What were the total advisory and incident events for the week of September 30, 2024, to October 7, 2024?

During the week of September 30, 2024, to October 7, 2024, there were a total of 9 advisory/vulnerability events and 18 incident/data breach events.

How does the number of incidents and advisories in week 40 of 2024 compare to week 39?

Both advisories and incidents were down compared to the previous week. Advisories decreased from 13 in week 39 to 9 in week 40, while incidents decreased from 27 in week 39 to 18 in week 40.

What was the total number of impacted individuals in week 40 of 2024?

The total number of known impacted individuals in week 40 of 2024 was 1,002,480 across 6 incidents. The largest breach during the week was the Electronics retailer digiDirect incident, which exposed the data of 304,000 individuals.

What were the main causes of incidents in week 40 of 2024?

The main causes of incidents in week 40 of 2024 were malware, ransomware, and related attacks (5 incidents), followed by third-party compromises (2 incidents), unauthorized access (2 incidents), and software vulnerability or SDLC exploits (1 incident).

Which industries were most affected by incidents in week 40 of 2024?

The most affected industries in week 40 of 2024 were healthcare (5 incidents), IT/Software/Technology (3 incidents), government (3 incidents), and transport/logistics (2 incidents). Other affected sectors included finance, media, retail, telecommunications, and consulting/professional services.

What critical vulnerabilities were reported in week 40 of 2024?

Some of the critical vulnerabilities reported in week 40 of 2024 included an XSS flaw in the WordPress LiteSpeed Cache Plugin, flaws fixed in Apple’s iOS 18.0.1, critical issues patched in Chrome, CISA-reported vulnerabilities in TEM Opera Plus FM Family Transmitter, Cisco Nexus Dashboard Fabric Controller, and flaws in Western Digital My Cloud Devices.

Which knowledge items were shared during week 40 of 2024?

Two practical knowledge items were shared: Active attacks on a zero-day flaw in Zimbra's postjournal service and the exploitation of a critical flaw in Ivanti Endpoint Manager that was originally fixed in May 2024.

Knowledge

State of (in)security - Week 40, 2024

published: Oct. 7, 2024

Take action: Stored XSS can be very nasty. Always validate input and sanitize output to prevent XSS being executed on your web application.

Learn More

In the week between Sept. 30, 2024, midnight and Oct. 7, 2024, midnight we witnessed a total of:

9 advisory/vulnerability events
18 incident/data breach events

Week over Week comparison of week 40 2024 vs week 39 2024:

Advisories and incidents are down. Advisories are down from 13 in week 39 to 9 in week 40. Incidents are down from 27 in week 39 to 18 in week 40.
The number of known impacted individuals is signifcantly down - from over a 100 million in week 39 to just over one million in week 40.

We also shared 2 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 1,002,480 impacted individuals across 6 incidents, with the largest breach being the Electronics retailer digiDirect customer data breached, leaked on dark web incident exposing 304,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	5
Third Party Compromise	2
Unauthorized access	2
Software Vulnerability and SDLC Exploits	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	5
IT/Software/Technology	3
Government	3
Transport/Logistics	2
Finance	1
Media	1
Retail	1
Telecommunications	1
Consulting/Professional Services	1

Read the Event Details of the Week

Knowledge

active attack | Active attacks on a zero day flaw in Zimbra postjournal service, patch now
active attack | Ivanti Endpoint Manager critical flaw fixed in May is now exploited in attacks

Vulnerabilities

critical vulnerability | An XSS flaw reported in WordPress LiteSpeed Cache Plugin
critical vulnerability | Apple releases iOS 18.0.1, fixes VoiceOver leaking saved passwords bug
critical vulnerability | Chrome releases new version patching critical issues
critical vulnerability | CISA reports critical flaws in TEM Opera Plus FM Family transmitter
critical vulnerability | Cisco reports critical vlnerability in Nexus Dashboard Fabric Controller
critical vulnerability | Critical flaw reported in Optigo Networks ONS-S8 Spectra Aggregation Switch
critical vulnerability | Critical flaws reported in DrayTek routers, over 700,000 exposed devices online
critical vulnerability | Mozilla releases patches for Firefox, Thunderbird, fixing critical flaws
critical vulnerability | Western Digital reports critical flaw in My Cloud Devices

Incidents

data breach | Comcast reports data breach of third party exposing 237k customers
data breach | Southern Bone & Joint Specialists reports data breach
data breach | Accountants Feldstein & Stewart LLP report data breach
data breach | Rackspace reports data breach exposing customer data
data breach | Japanese realestate portal Lifull reports data breach
data breach | Ward Transport & Logistics reports data breach
data breach | Electronics retailer digiDirect customer data breached, leaked on dark web
data breach | Barbados Revenue Authority investigating data breach of vehicle registration system
data breach | Brown Integrated Logistics reports data breach from nearly 11 months
data breach | Baptist Health Medical Center-Drew County reports data breach
data breach | Hackers claim data breach of Weiser Memorial Hospital
data breach | Medical device manufacturer PRC-Saltillo reports data breach exposing 51.6K people
data breach | Macedonian Ministry of Economy and Labor hit by cyberattack, systems shut down
data breach | Community Clinic of Maui reports ransomware attack, data breach
data breach | Truist Bank reports data breach caused by third party
data breach | US telco providers allegedly hacked by Chinese hackers, breaching court-ordered wiretaps
ransomware | Wayne County, Michigan hit by cyberattack, disrupts services
ransomware | Montreal game developer Red Barrels hit by Nitrogen Ransomware Group

Read More
State of (in)security - Week 12, 2024
State of (in)security - Week 3, 2024
State of (in)security - Week 7, 2024
State of (in)security - Week 17, 2025
Two Engineering and Transparency Lessons from the suspected …