09-Jul-24: In Security News Today

Evolve Bank & Trust Reveals 7 Million Impacted in LockBit Breach

Evolve Bank & Trust confirmed a data breach affecting 7,640,112 individuals, with unauthorized access to customer information but not funds. The breach was discovered after systems were found to be operating incorrectly, leading to an investigation revealing the breach’s nature and scope. Threat actors, including the group LockBit, accessed and downloaded sensitive data like names, Social Security numbers, and dates of birth, prompting Evolve to offer credit monitoring and identity theft protection services to affected users.

Neiman Marcus Data Breach: 31 Million Email Addresses Found Exposed

Neiman Marcus disclosed a data breach in May 2024, revealing that over 31 million customer email addresses were exposed. The breach also included names, contact information, gift card details, transaction data, and partial credit card information. The incident was linked to the Snowflake data theft attacks, with a threat actor attempting to sell customer data on a hacking forum.

Cybercriminals Leak 39,000 Print-at-Home Ticketmaster Tickets for 154 Events

Threat actors known as ‘Sp1derHunters’ have leaked almost 39,000 print-at-home Ticketmaster tickets for 154 events, including popular concerts. The tickets were stolen from Snowflake accounts, and the hackers demanded a $2 million extortion payment. Ticketmaster claims their anti-fraud measures protect against barcode theft, but the leaked data includes barcodes that cannot be rotated, potentially allowing for ticket fraud.

Frankfurt University Shuts Down IT Systems, Elevators Following What They Called a “Serious Hacker Attack”

The Frankfurt University of Applied Sciences, with over 15,000 students, faced a severe cyberattack on July 6th, leading to the shutdown of its websites, IT systems, and elevators for safety reasons. Despite high security measures, attackers accessed parts of the university’s IT infrastructure, prompting the institution to disable external IT access and certain services, and to involve the police. While lectures continue, online registration and email or phone communication are currently unavailable as the university works to restore its systems.

Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health

A ransomware gang has started leaking data allegedly stolen from the Florida Department of Health. The group claims to have exfiltrated sensitive information, including personal and health data, during a recent cyberattack. As the situation develops, the Department of Health is working to assess the full impact and mitigate further risks​

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

A security vulnerability named BlastRADIUS in the RADIUS network authentication protocol allows attackers to conduct Mallory-in-the-middle (MitM) attacks by bypassing integrity checks on Access-Request messages. The flaw stems from a design flaw in the RADIUS protocol, impacting all standards-compliant RADIUS clients and servers, particularly affecting networks sending RADIUS/UDP traffic over the internet. Mitigation includes upgrading to the latest version, using TLS or IPSec, and implementing increased packet security via the Message-Authenticator attribute.

City of Philadelphia says over 35,000 hit in May 2023 breach

The City of Philadelphia disclosed a data breach in October 2024 that affected more than 35,000 individuals, exposing personal and protected health information. Attackers gained access to multiple email accounts between May and July 2023, compromising data such as demographic, medical, and limited financial information. The City has notified affected individuals, informed law enforcement, and is enhancing security measures while offering free credit monitoring services and guidance on identity theft protection.

Cybercriminals Target WordPress Calendar Plugin Used by 150,000 Sites

Hackers are exploiting a vulnerability in the Modern Events Calendar WordPress plugin, affecting over 150,000 websites, to upload arbitrary files and execute remote code. The vulnerability, identified as CVE-2024-5441, allows for unauthorized file uploads, potentially leading to complete website takeover. Webnus has released version 7.12.0 to address the issue, but users are advised to update immediately or disable the plugin to prevent cyberattacks.

Microsoft mandates Chinese staff to use iPhones, not Android

Microsoft has directed its employees in China to switch to iPhones for work, citing the unavailability of the Microsoft Authenticator app in Chinese app stores. This move aims to standardize the use of Microsoft security tools and two-factor authentication among all personnel. The decision is part of Microsoft’s Secure Future Initiative, following security concerns and an attack on the Microsoft Exchange ecosystem attributed to Chinese government forces.

Fujitsu Confirms Customer Data Exposed in March Cyberattack

Fujitsu has confirmed a data breach in March where customer data was compromised by a sophisticated malware attack that spread to 49 computers. The attack did not involve ransomware but utilized advanced techniques to evade detection. Fujitsu isolated the infected computers, investigated the breach, and implemented enhanced security measures to prevent future incidents.

Microsoft Releases July 2024 Security Updates

Microsoft’s July 2024 security updates address multiple vulnerabilities across various products, including critical fixes for Windows, Microsoft Office, .NET Framework, and Azure. Notably, the release includes patches for several zero-day vulnerabilities currently being exploited in the wild. Cybersecurity professionals are advised to prioritize these updates to mitigate potential security risks and maintain system integrity.

Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.

Leave a Reply

Your email address will not be published. Required fields are marked *