2024 and Security - Information Management Today

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

VMware failed to fully address a remote code execution flaw, tracked as CVE-2024-38812 (CVSS score: 9.8), in its vCenter Server platform. In September, Broadcom released security updates to the vulnerability CVE-2024-38812. vCenter Server is a critical component in VMware virtualization and cloud computing software suite.

Government

Government Cloud Access IT

QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024

Security Affairs

OCTOBER 30, 2024

QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. On Day three of the Pwn2Own Ireland 2024 competition, Ha The Long with Ha Anh Hoang of Viettel Cyber Security (@vcslab) used a single command injection bug to exploit the QNAP TS-464 NAS.

Manufacturing

Manufacturing Security IT

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Continuing our look back at 2024, part two of Last Watchdogs year-ender roundtable turns its focus to emerging threats vs. evolving defense tactics. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. The drivers are intensifying.

Security

Security Phishing IoT Risk

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

CVE-2024-44243 macOS flaw allows persistent malware installation

Security Affairs

JANUARY 15, 2025

Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ). Monitoring anomalous behavior in these processes is essential, as such entitlements can potentially bypass security mechanisms.

Libraries

Libraries Access Privacy IT

Launching LLM-Based Products: From Concept to Cash in 90 Days

Speaker: Christophe Louvion, Chief Product & Technology Officer of NRC Health and Tony Karrer, CTO at Aggregage

Stakeholder Engagement 👥 Learn strategies to secure buy-in from sales, marketing, and executives. September 24th, 2024 at 11:00 AM PDT, 2:00 PM EDT, 7:00 PM BST Prototyping & UX 🛠 Get step-by-step guidance on building prototypes and designing user interfaces that maximize LLM usability. Save your seat today!

Sales

Why DSPM is Essential for Achieving Data Privacy in 2024

Security Affairs

OCTOBER 23, 2024

Data Security Posture Management (DSPM) helps organizations address evolving data security and privacy requirements by protecting and managing sensitive information. To add to the difficulty, the advent of Generative AI (GenAI) has brought unprecedented security and privacy risks. What is Data Security Posture Management?

Data Privacy

Data Privacy Privacy GDPR Compliance

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence. “Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.”

Phishing

Phishing Authentication Access Government

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware

Ransomware Data breaches Cybersecurity Access

39M secrets exposed: GitHub rolls out new security tools

Security Affairs

APRIL 3, 2025

39 Million Secrets Leaked on GitHub in 2024 GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code. Microsoft-owned code hosting platform GitHub announced the discovery of 39 million secrets leaked in 2024. ” concludes the report.

Security

Security Risk Cloud Passwords

Embedded Analytics Insights for 2024

From data security to generative AI, read the report to learn what developers care about including: Why organizations choose to build or buy analytics How prepared organizations are in 2024 to use predictive analytics & generative AI Leading market factors driving embedded analytics decision-making

Analytics

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Security Affairs

APRIL 15, 2025

Hertz Corporation disclosed a data breach after customer data was stolen via Cleo zero-day exploits in late 2024, affecting Hertz, Thrifty, and Dollar brands. Threat actors gained access to customer data via Cleo zero-day exploits in late 2024. In December 2024, the U.S.

Data breaches

Data breaches Ransomware Cybersecurity Government

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8)

IT

IT Ransomware Authentication Cybersecurity

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 7, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7 reads the advisory.

IT

IT Authentication Cybersecurity Risk

Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs

Security Affairs

AUGUST 14, 2024

Microsoft’s August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5 No Yes RCE CVE-2024-38193 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important 7.8

Security

Security IT Information Security

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Speaker: Aindra Misra, Senior Manager, Product Management (Data, ML, and Cloud Infrastructure) at BILL

📆 October 22nd, 2024 at 9:30 AM PDT, 12:30 PM EDT, 5:30 PM BST

Data Privacy

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Security Affairs

SEPTEMBER 16, 2024

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024. MSHTML is a platform used by Internet Explorer. “Yes.

Archiving

Archiving File names Libraries Passwords

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 31, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439 , to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Cybersecurity Access Passwords

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. CVE-2024-8358 : Command injection in UPDATES_ExtractFile , enabling command execution via file paths during updates.

