| Category | Details |
|---|---|
| Top Attacks and Breaches | – Axis Health System: Ransomware attack by Rhysida gang; sensitive health records stolen, $1.5M ransom demanded. – Golden Age Nursing Home: 102GB of medical data leaked by Rhysida. – LEGO: Cyberattack promoted fake “LEGO Coin” cryptocurrency; limited financial success. – American Water: Cyberattack disrupted billing systems; water services unaffected. – Internet Archive: Data breach exposed 31M user records, involving DDoS and site defacement. – Casio: Cyberattack leaked 126K customer records; system disruptions reported. – VGTRK (Russia): Pro-Ukraine hacktivists disrupted TV channels; servers wiped. – Fidelity Investments: Data breach exposed info of 77K customers; funds remained safe. – ADT: Cyberattack exfiltrated employee account data; no customer data compromised. |
| Vulnerabilities and Patches | – Microsoft Patch Tuesday (Oct 2024): Fixed 117 vulnerabilities, including critical RCE flaws in Configuration Manager (CVE-2024-43468) and RDP Server (CVE-2024-43582). – Google Android Update: Addressed critical flaws, including DoS and RCE vulnerabilities in Framework and MediaTek/Qualcomm components. – Adobe Security Update: Patches for Adobe Substance 3D Painter, Commerce, and Animate, fixing privilege escalation, memory leaks, and security bypasses. |
| Threat Intelligence Reports | – Most Wanted Malware (Sept 2024): AI-driven malware tactics rising; AsyncRAT enters top 10; Joker remains top mobile malware. – Operation MiddleFloor: Russian-aligned Lying Pigeon spreads disinformation in Moldova’s pre-election period. – GoldenJackal APT Group: Targeting air-gapped systems with GoldenHowl and GoldenRobo toolsets across Europe, the Middle East, and South Asia. – Mamba 2FA (PhaaS): AiTM phishing platform mimics Microsoft 365 pages to bypass MFA and steal credentials, leveraging Telegram bots for exfiltration. |
Read full article: https://research.checkpoint.com/2024/14th-october-threat-intelligence-report/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply