Latest Cyber Security Risks - August 18, 2024
Welcome to this issue of the Cyber Security Spotlight and Vulnerability Newsletter! Stay updated on the latest data breaches, security vulnerabilities, and threats.
1. ADT Confirms Data Breach After Customer Info Leaked on Hacking Forum
ADT Inc. has confirmed a data breach after customer information was leaked on a hacking forum. The breach was disclosed via a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC), revealing that hackers gained access to systems holding customer order details. ADT is currently investigating the extent of the breach and working to secure its systems.
Read more about the ADT data breach.
2. Background Check Company Breached, Nearly 3 Billion Exposed in Data Theft
A massive data breach has affected a major background check company, with nearly 3 billion records exposed. The breach has far-reaching implications, potentially impacting anyone who has undergone a background check. This incident highlights the ongoing risks associated with storing vast amounts of sensitive personal information.
Learn more about the background check company breach.
3. Windows SmartScreen Bypass Exploited as Zero-Day Since March
Microsoft has disclosed a significant security vulnerability in the Windows SmartScreen feature, which has been exploited as a zero-day since March 2024. This Mark of the Web (MoTW) security bypass vulnerability allowed attackers to bypass SmartScreen protection, putting systems at risk. The vulnerability was patched during the June 2024 Patch Tuesday update.
Explore details about the Windows SmartScreen bypass.
4. Microsoft Discloses 10 Zero-Day Bugs in Patch Tuesday Update
In its latest Patch Tuesday update, Microsoft disclosed 10 zero-day vulnerabilities, six of which are actively being exploited by attackers. Four of these vulnerabilities are public, including one that has yet to receive a patch. The vulnerabilities pose significant risks to systems, emphasizing the importance of applying patches promptly.
Find out more about Microsoft’s zero-day disclosures.
5. Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid Clouds
A serious security issue has been identified in Microsoft Entra ID, affecting hybrid cloud environments. The vulnerability allows attackers to bypass authentication, posing a significant threat to organizations that have synchronized multiple on-premises Active Directory domains to a single Azure tenant. Microsoft is still working on a fix for this critical issue.
Learn more about the Microsoft Entra ID vulnerability.
6. Critical Flaw in Ivanti Virtual Traffic Manager Exposes Systems to Attack
Ivanti has issued a warning about a critical vulnerability in its Virtual Traffic Manager that could allow remote attackers to execute code on affected systems. The flaw, which has yet to be patched, puts numerous organizations at risk of cyberattacks. Ivanti advises users to take immediate action to mitigate the vulnerability.
Read more about the Ivanti Virtual Traffic Manager flaw.
7. CSC ServiceWorks Discloses Data Breach After 2023 Cyberattack
CSC ServiceWorks has disclosed a data breach resulting from a cyberattack in 2023. The breach, which affected customer and business information, has raised concerns about the company’s data security practices. CSC ServiceWorks is cooperating with authorities to investigate the breach and enhance its cybersecurity measures.
Get details on the CSC ServiceWorks data breach.
8. Microsoft Warns of Unpatched Office Vulnerability
Microsoft has warned users about an unpatched vulnerability in its Office suite that could be exploited by attackers to execute arbitrary code. This critical flaw affects multiple versions of Office, and Microsoft urges users to remain vigilant and apply any available workarounds until a patch is released.
Learn more about the unpatched Office vulnerability.
9. Microsoft to Discontinue Windows Paint 3D App After 8 Years
Microsoft has announced that it will be discontinuing the Windows Paint 3D app, which has been available for the past eight years. The decision to kill the app comes as part of Microsoft’s ongoing efforts to streamline its software offerings and focus on more widely used applications.
Find out more about the discontinuation of Paint 3D.
10. SolarWinds Fixes Critical RCE Bug Affecting All Web Help Desk Versions
SolarWinds has released a patch to fix a critical remote code execution (RCE) vulnerability affecting all versions of its Web Help Desk software. The flaw, which could allow attackers to take control of affected systems, has been rated as highly severe. Users are urged to update their software immediately to protect against potential attacks.
Learn more about the SolarWinds RCE bug.
11. Ransomware Gang Deploys New Malware to Kill Security Software
A ransomware gang has developed a new malware strain designed to disable security software on targeted systems. This tactic allows the ransomware to operate undetected, increasing its chances of successfully encrypting victim data. The development underscores the evolving sophistication of ransomware threats.
Read more about the new ransomware malware.
12. Zero-Click Windows TCP/IP RCE Impacts All Systems with IPv6 Enabled
Microsoft has identified a zero-click remote code execution (RCE) vulnerability in the Windows TCP/IP stack that affects all systems with IPv6 enabled. The flaw can be exploited without any user interaction, making it particularly dangerous. Microsoft has issued a patch and urges all users to update their systems immediately.
Learn more about the Windows TCP/IP RCE vulnerability.
13. McLaren Hospitals Disruption Linked to INC Ransomware Attack
McLaren Hospitals has experienced significant disruptions following a ransomware attack linked to the INC ransomware group. The attack has impacted hospital operations, highlighting the growing threat of ransomware in the healthcare sector. Authorities are investigating the breach and working to restore normal operations.
Get details on the McLaren Hospitals ransomware attack.
Stay Vigilant!