How many security events occurred between Nov. 25, 2024 and Dec. 2, 2024?

There were 30 total security events: 12 advisory/vulnerability events and 18 incident/data breach events.

How does this compare to the previous week?

Advisories increased significantly from 2 in week 47 to 12 in week 48. Incidents decreased slightly from 22 in week 47 to 18 in week 48.

What were the main causes of security incidents?

The main causes were: Malware, Ransomware and Related Attacks (5 incidents), Third Party Compromise (2 incidents), Software Vulnerability and SDLC Exploits (1 incident), System Misconfiguration Exploits (1 incident), and Unauthorized access (1 incident).

Which industries were most affected by security incidents?

Healthcare was most affected with 5 incidents, followed by Finance with 3 incidents, Government and Food and Beverage with 2 incidents each, and Insurance, IT/Software/Technology, and Education with 1 incident each.

What active exploits were reported during this period?

Three active exploits were reported: 1) Hackers exploiting critical bug in Array Networks SSL VPN products, 2) Exploitation code using LogoFAIL UEFI flaw, and 3) Zyxel firewalls being targeted in ransomware attacks.

Knowledge

State of (in)security - Week 48, 2024

Q: How many individuals were impacted by these security events?

A total of 1,149,070 individuals were impacted across 5 incidents, with the largest breach being the SL Data Services/Propertyrec data leak exposing 664,934 individuals. The actual number is likely higher as not all incidents report impact numbers.

published: Dec. 2, 2024

Take action: Sometimes devices are exposed to the internet by their design and purpose. You can mitigate such of the issues by blocking them off from the internet without compromising their functionality. Don't be lazy, apply the patches.

Learn More

In the week between Nov. 25, 2024, midnight and Dec. 2, 2024, midnight we witnessed a total of:

12 advisory/vulnerability events
18 incident/data breach events

Week over Week comparison of week 48 2024 vs week 47 2024:

We also shared 3 practical knowledge items

Total impacted individuals via the events of the week

There were a total of 1,149,070 impacted individuals across 5 incidents, with the largest breach being the Researcher dicovers SL Data Services/Propertyrec data leak exposing 600k records incident exposing 664,934 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

Cause	Number of incidents
Malware, Ransomware and Related Attacks	5
Third Party Compromise	2
Software Vulnerability and SDLC Exploits	1
System Misconfiguration Exploits	1
Unauthorized access	1

Industry breakdown of incidents

Industry	Number of incidents
Healthcare	5
Finance	3
Government	2
Other	2
Food and Beverage	2
Insurance	1
IT/Software/Technology	1
Education	1

Read the Event Details of the Week

Knowledge

active exploit | CISA warns of hackers exploiting critical bug in Array Networks SSL VPN products
active exploit | Researchers discover exploitation code that uses LogoFAIL UEFI flaw
active exploit | Zyxel reports their firewalls being targeted in ransomware attacks

Vulnerabilities

critical vulnerability | Carrier reports critical flaw in WebCTRL Premium Server and related products
critical vulnerability | CISA warns of critical flaw in Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC powermeter
critical vulnerability | Critical authentication bypass vulnerability in ProjectSend is actively exploited
critical vulnerability | Critical flaws reported in WordPress Anti-Spam plugin by Cleantalk
critical vulnerability | ESET researchers warn of active chained exploits of Firefox and Windows by hacking group
critical vulnerability | Microsoft patches vulnerabilities outside of normal cycle
critical vulnerability | Multiple critical flaws reported in mySCADA myPRO product
critical vulnerability | Nozomi Networks Labs reports critical flaws in Advantech's EKI industrial-grade wireless access points
critical vulnerability | QNAP fixes critical flaws in multiple products
critical vulnerability | Schneider Electric reports critical vulnerability in EcoStruxure IT Gateway
critical vulnerability | Veritas warns of critical flaws in Enterprise Vault
critical vulnerability | Zabbix patches critical SQL injection flaw, urges fast upgrades

Incidents

data breach | Hackers compromise systems of Central Bank of Uganda, stole millions
data breach | Australian mortgage group Finsure reports third-party data breach
data breach | Granite School District reports data breach, employee data leaked
data breach | Visiting Physician Services reports malware attack, data breach
data breach | HDFC Life Insurance reports data breach
data breach | Texas Tech Health Sciences Center reports data breach exposing patient data
data breach | LCPtracker reports data breach
data breach | Southern fried chicken restaurant chain Bojangles reports data breach
data breach | Spring EQ reports data breach caused by compromised employee email
data breach | Zello alerts users to reset passwords due to security incident
data breach | Silver Springs Bottled Water Company reports data breach
data breach | Veterans Health Administration reports third party data breach
data breach | The City of Coppell hit by cyberattack, RansomHub gang claims responsibility
data breach | Researcher dicovers SL Data Services/Propertyrec data leak exposing 600k records
data breach | Bologna Football Club reports ransomware attack, data breach
data breach | INC ransomware gang claims attack on Alder Hey Children's NHS Foundation Trust
ransomware | Wirral University Teaching Hospital NHS Trust reports cyberattack, declares major incident
ransomware | Minneapolis Park and Recreation Board hit by cyberattack, RansomHub clams responsibility

Read More
State of (in)security - Week 45, 2025
State of (in)security - Week 19, 2023
Critical Bluetooth security flaw impacts multiple systems - …
State of (in)security - Week 23, 2024
State of (in)security - Week 1, 2024