State of (in)security - Week 31, 2023
Take action: When you are presented with a vulnerability, take time to learn more about the different perspectives of the risk finding. No matter which side of the table you are on - the researcher who discovered an issue or the vendor making the product, make a reasonable discussion and if needed argumented pushback to get to the proper risk perspective. Just never ever ignore a vulnerability for 7 years and then rush to patch it in the most heavy-handed approach you can think of.
Learn More
In the week between July 31, 2023, midnight and Aug. 7, 2023, midnight we witnessed a total of:
- 9 advisory/vulnerability events
- 26 incident/data breach events
We also shared 4 practical knowledge items.
Total impacted individuals via the events of the week
There were a total of 3,432,342 impacted individuals across 7 incidents, with the largest breach being the Oregon Health Plan impacted by MOVEit related breach, exposing 1.7 million customers incident exposing 1,700,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 7 |
| finance | 4 |
| education | 4 |
| Insurance | 2 |
| government | 1 |
| manufacturing | 1 |
| retail | 1 |
| Consulting/Professional Services | 1 |
| Travel | 1 |
| Entertainment/Leisure | 1 |
| FinTech | 1 |
Read the Event Details of the Week
Knowledge
- awareness | AWS Security design review - Risk of AWS SSM Agent use as Remote Access Trojan
- awareness | CyFox vs Stremio - a primer in risk perception and discussion on vulnerability findings
- awareness | Everyone should do better than Veritas who's fixing seven year old vulnerability by deleting the program
- awareness | Attack Methods on Air-Gapped or Network-Isolated ICS Systems
Vulnerabilities
- critical vulnerability | Critical vulnerability reported in Milesight UR32L industrial routers
- critical vulnerability | Critical vulnerability in APSystems Altenergy Power Control
- data breach | Malware Actively Planted on Vulnerable Barracuda email gateways
- critical vulnerability | Minecraft servers full of mods vulnerable to critical Bleeding Pipe exploit
- critical vulnerability | Curve Finance Exploited via Vyper language vulnerability can cascade accross DeFi Industry
- critical vulnerability | PaperCut Critical Vulnerability exposing Path Traversal/File Upload RCE
- critical vulnerability | Ivanti reports another critical vulnerability in Endpoint Manager Mobile
- critical vulnerability | BeyondTrust reports critical vulnerability in it's appliances
- critical vulnerability | Hundreds of Canon Inkjet Printer Models Can Leak Wi-Fi Connection Config
Incidents
- critical vulnerability | T. Rowe Price Retirement Plan Services reports Customers impacted by MOVEit breach
- data breach | Hot Topic chain reports credential-stuffing attacks
- data breach | British Columbia healthcare data breach, exposing up to 240,000 individuals
- data breach | Voyager investigates data breach during bankruptcy payout
- data breach | Aristocrat reports MOVEit related data breach
- data breach | Unum Group reports data breach related to MOVEit vulnerability
- data breach | Mondee data leak of sensitive customer data via exposed database
- data breach | Data breach of IIIT Delhi's informatics platform exposes healthcare data
- data breach | IU Health reports MOVEit related third party data breach
- data breach | MW Components reports ransomware and Data Breach
- data breach | US Government Supplier Serco reports MOVEit related data breach
- data breach | Aven Financial reports Data Breach, Impacting customers' Social Security Numbers
- data breach | Hospitals in Alabama part of Community Health Systems possibly impacted by the Fortra data breach
- data breach | Capitol Federal customers impacted by MoveIT related data breach
- data breach | Oregon Health Plan impacted by MOVEit related breach, exposing 1.7 million customers
- data breach | Flagstar Bank reports notice of 2021 Data Breach, impacting 1.4 Million
- data breach | University of Guelph students informed of data breach 5 months after events
- data breach | Allegheny County, Pennsylvania reports MOVEit related Data Breach
- data breach | Synergy Healthcare Services reports Data Breach exposing 58k individuals
- data breach | Criminals to auction off DNA records stolen in data breach of McAlester Regional Health Center
- data breach | VALIC Retirement Service reports MOVEit vulnerability related Data Breach
- ransomware | Mendocino County Office of Education reports suspected Ransomware or data breach
- ransomware | Group 1001 Subsidiaries report Data Breach after Ransomware Attack
- ransomware | St. Landry Parish school impacted by ransomware
- ransomware | Multiple Prospect Medical Holdings hospitals incapacitated by ransomware
- ransomware | Colorado Department of Higher Education reports massive data breach
