State of (in)security - Week 49, 2023
Take action: There is a way forward even if you feel helpless - Many vulnerabilities are inherent to devices and can't be immediately fixed by the user. Even so, be diligent about keeping up with issues and regularly update your devices because patches will eventually be released for those vulnerabilities.
Learn More
In the week between Dec. 4, 2023, midnight and Dec. 11, 2023, midnight we witnessed a total of:
- 13 advisory/vulnerability events
- 23 incident/data breach events
- Significant are up to 13 from the previous 7. The number of incidents is reduced, from previous 36 down to 23.
- The number of known impacted individuals from data breaches is decreased, from 6 million in week 48 to 3,2 million in week 49.
We also shared 4 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 3,252,523 impacted individuals across 5 incidents, with the largest breach being the Kentucky based Norton Healthcare reports data breach incident exposing 2,500,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| ransomware | 9 |
| third party breach | 6 |
| human error | 1 |
| phishing | 1 |
| unpatched software vulnerability | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 10 |
| Education | 3 |
| Food and Beverage | 2 |
| IT/Software/Technology | 1 |
| Military/Defense | 1 |
| Retail | 1 |
| Transport/Logistics | 1 |
| Automotive | 1 |
| Utilities | 1 |
| Government | 1 |
| Insurance | 1 |
Read the Event Details of the Week
Knowledge
- awareness | Critical Bluetooth security flaw impacts multiple systems - Google, Apple and Linux devices
- active exploit | FCX routers vulnerable to actively exploited flaw by botnets
- active exploit | Hacker crime groups actively targeting 9 months old Outlook/Exchange Flaw
- awareness | Prioritize patching of internet facing systems or get hacked - a US government primer
Vulnerabilities
- critical vulnerability | Researchers repot multiple severe vulnerabilities in Sierra equipment that impacts IOT infrastructure
- critical vulnerability | Atos Unify OpenScape reports maximum severity critical vulnerability
- critical vulnerability | WordPress releases version 6.4.2, advising update because of critical vulnerability
- critical vulnerability | Atlassian fixes multiple critical vulnerabilities in their products
- malware | Most Windows and Linux computers vulnerable to a new cyberattack
- critical vulnerability | Microsoft Edge releases new version patching bugs, and an important privacy change
- critical vulnerability | New 5G attack named 5Ghoul can exploit Qualcomm, MediaTek chips
- critical vulnerability | Apache Struts 2 fixes critical vulnerablity, upgrade ASAP
- critical vulnerability | OpenCms vulnerable to unauthenticated XXE (XML External Entity) vulnerability
- critical vulnerability | Joomla! CMS releases patch for environment variable exposure flaw
- critical vulnerability | Syrus4 IoT Gateway critical Vulnerability Threatens Thousands of Vehicles
- critical vulnerability | Google announces patch for a critical Android vulnerability, witholds details
- critical vulnerability | MW WP Form plugin for WordPress has critical flaw exposing 200k installs
Incidents
- attack | Irish water utility attacked by hacktivists, interrupted water supply
- data breach | University Hospital Southampton patient data published online
- data breach | Nissan reporting cyberattack and possible data breach
- data breach | Guthrie clinic reports MOVEit related data breach
- data breach | New York based Community Healthcare Network reports data breach
- data breach | Social Security Organisation (SOCSO) impacted by data breach, data leaked online
- data breach | Kentucky based Norton Healthcare reports data breach
- data breach | CHI Mercy Health reports MOVEit related data breach
- data breach | DePauw University reports data breach after ransomware attack
- data breach | Mercy Health report data breach through third party vendor Perry Johnson & Associates
- data breach | The Hershey Company reports data breach caused by phishing
- data breach | University of Wollongong reports cyber attack and potential data breach
- data breach | Lower Bucks Hospital reports MOVEit related data breach
- databreaches | Prime Healthcare reports MOVEit related data breach
- databreaches | East River Medical reports data breach, notifies over 600k patients
- ransomware | Groveport Madison school district reports ransomware attack
- ransomware | Shoe retailer Aldo reports LockBit leaking data of a franchise partner
- ransomware | LockBit3 takes responsibility for data breach of BlueWaters bottled water and drinks
- ransomware | Hermon School Department report ransomware attack
- ransomware | HTC Global Services reports cyberattack, data leaked online
- ransomware | Shipbuilder Austal USA confirms ransomware attack
- ransomware | Greater Richmond Transit Company impacted by cyber attack, shuts down parts of their applications
- ransomware | Pan-American Life Insurance group reports MOVEit related data breach
