State of (in)security - Week 37, 2024
Take action: If you have delaying patching Windows, start patching now. Multiple actively hacked components in Windows is enough of a reason to start updating your computers. Prioritize patching on your Windows OS, then Office and Sharepoint and finally Azure Stack Hub/Web apps.
Learn More
In the week between Sept. 9, 2024, midnight and Sept. 16, 2024, midnight we witnessed a total of:
- 13 advisory/vulnerability events
- 26 incident/data breach events
Week over Week comparison of week 37 2024 vs week 36 2024:
- Advisories remain the same, incidents have increased. Advisories are keeping at 13 both in week 36 and week 37. Incidents are up from 19 in week 36 to 26 in week 37.
- The number of known impacted individuals has decreased but is still huge - From 393 million in week 36 to over 114 million in week 37.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 114,663,155 impacted individuals across 8 incidents, with the largest breach being the Turkish citizen data of 108M exposed, government asks for help from Google incident exposing 108,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 7 |
| Unauthorized access | 5 |
| Software Vulnerability and SDLC Exploits | 3 |
| System Misconfiguration Exploits | 2 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 7 |
| Government | 4 |
| Finance | 3 |
| IT/Software/Technology | 2 |
| Hospitality/Events | 1 |
| Insurance | 1 |
| Manufacturing | 1 |
| Non-profit/Charity | 1 |
| Retail | 1 |
| Construction | 1 |
| Transport/Logistics | 1 |
| Consulting/Professional Services | 1 |
| Education | 1 |
| Entertainment/Leisure | 1 |
Read the Event Details of the Week
Knowledge
- active attack | Active exploitation of WhatsUp Gold vulnerabilities
- active exploit | Microsoft confirms active exploitation of CVE-2024-43461, don't delay patching
Vulnerabilities
- critical vulnerability | Adobe releases september 2024 patches for flaws in multiple products, including critical
- critical vulnerability | CISA reports critical security vulnerabilities in Viessmann Vitogate 300
- critical vulnerability | Elastic reports critical vulnerabilities in Kibana, releases patch
- critical vulnerability | FreeBSD reports critical vulnerability in the kernel
- critical vulnerability | GitLab releases patches to multiple flaws, including critical - patch ASAP
- critical vulnerability | IBM reports flaws in webMethods Integration Server, one critical
- critical vulnerability | Ivanti releases patches for Endpoint Manager fixing multiple critical flaws
- critical vulnerability | Ivanti reports active exploitation of vulnerability in Cloud Services Appliance
- critical vulnerability | Microsoft releases September 2024 patch, fixes 79 flaws including multiple zero-days, 7 critical
- critical vulnerability | Pythia Finance decentralized finance protocol has US $53 thousand stolen
- critical vulnerability | SAP releases September 2024 patches for 19 security notes
- critical vulnerability | Siemens reports vulnerabilities in SINEMA Remote Connect Client, including critical
- critical vulnerability | SolarWinds reports vulnerabilities in Access Rights Manager, one critical
Incidents
- data breach | Phillipines Government Service Insurance System investigates cybersecurity breach
- data breach | Data Breach at the National Social Insurance Fund (NSIF) of Cameroon
- data breach | Elmhurst Development LLC reports data breach
- data breach | Sefton Council's taxi licensing system leaks taxi drivers data
- data breach | Turkish citizen data of 108M exposed, government asks for help from Google
- data breach | Welcome Health reports data breach, exposes patient data
- data breach | SLIM CD payment gateway reports data breach, exposing 1.7 million users
- data breach | Fortinet confirms unauthorized access to customer data of APAC region
- data breach | Hacker claims data breach of Capgemini
- data breach | Illinois Bone & Joint Institute reports data breach
- data breach | Shamrock Trading Corporation reports data breach
- data breach | Access Sports Medicine & Orthopaedics reports data breach
- data breach | Loge Holdings LLC (LOGE Camps) reports data breach
- data breach | French Pension Insurance (CNAV) hit by cyberattack, exposes 370K individuals
- data breach | Hong Kong Programming Society servers breached, data stolen and offered for sale
- data breach | Kemper Sports Management reports data breach
- data breach | MNA Healthcare exposes sensitive information of medical professionals
- data breach | Riverside Resort & Casino reports data breach
- data breach | Seattle Highline Public Schools cancels classes due to cyberattack
- data breach | Guam Seventh-Day Adventist Clinic reports data breach
- ransomware | Kawasaki Motors Europe (KME) hit by cyberattack, RansomHub gang claims responsibility
- ransomware | Australian wholesaler Myelec targeted by multiple ransomware groups
- ransomware | Acadian Ambulance service is reporting data breach, exposing almost 3 Million people
- ransomware | Ransomware attack on Great Plains Regional Medical Center
- ransomware | Hunters International gang claims breach on Industrial and Commercial Bank of China London branch
- theft | Penpie DeFi protocol flaw exploited to steal $27 million
