Skip to main content
search
All BlogsCyber News

Cyber Attack News – Risk Roundup – Top Stories for September, 2024

By September 25, 2024 No Comments

Author: Chase Snyder, Sr. PMM, Xage Security

New Ivanti Cloud CVEs Added to Known Exploited Vulnerabilities Catalog

Ivanti has seen a growing list of vulnerabilities in their products added to CISA’s catalog of Known Exploited Vulnerabilities. Most recently, CVE-2024-8963, affecting Ivanti’s Cloud Service Appliance, was disclosed as having been exploited against “a limited number of customers” as reported by The Hacker News. These new disclosures do not seem to be related to the Ivanti VPN vulnerabilities earlier in the year that prompted an increasing global focus on security vulnerabilities with remote access technologies

Update: Another vulnerability, CVE-2024-7593, was just added to the KEV and flagged as critical. 

 

Halliburton Confirms Data Stolen in August 2024 Hack

An SEC filing (Form 8-K) revealed that the company believes data was exfiltrated by the hackers. They are investigating the quantity and nature of the data. Oil and gas companies and other critical infrastructure organizations face unique cybersecurity challenges and regulations. Read the article on BleepingComputer for more. 

 

“Vanilla Tempest” Ransomware Group Sweeps Through Healthcare

Healthcare organizations have long been a target for ransomware attackers, and Microsoft recently shared that the threat group dubbed Vanilla Tempest has begun targeting the healthcare sector specifically. Microsoft Threat Intelligence described the threat group’s tactics, including their abuse of Remote Monitoring and Management tool AnyDesk and the Remote Desktop Protocol (RDP) for lateral movement.

Vanilla Tempest has begun targeting the healthcare sector

Articles on The Hacker News and BleepingComputer.

 

Craigslist Founder Funds Civil Cybersecurity with $1.2M

Craig Newmark of Craigslist fame recently dedicated $1.2 million to support networks of volunteers in providing cyber assistance to organizations struggling to protect themselves from cyber attacks. This is one in a series of Newmark’s cyber-related projects, and he has previously committed to contributing $100M to civil cyber defense in general. 

 

SeaTac Airport Refuses to Pay Ransom 

The Port of Seattle, which runs the Seattle-Tacoma International Airport, refused to pay the 100 bitcoin ransom—roughly $6 million. The decision highlights the difficult problem of whether to pay, with inevitable consequences on both sides. 

 

National Insider Threat Awareness Month

Did you know that September is National Insider Threat Awareness Month? Experts weighed in on the problem of insider threats and what to do about them.  

That’s a wrap for the September Cyber Risk Roundup. Follow Xage Security on LinkedIn for daily updates on cyber risk and zero trust security.