Cybersecurity is not a size-fit-all-all kind of ideology. The frequency of cyber-attacks is alarming, occurring every 39 seconds, and small businesses are particularly vulnerable, with 43% of attacks targeting them. What’s more, a substantial 75% of cyber-attacks kick off through email channels, underscoring the urgent need for strong defences and increased awareness to confront the ever-evolving landscape of online threats. With that said, here is a summary of the major events that happened today:
- Donear Industries, an esteemed Indian fabric company with a global reach, recently fell victim to the BianLian ransomware, resulting in a breach that exposed 3.5TB of critical data. The compromised information encompasses financial records, HR data, images, and drawings, as well as sensitive client and partner data.
- A recently discovered Windows flaw provided an opportunity for hackers to deploy the crypto-siphoning ephemeron stealer. Fortunately, the security loophole has been swiftly patched to prevent further exploitation. The Phemedrone, targeting web browsers, data from cryptocurrency wallets, and popular messaging apps such as Steam, Discord, and Telegraph, was effectively thwarted.
- Adult-themed games in South Korea have become a breeding ground for the Remcos RAT in a new wave of cyberattacks. Exploiting users by concealing malicious scripts within booby-trapped files associated with these games, the remote access control trojan executes its payload through an intermediate binary called “ffmpeg.exe,” granting unauthorized remote access.
- Google successfully patched the first actively exploited Chrome zero-day of 2024 after acknowledging its existence in a statement. The tech giant swiftly addressed the vulnerability, releasing patched versions worldwide within a week to ensure the security of users on stable desktop channels for Windows, Mac, and Linux.
- Calvià , a prominent Majorcan city and tourism hotspot, suffered an $11 million loss in a recent ransomware attack. With ongoing forensic analysis to determine the extent of unauthorized access, the city council is actively working to restore normalcy swiftly.
- Premium Guard, a leading U.S. aftermarket automotive filtration provider, suffered a ransomware attack by the Akira ransomware group. The company has not disclosed the full impact of the attack.
- “PixieFail,” a set of nine vulnerabilities, has impacted the IPv6 network protocol stack of Tianocore’s EDK II. This open-source reference implementation of the UEFI specification, widely used in enterprise computers and servers, revealed flaws in the PXE network boot process critical for OS image loading in data centres.
- TGS Transportation fell victim to the Akira ransomware group, causing concern about potential data exfiltration. The U.S.-based company specializing in international and domestic intermodal drayage and LCL services has yet to provide detailed information about the incident.
Finally, Security experts issue warnings about critical vulnerabilities in Atlassian Confluence Data Center and Confluence Server versions released before December 5, 2023 and out-of-support releases. Tracked as CVE-2023-22527, this template injection vulnerability poses a severe threat, allowing unauthenticated attackers to execute remote code on affected Confluence endpoints.
