| Category | Details |
|---|---|
| Top Attacks and Breaches | - Axis Health System: Ransomware attack by Rhysida gang; sensitive health records stolen, $1.5M ransom demanded. - Golden Age Nursing Home: 102GB of medical data leaked by Rhysida. - LEGO: Cyberattack promoted fake “LEGO Coin” cryptocurrency; limited financial success. - American Water: Cyberattack disrupted billing systems; water services unaffected. - Internet Archive: Data breach exposed 31M user records, involving DDoS and site defacement. - Casio: Cyberattack leaked 126K customer records; system disruptions reported. - VGTRK (Russia): Pro-Ukraine hacktivists disrupted TV channels; servers wiped. - Fidelity Investments: Data breach exposed info of 77K customers; funds remained safe. - ADT: Cyberattack exfiltrated employee account data; no customer data compromised. |
| Vulnerabilities and Patches | - Microsoft Patch Tuesday (Oct 2024): Fixed 117 vulnerabilities, including critical RCE flaws in Configuration Manager (CVE-2024-43468) and RDP Server (CVE-2024-43582). - Google Android Update: Addressed critical flaws, including DoS and RCE vulnerabilities in Framework and MediaTek/Qualcomm components. - Adobe Security Update: Patches for Adobe Substance 3D Painter, Commerce, and Animate, fixing privilege escalation, memory leaks, and security bypasses. |
| Threat Intelligence Reports | - Most Wanted Malware (Sept 2024): AI-driven malware tactics rising; AsyncRAT enters top 10; Joker remains top mobile malware. - Operation MiddleFloor: Russian-aligned Lying Pigeon spreads disinformation in Moldova’s pre-election period. - GoldenJackal APT Group: Targeting air-gapped systems with GoldenHowl and GoldenRobo toolsets across Europe, the Middle East, and South Asia. - Mamba 2FA (PhaaS): AiTM phishing platform mimics Microsoft 365 pages to bypass MFA and steal credentials, leveraging Telegram bots for exfiltration. |
Read full article: https://research.checkpoint.com/2024/14th-october-threat-intelligence-report/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply