State of (in)security - Week 6, 2024
Take action: Patch management is critical, but always make sure software updates and patches are downloaded from legitimate sources - hackers sometimes disguise malware as patches.
Learn More
In the week between Feb. 5, 2024, midnight and Feb. 12, 2024, midnight we witnessed a total of:
- 13 advisory/vulnerability events
- 20 incident/data breach events
Week over Week comparison of week 6 2024 vs week 5 2024 is: back to terrible.
- Advisories are more than doubled compared to previus week from 6 to 13. Incidents are reduced from 29 to 20.
- The number of known impacted individuals is a shocking 35 million from the previous 'normal' state of 1.8 million in the previous week.
We also shared 3 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 35,610,000 impacted individuals across 6 incidents, with the largest breach being the French healthcare Viamedis hit by cyberattack, patient data at risk incident exposing 33,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|---|
| ransomware | 5 |
| database configuration error, exposed w/o password online | 2 |
| third party breach | 2 |
| denial of service | 1 |
| employee unauthorized access | 1 |
| phishing | 1 |
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 7 |
| Government | 3 |
| Telecommunications | 3 |
| Education | 2 |
| Automotive | 1 |
| Transport/Logistics | 1 |
| Entertainment/Leisure | 1 |
| IT/Software/Technology | 1 |
| Non-profit/Charity | 1 |
Read the Event Details of the Week
Knowledge
- vulerability | Linux bootloader shim reported to carry critical vulnerability
- active attack | Newest Ivanti critical vulnerability massively exploited
- active attack | Fortinet warns of critical actively exploited RCE flaw in FortiOS SSL VPN
Vulnerabilities
- malware | MacOS malware called RustDoor impersonates Visual Studio update
- critical vulnerability | Canon issues patch for seven critical issues in office printers
- data breach | Microsoft Azure fixes HDInsight vulnerabilities
- critical vulnerability | JetBrains reports critical auth bypass flaw in TeamCity auth
- critical vulnerability | Google releases Android monthly patch, including fix for a critical remote code execution flaw
- critical vulnerability | QNAP releases multiple patches, including two high severity
- critical vulnerability | Mitsubishi Electric reports vulnerabilities in Factory Automation
- critical vulnerability | One more time - Ivanti publishes warning about another vulnerability
- critical vulnerability | Fortinet reports new max severity issues in FortiSIEM in error, but the bug exists
- critical vulnerability | Cisco reports critical vulnerabilities in its Expressway Series
- critical vulnerability | Cryptocurrency Widgets WordPress plugin vulnerable to SQL injection
- critical vulnerability | Sonicwall reports authentication vulnerability in SonicOS SSL VPN
- critical vulnerability | Shield Security WP Plugin patches critical vulnerability
Incidents
- data breach | Prestige Care reports data breach exposing patient data
- data breach | Azura Vascular Care reports data breach, exposing 348k patients
- data breach | Rebound Orthopedics & Neurosurgery systems down due to cyberattack
- data breach | University of Hong Kong data breach, exposing 7,400 students and staff
- data breach | LectureNotes learning app leaks user data of more than 2 million users
- data breach | Krystal BioTech reports data breach, exposing customer information
- data breach | Connecticut College reports data breach exposing personal information
- data breach | WinStar mobile app exposed unprotected database of customers' personal data
- data breach | R00TK1T gang claims attack on Malasya telco Maxis, apparently through third party vendor
- data breach | Rideshare startup HopSkipDrive reports data breach of 155k drivers
- data breach | French healthcare Viamedis hit by cyberattack, patient data at risk
- data breach | Community Memorial Healthcare reports data breach impacting patients data
- data breach | Prime Healthcare reports another thrid party breach, caused by Keenan & Associates
- data breach | Verizon employee data breached by insider, over 63k impacted
- denial of service | Pennsylvania online court system hit by DDoS attack
- ransomware | Hyundai Motor Europe hit by ransomware attack
- ransomware | Germantown, Tennessee, hit by ransomware attack
- ransomware | Korneuburg municipality in Austria hit by ransomware, cancels funerals
- ransomware | Claro reports attack by Trigona ransomware gang
- ransomware | SEIU Local 1000 state worker union hit by ransomware