Ransomware

Ransomware Manufacturing Access Risk

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its “The Wayback Machine.” As of September 5, 2024, the Internet Archive held more than 42.1 million print materials, 13 million videos, 1.2 Internet Archive hacked. 54% were already in @haveibeenpwned.

Archiving

Archiving Data breaches Passwords File names

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use. 📆 June 4th 2024 at 11:00am PDT, 2:00pm EDT, 7:00pm BST Save your seat and register today!

Artificial Intelligence

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

SEPTEMBER 11, 2024

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. ” The four actively exploited zero-day vulnerabilities are: CVE-2024-38014 – Windows Installer Elevation of Privilege Vulnerability.

Security

Security IoT Authentication IT

OnePoint Patient Care data breach impacted 795916 individuals

Security Affairs

OCTOBER 25, 2024

OPPC reported to the US Department of Health and Human Services that the security incident impacted 795916 individuals. The organization observed suspicious activity on its network on August 8, 2024 and promptly initiated an internal investigation. “On August 8, 2024, OPPC detected suspicious activity on its computer network.

Data breaches

Data breaches Ransomware Security IT

Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

Security Affairs

DECEMBER 24, 2024

Adobe released out-of-bandsecurity updates to address a critical vulnerability, tracked as CVE-2024-53961 (CVSS score 7.4), in ColdFusion. “Adobe has released security updates for ColdFusion versions2023 and 2021.These The vulnerability CVE-2024-20767 (CVSS score 7.4) ” reads the advisory. In December, the U.S.

Cybersecurity

Cybersecurity Access Security IT

Change Healthcare data breach impacted over 100 million people

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. According to the Associated Press, UnitedHealth booked $1.1

Data breaches

Data breaches Ransomware Insurance Cybersecurity

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog. x, and 11.3.x.”

IT

IT Cybersecurity Encryption Cloud

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

Cell C, one of the biggest telecom providers in South Africa confirms a data breach following a 2024 cyberattack. ” Cell C has taken swift action to contain a recent cyberattack, secure its systems, and limit the impact. healthcare providers surged in 2024, with 98 attacks compromising 117 million records.

Data breaches

Data breaches Unstructured data Ransomware Cybersecurity

VMware fixed five vulnerabilities in Aria Operations product

Security Affairs

NOVEMBER 27, 2024

VMware released security updates to address five vulnerabilities in its Aria Operations product. Local privilege escalation vulnerability (CVE-2024-38831) (CVSS 7.8) – A threat actor with local administrative privileges on VMware Aria Operations can exploit a properties file to execute malicious commands and gain root privileges.

Cloud

Cloud Access IT Security

Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085

Security Affairs

AUGUST 1, 2024

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation reported that approximately 20,000 VMware ESXi servers exposed online appear impacted by the exploited vulnerability CVE-2024-37085.

Ransomware

Ransomware Authentication Cloud Security

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

kzoldyck, the Threat Actor behind the alleged Interbank breach/leak posted the following on BreachForums [link] pic.twitter.com/A8SYASxmsT — Dark Web Informer (@DarkWebInformer) October 30, 2024 “We have identified that some data of a group of clients has been exposed by a third party without our authorization.

Data breaches

Data breaches Financial Services Passwords Security

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

NOVEMBER 8, 2024

.” Palo Alto Networks recommends reviewing best practices for securing management access to its devices. Cybersecurity and Infrastructure Security Agency (CISA) added a Palo Alto Expedition Missing Authentication Vulnerability, tracked as CVE-2024-5910 , to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication

Authentication Cybersecurity Access Communications

Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085

Security Affairs

JULY 29, 2024

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) The company released patches for security vulnerabilities affecting ESXi 8.0

Ransomware

Ransomware Cloud Encryption Authentication

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

“ Hello BreachForums Community , Today, I am selling the Cisco breach that recently happened (6/10/2024)” reads the message published by IntelBroker. ” Immediately, the company launched an investigation, which is still ongoing, into the alleged security incident. for customers to use as needed.

Data breaches

Data breaches Access Cloud Security

Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812

Security Affairs

SEPTEMBER 18, 2024

Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could lead to remote code execution. The company also addressed a privilege escalation vulnerability, tracked as CVE-2024-38813, in vCenter Server. ” reads the advisory.

