sold online incident exposing 1,800,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 9 |
| System Misconfiguration Exploits | 2 |
| Human bad security behaviour | 1 |
| Software Vulnerability and SDLC Exploits | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Education | 3 |
| Healthcare | 3 |
| IT/Software/Technology | 3 |
| Finance | 2 |
| Government | 2 |
| Consulting/Professional Services | 1 |
Read the Event Details of the Week
Vulnerabilities
- critical vulnerability | CISA reports actively exploited of vulnerability in Avtech IP Cameras
- critical vulnerability | Cisco reports products vulnerable to "blastRadius" RADIUS protocol flaw
- critical vulnerability | Critical vulnerability in Bitdefender's GravityZone Update Server
- critical vulnerability | Google patches Chrome critical and high severity vulnerabilities
- ransomware | Microsoft warns ransomware groups exploiting VMware ESXi flaw CVE-2024-37085
- critical vulnerability | WhatsApp for Windows does not block execution when opening Python, PHP scripts sent as attachments
Incidents
- data breach | India's Ministry of Defence data breached via SQL injection flaw, sold online
- data breach | Northeast Rehabilitation Hospital reports data breach
- data breach | ERP firm ClickBalance leaks over 750 million records
- data breach | Jeonbuk National University hit by cyberattack, data breach affecting over 300k people
- data breach | Google Ads reporting glitch exposes competitor data
- data breach | Northern Ireland Department of Education leaks data of 400 volunteers
- data breach | Sable International immigration services hit by cyberattack, customers pressured for ransom
- data breach | Coastal Plains MHMR center reports data breach
- denial of service | Microsoft reports that massive 10hr Azure outage caused by DDoS amplified with error in setup
- ransomware | Town of Summerville in South Carolina reports ransomware attack
- ransomware | Zimbabwean ZB Financial Holdings hit by ransomware, data leaked
- ransomware | OneBlood blood bank hit by ransomware attack, disrupts operations
- ransomware | Indian fintech C-Edge hit by ransomware, disrupts 300 small banks
- ransomware | New Jersey City University hit by ransomware, extored for $700k
- ransomware | Northwest Arkansas Community College hit by ransomware cyberattack
