State of (in)security - Week 34, 2024
Take action: Cloud services have a lot of vulnerabilities - while you can't really fix them on your end, you need to be aware and track your cloud providers for issues and evaluate how good they are at remediation.
Learn More
In the week between Aug. 19, 2024, midnight and Aug. 26, 2024, midnight we witnessed a total of:
- 14 advisory/vulnerability events
- 21 incident/data breach events
Week over Week comparison of week 34 2024 vs week 33 2024:
- Advisories and incidents have increased. Advisories are up from 13 in week 33 to 14 in week 34. Incidents are up from 15 in week 33 to 21 in week 34.
- The number of known impacted individuals has decresed - From 16.5 million in week 33 to just over 800,000 in week 34.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 803,446 impacted individuals across 7 incidents, with the largest breach being the American Clinical Solutions reports data breach, exposing 300k people incident exposing 300,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 6 |
| Unauthorized access | 2 |
| Human bad security behaviour | 1 |
| System Misconfiguration Exploits | 1 |
| Third Party Compromise | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 5 |
| IT/Software/Technology | 4 |
| Consulting/Professional Services | 2 |
| Finance | 2 |
| Government | 1 |
| Telecommunications | 1 |
| Automotive | 1 |
| Transport/Logistics | 1 |
| Construction | 1 |
| Entertainment/Leisure | 1 |
| Gas/Oil | 1 |
Read the Event Details of the Week
Knowledge
- active attack | SolarWinds Web Help Desk bug being actively attacked
Vulnerabilities
- critical vulnerability | Apache DolphinScheduler fixes critical vulnerability that enables remote code execution
- ransomware | CISA warns of active exploitation of Jenkins RCE flaw in ransomware attacks
- critical vulnerability | Cisco Talos report vulnerabilities in Microsoft Apps for macOS enabling library injection attack
- critical vulnerability | Critical flaw reported in OpenBMC is an open-source server management firmware
- critical vulnerability | Critical vulnerability in LiteSpeed Cache WordPress plugin patched, update ASAP
- critical vulnerability | F5 Patches multiple high severity flaws in BIG-IP and NGINX Plus
- critical vulnerability | GitHub patches multple flaws in it's Enterprise Server, including a critical auth bypass flaw
- critical vulnerability | GiveWP donation plugin fixes critical flaw
- critical vulnerability | Google patches another actively exploited flaw in Chrome
- critical vulnerability | Microsoft patches flaw in Copilot Studio enabling leak of sensitive information
- critical vulnerability | Microsoft pushes emergency update for Edge fixing Chromium actively exploited flaw
- critical vulnerability | Progress software patches three critical SQL injection flaws in WhatsUp Gold
- critical vulnerability | SolarWinds fixes second critical flaw in Web Help Desk in a week
- critical vulnerability | Traccar 5 open-source GPS tracking system fixes two flaws, one critical
Incidents
- data breach | Summit National Bank reports data breach
- data breach | Oregon Zoo reports data breach exposing 100k online ticket purchasers
- data breach | The New Jewish Home aka Jewish Home Lifecare reports data breach impacting 100k
- data breach | FlightAware reports leaking user data for years because of configuration error
- data breach | American Clinical Solutions reports data breach, exposing 300k people
- data breach | Pocahontas Medical Clinic reports cyberattack, data breach
- data breach | Chinese General Hospital in the Philippines Chinese hit by data breach
- data breach | CannonDesign reports ransomware attack, data breach
- data breach | Arden Claims Service reports data breach, exposing 139k
- data breach | Second data broker platform affiliated to National Public Data leaks admin credentials
- data breach | Polygon Discord server hacked, scammers posted for 3 hrs and stole $150k in crypto
- data breach | Carespring Healthcare Management reports data breach exposing 77k patients
- data breach | Toyota confirms data breach as stolen data is published on hacking forum
- data breach | Iranian hacker group claims breach of Israeli Knesset website
- data breach | Cloud telephony platform Exotel reports data breach
- data breach | VeriSource Services reports data breach impacting 55k individuals
- ransomware | Chipmaker Microchip Technology reports cyberattack impacting operations
- ransomware | Beng Kuang Marine engineering firm reports ransomware incident at third party vendor
- ransomware | Unicoin reports compromise of their G-Suite account
- ransomware | Bloom Hearing hit by ransomware, exposes sensitive data of patients
- ransomware | Halliburton hit by cyberattack, impacting operations