Cloud

Cloud Access IT Security

Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites

Security Affairs

NOVEMBER 17, 2024

A Really Simple Security plugin flaw affects 4M+ sites, allowing attackers full admin access. Wordfence researchers warn of a vulnerability, tracked as CVE-2024-10924 (CVSS Score of 9.8), in the Really Simple Security plugin that affects 4M+ sites. CVE-2024-10924 impacts plugin versions from 9.0.0 and up to 9.1.1.1

Security

Security Authentication Access IT

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability has been addressed in versions 2.23.6,

Libraries

Libraries Encryption Cybersecurity Access

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

Security Affairs

MARCH 24, 2025

Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security Labs tracked a financially driven MEDUSA ransomware campaign using a HEARTCRYPT-packed loader and a revoked certificate-signed driver, ABYSSWORKER, to disable EDR tools.

Ransomware

Ransomware Security IT Access

The source code of Banshee Stealer leaked online

Security Affairs

NOVEMBER 26, 2024

In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. Researchers at Elastic Security Labs analyzed the malware and confirmed it can steal keychain passwords and data from multiple browsers. The code is now available on GitHub.

Archiving

Archiving Encryption Passwords IT

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Security Affairs

DECEMBER 2, 2024

Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” Tunnel bridges have grown from 60 to 143 since early 2024, but they are not enough. If you’ve ever thought about running a Tor bridge, now is the time.

Government

Government Access Security IT

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access

Security Affairs

OCTOBER 17, 2024

A critical, Kubernetes Image Builder vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), could allow attackers to gain root access if exploited under specific conditions. “A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process.

Access

Access Passwords Cybersecurity Security

Change Healthcare data breach exposed the private data of over half the U.S.

Security Affairs

JANUARY 26, 2025

In October 2024, UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. reads an update published by the company on February 29, 2024. According to the Associated Press, UnitedHealth booked $1.1 population.”

Data breaches

Data breaches Insurance Ransomware Cybersecurity

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. It also offers various economic services, including equipment maintenance, building upkeep, load securing, and quality control. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware

Ransomware Personal data Security IT

Port of Seattle ‘s August data breach impacted 90,000 people

Security Affairs

APRIL 5, 2025

Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024. In August 2024, a cyber attack hit the Port of Seattle , which also operates the Seattle-Tacoma International Airport. The attack impacted websites and phone systems. — Seattle-Tacoma Intl.

Data breaches

Data breaches Ransomware Manufacturing Education

ConnectOnCall data breach impacted over 900,000 individuals

Security Affairs

DECEMBER 16, 2024

The company discovered the security breach on May 12 and promptly began investigating into the incident. The company discovered that between February 16, 2024, and May 12, 2024, an unknown third party had access to ConnectOnCall and certain data within the application, including certain information in provider-patient communications.

Data breaches

Data breaches Communications Insurance Cybersecurity

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The flaw CVE-2024-4577 (CVSS score: 9.8) Cybersecurity and Infrastructure Security Agency (CISA) added the the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. In June, the U.S.

Honeypots

Honeypots File names Mining IoT

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024

Webinars

Trending Sources

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Webinars

CVE-2024-44243 macOS flaw allows persistent malware installation

Launching LLM-Based Products: From Concept to Cash in 90 Days

Why DSPM is Essential for Achieving Data Privacy in 2024

Storm-2372 used the device code phishing technique since August 2024

July 2024 ransomware attack on the City of Columbus impacted 500,000 people

39M secrets exposed: GitHub rolls out new security tools

Embedded Analytics Insights for 2024

Hertz disclosed a data breach following 2024 Cleo zero-day attack

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Mazda Connect flaws allow to hack some Mazda vehicles

Internet Archive data breach impacted 31M users

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

OnePoint Patient Care data breach impacted 795916 individuals

Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

Change Healthcare data breach impacted over 100 million people

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

South African telecom provider Cell C disclosed a data breach following a cyberattack

VMware fixed five vulnerabilities in Aria Operations product

Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Ransomware gangs exploit recently patched VMware ESXi bug CVE-2024-37085

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812

Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites

Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401

Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools

The source code of Banshee Stealer leaked online

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access

Change Healthcare data breach exposed the private data of over half the U.S.

8Base ransomware group hacked Croatia’s Port of Rijeka

Port of Seattle ‘s August data breach impacted 90,000 people

ConnectOnCall data breach impacted over 900,000 individuals

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Stay Connected