Security Spotlight, News

This Week In Cybersecurity: 23rd December to 27th December

This Week In Cybersecurity covers the latest incidents and trends from December 23rd to December 27th. Highlights include the Play ransomware gang's breach of Krispy Kreme, resulting in the theft of sensitive data; a Netflix technical glitch disrupting Kay Adams' NFL broadcast; and the Ascension cyberattack exposing patient information. Additionally, WhatsApp's legal victory against NSO Group sets a precedent for accountability in spyware cases, while insights on Black Basta ransomware and security automation strategies offer crucial guidance for organizations. Stay informed and enhance your cybersecurity defenses!

Mitchell Langley
January 1, 2025

Table of Contents

Add a header to begin generating the table of contents

Krispy Kreme Breach: Play Ransomware Gang Claims Data Theft, Threatens Data Leak

The Play ransomware gang has claimed responsibility for a November breach at Krispy Kreme, alleging theft of sensitive data, including payroll and financial information. Following unauthorized access detected on November 29, Krispy Kreme confirmed operational disruptions affecting its online ordering system. Read more

Kay Adams’ NFL Broadcast Interrupted by Netflix Technical Glitch

Kay Adams’ NFL broadcast on Netflix faced a major technical glitch on Christmas Day, frustrating millions of viewers. The outage was due to overwhelming demand from fans streaming live games, rather than a cyber incident. Preliminary analyses indicate issues with Netflix’s content delivery network and internal server errors contributed to the disruption. Read more

Ascension Cyberattack Update: New Details Emerge, Patient and Employee Data Exposed

The Ascension cyberattack, first reported in June 2024, has exposed sensitive patient and employee data, including medical records and Social Security numbers. The breach was initiated by a malicious file downloaded by an employee, leading to unauthorized access to IT systems. Ascension is notifying affected individuals and offering credit monitoring services. Read more

WhatsApp Wins Against NSO Group: Judge Finds NSO Liable for Pegasus

A US District Court ruled in favor of WhatsApp, holding NSO Group liable for hacking 1,400 devices using Pegasus spyware. The court determined NSO violated the Computer Fraud and Abuse Act and WhatsApp’s terms of service. The trial is set for March 2025, which may set a precedent for future cases involving privacy violations and technology misuse. Read more

4 Crucial Automation Use Cases for Enterprise Security Automation

Learn four key use cases for security automation: enriching Indicators of Compromise (IoCs), monitoring external attack surfaces, web application vulnerability scanning, and credential monitoring. Automating these processes enhances incident response, reduces risks, and improves overall security posture. By implementing these strategies, organizations can optimize their cybersecurity efforts and free up resources for more critical tasks. Explore these automation strategies to strengthen your cybersecurity defenses. Read more

Trending

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.