State of (in)security - Week 43, 2024
Take action: Always make sure to keep your AWS account ID confidential, since it can be abused. If you haven't patched your software for months, you will be hacked. Hackers don't wait - especially for common tools.
Learn More
In the week between Oct. 21, 2024, midnight and Oct. 28, 2024, midnight we witnessed a total of:
- 7 advisory/vulnerability events
- 18 incident/data breach events
Week over Week comparison of week 43 2024 vs week 42 2024:
- Advisories and incidents are down. Advisories are down from 11 in week 42 to 7 in week 43. Incidents are down from 26 in week 42 to 18 in week 43.
- The number of known impacted individuals is again signifcantly up - from over 273 million in week 42 to over 350 million in week 43.
We also shared 5 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 356,211,215 impacted individuals across 7 incidents, with the largest breach being the Fashion retailer Hot Topic possibly breached again, exposing data of millions incident exposing 350,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 3 |
| Unauthorized access | 3 |
| Third Party Compromise | 2 |
| Denial-of-Service Attacks | 1 |
| System Misconfiguration Exploits | 1 |
| Software Vulnerability and SDLC Exploits | 1 |
| Human bad security behaviour | 1 |
| Social Engineering and Phishing | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 5 |
| Insurance | 2 |
| Government | 2 |
| Education | 2 |
| IT/Software/Technology | 1 |
| Non-profit/Charity | 1 |
| Consulting/Professional Services | 1 |
| Retail | 1 |
| Entertainment/Leisure | 1 |
| Finance | 1 |
| Hospitality/Events | 1 |
Read the Event Details of the Week
Knowledge
- active attack | CISA reports active exploitation of Microsoft SharePoint RCE flaw
- active exploit | Critical vulnerability in ScienceLogic SL1 exploited - at least one major victim
- active exploit | Fortinet warns of active exploitation of FortiManager flaw
- active exploit | Google warns of actively exploited flaw in Samsung mobile processors
- active attack | Hackers exploit XSS flaw in Roundcube to steal credentials and emails
Vulnerabilities
- critical vulnerability | AWS Cloud Development Kit flaw lets attackers gain Admin access to AWS accounts
- critical vulnerability | Cisco patches three critical and one actively exploited flaw in ASA, FMC and FTD products
- critical vulnerability | Critical vulnerability reported in OneDev DevOps platform
- critical vulnerability | Fortinet issues private notifications to FortiManager customers to patch an undisclosed flaw
- critical vulnerability | Germany’s CERT@VDE reports critical flaws in mbNET.mini and Helmholz industrial routers
- critical vulnerability | Google releases security update for Chrome, fixes three high severity issues
- critical vulnerability | VMware issues second patch for CVE-2024-38812 vCenter Server flaw
Incidents
- critical vulnerability | Cyprus critical infrastructure hit by coordinated attacks of activist hacker groups
- data breach | Chimienti & Associates reports data breach caused by compromised email account
- data breach | East Adams Rural Healthcare patient records breached
- data breach | Nonprofit dental care Community Dental reports data breach
- data breach | Oregon Department of Corrections leaks personal information of 861 individuals
- data breach | Millions of patients of Mexican hospitals exposed through a misconfigured Kibana instance
- data breach | General Physician, PC reports data breach exposing patient SSNs
- data breach | Transak plarform hit by phishing attack and data breach exposing over 90,000 people
- data breach | Clinics in Missouri report data breach
- data breach | Data leak at Atif Aslam concert in Dhaka exposes attendee info
- data breach | Fashion retailer Hot Topic possibly breached again, exposing data of millions
- data breach | Arkansas Blue Cross and Blue Shield reports third party data breach
- data breach | Nonprofit BronxWorks reports data breach through a hacked employee email account
- data breach | Brighthouse Life Insurance reports data breach caused by third party vendor
- data breach | OnePoint patient care reports data breach
- ransomware | Cyberattack on University of Maribor disrupts faculty operations
- ransomware | Swiss vocational school BBZ Schaffhausen hit by ransomware
- ransomware | Everest ransomware gang claims breach of Radisson Country Inn and Suites
