Introducing Episode 11 of our expertly crafted series on data breaches, cyber-attacks, and more. Breach Breakdown is your go-to source for recapping incidents and staying up-to-date on the latest solutions. December saw its fair share of reported cases, with breaches affecting:
Critical SHARP Router Vulnerabilities: Update Now ๐จ
SHARP has identified severe flaws in multiple router models, including:
– Remote Code Execution (RCE): Exploiting root access (CVE-2024-45721, CVE-2024-46873).
– Sensitive Data Exposure: Accessing configuration files (CVE-2024-52321).
– Denial of Service: Buffer overflow crashes (CVE-2024-47864).
๐ข What to Do:
– Update firmware immediately via SHARP or your provider.
– Enable auto-updates for future patches.
– Secure your network now against these critical threats.
FlowerStorm PhaaS Rises After Rockstar2FA Collapse ๐จ
The disruption of Rockstar2FA has fueled a surge in FlowerStorm phishing-as-a-service (PhaaS), targeting Microsoft 365 accounts and industries like construction, real estate, and legal services across the U.S., UK, and more.
๐ Key Highlights:
– Bypasses MFA using advanced tactics like Cloudflare Turnstile.
– Targets service industries in over 10 countries.
– Reflects growing use of accessible tools for large-scale attacks.
๐ฒ Breaking News: WhatsApp Wins Legal Battle Against NSO Group Over Pegasus Spyware
A U.S. judge ruled NSO Group illegally used WhatsApp servers to deploy Pegasus spyware in 2019, targeting 1,400 devices.
๐ Key Points:
– NSO breached WhatsAppโs terms of service.
– Failed to comply with court orders to provide Pegasus code.
– Case moves to trial for damages.
โThis is a huge win for privacy,โ said head of WhatsApp, Will Cathcart.
Read More:
๐พBreaking News: Rspack npm Packages Compromised in Crypto Mining Malware Attack
The popular npm packages @rspack/core and @rspack/cli, used by companies like Microsoft and Amazon , were compromised in a supply chain attack. Malicious versions (v1.1.7) included crypto currency mining malware.
๐ Key Details:
Impact: Sensitive data stolen, IP tracking, and XMRig miner installation on Linux via a post install script.
Fixes: Malicious versions removed, tokens invalidated, and latest safe version is 1.1.8.
Scope: Over 445,000 weekly downloads affected.
This attack underscores the need for stronger safeguards in packagemanagement systems.
Read More:
๐ฅBreaking News: 5.6 Million Affected in Ascension Ransomware Attack
Ascension, a leading U.S. healthcare provider, confirms a ransomware attack exposing sensitive patient and employee data, including medical records and Social Security numbers.
๐ Impact: Delayed services, manual record keeping, and identity theft risks.
๐ Response: Free identity protection and collaboration with law enforcement.