top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #126 - December 2, 2024

FTC bans data brokers from selling Americans’ sensitive location data

Source: Bleeping Computer

The FTC has prohibited data brokers Mobilewalla and Gravy Analytics from selling Americans' sensitive location data tied to places like schools, churches, and healthcare facilities. The companies must delete existing data and products created from it. This action addresses concerns about privacy and improper usage of consumer information, including by government agencies.




Top 10 Cyber-Attacks of 2024

Source: Infosecurity Magazine

The top cyberattacks of 2024, focusing on significant incidents affecting healthcare, infrastructure, and government data. Notable examples include ransomware attacks on healthcare systems, Chinese espionage campaigns targeting critical U.S. sectors, and large-scale data breaches. These attacks emphasize the increasing sophistication of cyber threats and their widespread impact on public services and private industries.




Vodka maker Stoli files for bankruptcy in US after ransomware attack

Source: Bleeping Computer

Stoli Group's U.S. companies have filed for bankruptcy following an August ransomware attack and Russian authorities seizing the company's remaining distilleries in the country. As Chris Caldwell, the President and Global Chief Executive Officer of Stoli USA and Kentucky Owl, the two Stoli Group subsidiaries, said in a Friday filing, this comes after the August attack severely disrupted its IT systems, including its enterprise resource planning (ERP) platform.




Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability

Source: Securityweek

Cisco has warned about active exploitation of CVE-2014-2120, a cross-site scripting vulnerability in its Adaptive Security Appliance (ASA) products. The flaw allows attackers to target WebVPN users through malicious links. Despite being disclosed in 2014 with patches available, recent exploitation attempts have been linked to the Androxgh0st botnet, prompting Cisco to urge users to update affected systems immediately.




Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses

Source: The Hacker News

Cybercriminals are using corrupted ZIP and Microsoft Office files in phishing attacks to bypass email filters and antivirus software. The damaged files exploit recovery mechanisms in applications like Word and Outlook to open despite their corrupted state. These emails often promise benefits or bonuses to lure victims into opening the attachments, which can lead to malware installation or credential theft via embedded QR codes.



111 views

Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page