State of (in)security - Week 36, 2023
Take action: Leaving legacy unsupported Windows computers running and not patching your Windows and Office apps is the best and most common way to get hacked. It's your own PC, click the update button once per month and take a one hour walk. It's worth it.
Learn More
In the week between Sept. 4, 2023, midnight and Sept. 11, 2023, midnight we witnessed a total of:
- 14 advisory/vulnerability events
- 29 incident/data breach events
We also shared 4 practical knowledge items
Week over Week comparison of week 36 vs week 35 is materially worse:
- More than double the number of advisories, 14 in week 36 up from 6 in week 35. The number of incidents remains at the same level of 29.
- The known impacted individuals from data breaches in week 36 remains at the the level of just above 5 million, similar to the previous week.
Total impacted individuals via the events of the week
There were a total of 5,809,493 impacted individuals across 10 incidents, with the largest breach being the Traderie in-game marketplace reports data breach, possibly exposing millions incident exposing 2,600,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| third party breach | 9 |
| ransomware | 7 |
| social engineering | 1 |
| unpatched software vulnerability | 1 |
| web application exposing too much data | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 6 |
| Government | 5 |
| Education | 3 |
| Entertainment/Leisure | 3 |
| IT/Software/Technology | 3 |
| Travel | 2 |
| Food and Beverage | 1 |
| Finance | 1 |
| Military/Defense | 1 |
| Other | 1 |
| Retail | 1 |
| Defence | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | Microsoft SQL servers under attack, used to deploy FreeWorld ransomware
- active exploit | Google Play fake Telegram app installs spyware
- awareness | Security Prioritization - Microsoft flaws used in three quarters of all exploits
- active attack | Aeronautics firms attacked via Zoho and Fortinet vulnerabilities
Vulnerabilities
- critical vulnerability | Critical Vulnerability in Dover Fueling Solutions MAGLINK LX Console
- critical vulnerability | Vulnerabilities reported in in Open Automation Software Industrial IoT Platform
- critical vulnerability | Apple issues updates for MacOS, iOS and fixes two actively exploited vulnerabilities
- critical vulnerability | Atlas VPN unpatched vulnerability exposes users' real IP address
- critical vulnerability | Cisco BroadWorks reports critical authentication bypass vulnerability
- critical vulnerability | CISA reports vulnerabilities in Phoenix Contact TC ROUTER and TC CLOUD client
- critical vulnerability | Socomec Modulys GP UPS MOD3GP-SY-120K has critical vulnerabilites, won't be patched
- critical vulnerability | Critical remote execution code vulnerabilities in ASUS routers
- critical vulnerability | Critical Vulnerabilities in Softneta MedDream medical imaging software
- exploited vulnerability | Cisco VPN in ASA and FTD unpatched vulnerability exploited in ransomware group attacks
- critical vulnerability | Schweitzer Engineering Labs Software Vulnerabilities expose remote code execution
- critical vulnerability | Google Android Monthly Update patches actively exploited vulnerability
- critical vulnerability | Samsung Releases Patches to critical issues in sync with Google Android
- critical vulnerability | Significant number of Critical Vulnerabilities in Zavio IP Cameras
Incidents
- data breach | Kwantlen Polytechnic University reports third party breach of students data
- data breach | Lifeline Systems Company reports data breach from August 2022
- data breach | Defence Housing Australia reports third-party data breach
- data breach | Wyze camera feed breach - users are seeing other people camera feeds
- data breach | Dymocks Bookstore Chain reports data breach, customer data exposed on dark web
- data breach | Minnesota Department of Employment exposed personal information of job seekers
- data breach | Traderie in-game marketplace reports data breach, possibly exposing millions
- data breach | Janssen’s CarePath platform breached through IBM breach
- data breach | UK Ministry of Defence impacted by data breach after compromise of third party supplier
- data breach | Mebourne based TissuPath Pathology impacted by third party data breach
- data breach | The portal of a ministry of Jharkhand state, India breached and data of 320,000 records exposed
- data breach | Bienville Orthopaedic Specialists reports Data Breach, exposes 240,000 SSNs
- data breach | Sovos Compliance reports MOVEit related data breach
- data breach | Ticket sales platform See Tickets report data breach, exposes payment data
- data breach | Travel booking platform Sabre listed as compromised by Dunghill Leak group
- data breach | Associated Press Stylebook data breach exploited in phishing attack
- data breach | NXP Semiconductors reports Data Breach
- data breach | Just Kids Dental reports data breach, exposing data of 129,000 Patients and Employees
- data breach | Bedford County Fire/Rescue impacted by MOVEit related breach
- data breach | Planet Home Lending reports MOVEit related data breach
- data breach | Calhoun Community College reports MOVEit related data breach, exposes students and employers
- monetary theft | Australian crypto gambling platform Stake hacked, and over $40 Million stolen
- ransomware | Dating platform Coffee Meets Bagel impacted by cyberattack deleting data, suffers significant outage
- ransomware | Hawai'i Health Department resolves website defacement, claims no data exposed
- ransomware | Technology hub Cyberport in Hong Kong reports ransomware incident
- ransomware | Coca-Cola bottler FEMSA attacked by ransomware, data exposed
- ransomware | Chambersburg Area School District impacted by ransomware
- ransomware | Australia Seasons Apartment group data published on the dark web
- ransomware | Sri Lanka state email domain attacked by ransomware, lost 4 months data
