Windows TCO: Ransomware, Maine, and More
-
Security Week ☛ Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day
The flaw, tracked as CVE-2024-43461, is a high-severity issue resolved with the September 2024 Patch Tuesday updates, more than two months after being exploited in the wild.
-
The Register UK ☛ Microsoft confirms IE zero-day exploited in sneaky update
Redmond addressed the security bug – CVE-2024-43461, an "important" spoofing flaw with an 8.8-out-of-10 CVSS severity rating – in an update issued last week.
Back then Microsoft said the hole was not exploited in the wild. Now the software giant says it was exploited prior to patching, making it a zero day for a time.
-
Scoop News Group ☛ Ransomware group releases screenshots in attempted extortion of Port of Seattle
It’s not clear how much data was stolen as part of the attack, or what kind of data is included. The port said the incident was the result of a ransomware attack associated with a group known as “Rhysida,” a ransomware-as-a-service operation that allows criminals to use the platform to extort victims, with proceeds ultimately split between the attacker and the developers and operators of the platform.
-
Security Week ☛ Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors
The RansomHub ransomware group has released 487 gigabytes of data it allegedly stole from motorcycles manufacturer Kawasaki Motors Europe (KME).
-
The Record ☛ Data on nearly 1 million NHS patients leaked online following ransomware attack on London hospitals
People with symptoms of sensitive medical conditions, including cancer and sexually transmitted infections, are among almost a million individuals who had their personal information published online following a ransomware attack that disrupted NHS hospitals in London earlier this year, according to an analysis shared with Recorded Future News.
The examination by CaseMatrix, a company that works with legal firms to support claimants in data breach lawsuits, is the first public assessment of how many individuals might be affected by the cyberattack. CaseMatrix says more than 900,000 individuals have been caught up in the extortion attempt.
-
The Record ☛ Owner of only US platinum mine confirms data breach after ransomware claims
Stillwater Mining Company told regulators Saturday that hackers breached company systems in the middle of June but the incident was only discovered on July 8. It took more than a month for investigators to realize that the personal information of 7,258 employees was stolen.
-
Maine ☛ Office of the Maine AG: Consumer Protection: Privacy, Identity Theft and Data Security Breaches
Date(s) Breach Occured: June 11, 2024
Date Breach Discovered: July 08, 2024
-
Cyble Inc ☛ Cybersecurity In Law Firms: 2024 Report Exposes Critical Risks
The 2024 report highlights a notable rise in cyberattacks on Australian law firms. Specifically, 21% of respondents reported being targeted by cybercriminals in the past year—a 7% increase from the previous year. The prevalence of phishing attacks is particularly alarming, impacting 81% of the firms surveyed, marking a 14% increase from the year before.
-
Cyble Inc ☛ Record-Breaking Data Breaches In Australia: OAIC Reports
The Office of the Australian Information Commissioner (OAIC) has released new statistics revealing that the first half of 2024 saw the highest number of data breach notifications in three and a half years. From January to June 2024, the OAIC report stated that it received 527 notifications of data breaches—a notable increase of 9% compared to the previous six months and the highest since the second half of 2020 in Australia.
Cybersecurity incidents continue to be the leading cause of data breaches, accounting for 38% of all reported cases.