State of (in)security - Week 50, 2024
Take action: Sometimes patches don't work the first time, like the Cleo patch. Keep up the discipline, no matter how tedious it is. Because hackers don't care if you already did the work once.
Learn More
In the week between Dec. 9, 2024, midnight and Dec. 16, 2024, midnight we witnessed a total of:
- 8 advisory/vulnerability events
- 24 incident/data breach events
Week over Week comparison of week 50 2024 vs week 49 2024:
- Both advisories and incidents are up from the previous week. Advisories are up from 7 in week 49, to 8 in week 50. Incidents are up from 20 in week 49 to 24 in week 50.
- The number of known impacted individuals is slightly down - from over 20 million in week 49 to 18.6 million in week 50.
We also shared 3 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 18,629,542 impacted individuals across 8 incidents, with the largest breach being the PIH Health hit by ransomware attack, hackers claim data breach of 17M people incident exposing 17,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Malware, Ransomware and Related Attacks | 10 |
| Software Vulnerability and SDLC Exploits | 2 |
| System Misconfiguration Exploits | 1 |
| Unauthorized access | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 5 |
| Finance | 3 |
| Education | 3 |
| Utilities | 2 |
| Government | 2 |
| IT/Software/Technology | 2 |
| Energy | 1 |
| Hospitality/Events | 1 |
| Consulting/Professional Services | 1 |
| Food and Beverage | 1 |
| Non-profit/Charity | 1 |
Read the Event Details of the Week
Knowledge
- active attack | Cleo file transfer software flaw actively exploited
- active attack | Cleo patches another actively exploited flaw
- active attack | Hunk Companion WordPress plugin exploited by hackers to install vulnerable plugins
Vulnerabilities
- critical vulnerability | Adobe releases December 2024 patches for flaws in multiple products, including critical
- critical vulnerability | Apache reports critical remote code execution flaw in Struts 2
- critical vulnerability | Critical flaws reported in WordPress Woffice Theme, update ASAP
- critical vulnerability | Ivanti released updates for multiple critical flaws in Cloud Services Application (CSA), Connect Secure, Policy Secure, and Sentry
- critical vulnerability | Microsoft December 2024 update addresses 71 flaws, 16 critical, 1 actively exploited
- critical vulnerability | OpenWrt reports a critical flaw in sysupgrade enabling install of malicious firmware
- critical vulnerability | QNAP fixes multiple flaws, at least two critical in their NAS QTS and QuTS operating systems
- critical vulnerability | SAP releases December 2024 patches for 16 flaws, one critical flaw in NetWeaver
Incidents
- data breach | Utility provider Duke Energy reports cyberattack, data breach
- data breach | ABC Legal Services reports cybersecurity incident, data breach
- data breach | Stryker Corporation reports data breach
- data breach | Senior Dating website leaks data, exposing 765k users
- data breach | Center for Vein Restoration reports data breach exposing data of nearly half a million people
- data breach | Highgate Hotels report cyberattack, data breach
- data breach | American Addiction Centers reports data breach
- data breach | Byte Federal Bitcoin ATM operator reports data breach impacting 58k users
- data breach | Rutherford County Schools reports cybersecurity incident, potential data breach
- data breach | SRP Federal Credit Union reports data breach exposing 240k individuals
- data breach | Boston University's heart study hit by cyberattack, data breach
- data breach | Young Life organization reports a data breach
- data breach | Rhode Island's state government system hit by cyberattack
- data breach | Liberty First Credit Union reports data breach
- data breach | Turkey's mobile application for toll collection hacked
- ransomware | Medical device company Artivion reports cyberattack, data breach
- ransomware | Romanian Electrica Group energy supplier reports ransomware attack
- ransomware | LKQ Corporation reports cyberattack disrupting Canadian business unit
- ransomware | Wood County's computer system hit by ransomware
- ransomware | PIH Health hit by ransomware attack, hackers claim data breach of 17M people
- ransomware | Highland Park ISD hit by ransomware attack
- ransomware | Krispy Kreme reports cyberattack that disrupted their online ordering
- ransomware | Comtel, Indian brokerage data center provider hit by ransomware
- ransomware | US branches of Japanese companies hit by ransomware
