This Week In Cybersecurity: 16th December to 20th December

This Week In Cybersecurity: 16th December to 20th December
Table of Contents
    Add a header to begin generating the table of contents

    Meta Fined $263.5m Over Data Breach in Europe

    Meta has been fined €263.5 million by Ireland’s Data Protection Commission for GDPR violations linked to a 2018 data breach affecting millions of Facebook users. The investigation revealed insufficient transparency in Meta’s data processing practices, particularly regarding user consent for behavioral advertising. The DPC found that users were not adequately informed about the extent of data use. Read more

    390,000 WordPress Accounts Hacked by MUT-1244 in Supply Chain Attack

    Over 390,000 WordPress credentials were stolen in a year-long supply chain attack by the MUT-1244 group. Attackers exploited trojanized GitHub repositories and phishing campaigns, using zero-day vulnerabilities. The theft included SSH and AWS keys, enabling extensive access to compromised networks. The group utilized backdoored configuration files and malicious npm packages to facilitate data exfiltration. Read more

    Rhode Island RIBridges Data Breach: Ransomware Attack Poses Imminent Data Leak Threat

    A ransomware attack on Rhode Island’s RIBridges system exposed sensitive data of thousands, including names and Social Security numbers. The attack, reported on December 14, led to a state of emergency. Governor McKee warned that data might be released imminently. Affected individuals were advised to monitor accounts and change passwords, while the state is offering credit monitoring services for protection. Read more

    Cleo Data Theft: Clop Ransomware Gang Takes Credit for Attack

    The Clop ransomware group has claimed responsibility for data theft from Cleo’s file transfer platforms. They exploited zero-day vulnerabilities, including CVE-2024-50623, to gain unauthorized access and upload a backdoor. This breach allowed extensive data theft and lateral movement within networks. Clop announced they would delete sensitive government data but continues targeting new victims. Read more

    4 Crucial Automation Use Cases for Enterprise Security Automation

    Explore four key automation use cases to enhance enterprise security: enriching Indicators of Compromise (IoCs), monitoring external attack surfaces, web application vulnerability scanning, and credential monitoring. Automating these processes improves incident response times, enhances vulnerability management, and strengthens overall security posture. Implementing these strategies can significantly reduce risks and free up your security teams for higher-level tasks. Discover more about effective security automation strategies. Read more

    Texas Tech University Data Breach Exposes Data of 1.4 Million Patients

    A cyberattack on Texas Tech University Health Sciences Center exposed 1.4 million patients’ sensitive data, including personal and medical information. The breach occurred in September, with unauthorized access confirmed in December. The Interlock ransomware group claimed responsibility for the data leak. The university is notifying affected individuals and offering credit monitoring services. Read more

    Related Posts