State of (in)security - Week 45, 2024
Take action: If you are using Azure API Management review your configuration and if possible disable the legacy API versions and monitor for their reactivation or use. Update your Chrome and Chromium browsers (Edge, Opera, Brave), since an attack is possible just by visiting a malicious site with no user action. And use only vetted and trusted browser plugins.
Learn More
In the week between Nov. 4, 2024, midnight and Nov. 11, 2024, midnight we witnessed a total of:
- 13 advisory/vulnerability events
- 25 incident/data breach events
Week over Week comparison of week 45 2024 vs week 44 2024:
- Advisories are the same as previous week, incidents are up. Advisories are still at 13 in week 45, same as in week 44. Incidents are up from 20 in week 44 to 25 in week 45.
- The number of known impacted individuals is again signifcantly down - from over 22 million in week 44 to just over 3 million in week 45.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 3,498,245 impacted individuals across 5 incidents, with the largest breach being the Summit Pathology reports data breach exposing 1.8M patients incident exposing 1,813,538 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 8 |
| Third Party Compromise | 5 |
| Unauthorized access | 5 |
| Denial-of-Service Attacks | 1 |
| Human bad security behaviour | 1 |
| Social Engineering and Phishing | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 7 |
| Government | 4 |
| IT/Software/Technology | 3 |
| Finance | 3 |
| Insurance | 2 |
| Education | 2 |
| Transport/Logistics | 1 |
| Consulting/Professional Services | 1 |
| Gas/Oil | 1 |
| Automotive | 1 |
Read the Event Details of the Week
Knowledge
Vulnerabilities
- critical vulnerability | Binary Security reports partially fixed flaws in Azure API Management enabling privilege escalation
- critical vulnerability | Cequence Security reports critical flaw in AppDynamics
- ransomware | Cisco fixes critical flaw in affecting Ultra-Reliable Wireless Backhaul (URWB) access points
- critical vulnerability | D-Link confirms critical flaw affecting over 60,000 end-of-life NAS devices, won't be patched
- critical vulnerability | Google releases November 2024 Android Update, fixes actively exploited flaws
- critical vulnerability | Google releases urgent patch to Chrome, fixing two critical flaws
- critical vulnerability | HPE Aruba Networking fixes multiple critical flaws in their Access Points with AOS-8 and AOS-10 software
- ransomware | Multiple Critical Vulnerabilities in Mazda Connect Infotainment System
- critical vulnerability | Opera Browser fixes flaw dubbed "Cross Barking" allowing malicious extensions to access private APIs
- critical vulnerability | Palo Alto Networks warns of claimed critical flaw in PAN-OS management interface
- critical vulnerability | QNAP fixes a critical zero-day flaw in HBS 3 Hybrid Backup Sync discovered during Pwn2Own
- critical vulnerability | Samsung releases November update for Galaxy phones
- critical vulnerability | Synology fixes more critical flaws reporeted in Pwn2Own competition
Incidents
- data breach | Maryland based Eagle Bank reports merchant data breach affecting Mastercard debit cards
- data breach | Law firm Thompson Coburn LLP reports data breach
- data breach | Northeast Professional Caregivers reports data breach
- data breach | Selman & Company insurance administrator reports third party data breach
- data breach | Microlise reports cyberattack, data breach
- data breach | TriHealth reports third party data breach exposing patient data
- data breach | Motorcyle parts seller Dennis Kirk breached, data leaked
- data breach | Cybersecurity Incident at Michigan Masonic Home
- data breach | Major South African Financial Systems Breach and Grant Fraud Scheme
- data breach | Schneider Electric reports cyberattack of their dev platform, data breach
- data breach | Portsmouth City Council reports DDoS cyberattack
- data breach | Intel Broker hacker claims breach of Nokia internal systems through third-party contractor
- data breach | Western Sydney University (WSU) reports third data breach in 2024
- data breach | Kaiser Permanente reports data breach through breached email
- data breach | Pacific Life Insurance Company formally reports third party data breach
- data breach | South Africa Standard Bank reports data breach caused by employee
- data breach | Long Island Plastic Surgical Group reports data breach, exposes 161k people
- ransomware | ANU Enterprise reports ransomware attack
- ransomware | Newpark Resources reports ransomware attack
- ransomware | Houston Housing Authority hit by ransomware attack
- ransomware | Grupo Aeroportuario del Centro Norte (OMA) reports ransomware attack
- ransomware | Summit Pathology reports data breach exposing 1.8M patients
- ransomware | Washington state court system hit by cyberattack, services shut down
- ransomware | Widex Hong Kong Hearing and Speech Centre hit by ransomware, exposes data of 148k people
- ransomware | Wexford County, Michigan, reports ransomware attack on election day
