State of (in)security - Week 51, 2024
Take action: Another reminder to patch your Windows Operating System! If the computer isn't patched from July, you are very late and hackers are benefiting. Don't delay, it's a hassle but you need to do it.
Learn More
In the week between Dec. 16, 2024, midnight and Dec. 23, 2024, midnight we witnessed a total of:
- 9 advisory/vulnerability events
- 11 incident/data breach events
Week over Week comparison of week 51 2024 vs week 50 2024:
- Advisories are slightly up, incidents are down from the previous week. Advisories are up from 8 in week 50, to 9 in week 51. Incidents are down from 24 in week 50 to 11 in week 51.
- The number of known impacted individuals is significantly down - from 18.6 million in week 50 to 1.442 million in week 51.
We also shared 2 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 1,442,025 impacted individuals across 7 incidents, with the largest breach being the Telehealth platform ConnectOnCall breached, exposing data of 910k individuals incident exposing 914,138 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| Software Vulnerability and SDLC Exploits | 3 |
| Malware, Ransomware and Related Attacks | 2 |
| Unauthorized access | 2 |
| Human bad security behaviour | 1 |
| Third Party Compromise | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| IT/Software/Technology | 3 |
| Consulting/Professional Services | 2 |
| Finance | 2 |
| Healthcare | 2 |
| Food and Beverage | 1 |
| Telecommunications | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | Fortinet EMS flaw actively exploited to deploy Remote Access hacking tools
- active exploit | Windows kernel flaw actively exploited
Vulnerabilities
- critical vulnerability | BeyondTrust patches critical vulnerability in Privileged Remote Access (PRA) and Remote Support (RS)
- critical vulnerability | Critical flaws reported in CrushFTP file transfer software
- critical vulnerability | Critical security flaw reported and patched in Craft CMS
- critical vulnerability | Fortinet reports flaws in FortiWLM and FortiManager products, one critical
- critical vulnerability | Multiple security flaws reported in SHARP routers
- critical vulnerability | Schneider Electric reports critical flaw in Modicon Programmable Logic Controllers
- critical vulnerability | Siemens reports critical flaw in User Management Component (UMC)
- critical vulnerability | Sophos fixes critical flaws in their Sophos Firewall product
- critical vulnerability | Two high severity faws reported in Foxit PDF Reader and Editor allowing Remote Code Execution
Incidents
- critical vulnerability | BeyondTrust reports breach of their Remote Support SaaS service
- data breach | Indiana University Health reports data breach caused by compromised email account
- data breach | Amergis Healthcare Staffing reports data breach exposing 11k people
- data breach | Telehealth platform ConnectOnCall breached, exposing data of 910k individuals
- data breach | Tracker firm Hapn leaks data of thousands of customers
- data breach | Indian bike-taxi aggregato Rapido leaks user, driver data
- data breach | Citizens Bank reports data breach caused by insider, exposing 8K customers
- data breach | Arena Technical Resources reports data breach
- data breach | Finnish dairy company Valio reports data breach exposing 5K people
- ransomware | Bashe ransomware group claims breach of Bank Rakyat Indonesia
- ransomware | Hunters International attacks Namibia telecom systems, impacts 493k people
