CypherCosmo on Nostr: The biggest cybersecurity and cyberattack stories of 2024 ...
The biggest cybersecurity and cyberattack stories of 2024
https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2024
# 2024 Cybersecurity Incidents Summary
## Notable Data Breaches
* **Internet Archive**: 33M users affected through exposed GitLab credentials that allowed access to source code and user database
* **Microsoft**: Corporate emails breached by Russian state actors (Midnight Blizzard/APT29), leading to subsequent source code theft and federal agency exposure
* **National Public Data**: 2.7B records leaked, including SSNs and addresses, initially offered for $3.5M before being leaked for free
* **AT&T**: 109M customer call logs exposed via compromised Snowflake account credentials
## Major System Disruptions
* **CrowdStrike Update Incident**
* Faulty kernel driver update crashed 8.5M Windows devices
* Led to widespread organizational disruptions affecting financial firms, airlines, and hospitals
* Criminals exploited recovery efforts with fake repair tools distributing malware
* **Change Healthcare Ransomware Attack**
* BlackCat/ALPHV gang demanded $22M ransom
* Severely disrupted US healthcare operations, affecting prescriptions and claims
* Exploited Citrix service lacking MFA, resulting in 6TB of stolen data
## Regulatory Actions
* **Kaspersky Ban**
* Forced to cease US operations by September 2024
* Customer base sold to Point Wild
* Automatic migration to UltraAV software, causing customer backlash
## Emerging Threats
* **Edge Device Attacks**: Widespread compromises of Fortinet, TP-Link, Ivanti, and Cisco networking devices
* **North Korean IT Workers**: Systematic infiltration of US companies for espionage and revenue generation
* **SnowFlake Campaign**: Major data theft operation targeting companies through compromised credentials, affecting Ticketmaster, AT&T, and others
*Note: This summary covers major incidents through October 2024*
originally posted at https://stacker.news/items/836454
https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2024
# 2024 Cybersecurity Incidents Summary
## Notable Data Breaches
* **Internet Archive**: 33M users affected through exposed GitLab credentials that allowed access to source code and user database
* **Microsoft**: Corporate emails breached by Russian state actors (Midnight Blizzard/APT29), leading to subsequent source code theft and federal agency exposure
* **National Public Data**: 2.7B records leaked, including SSNs and addresses, initially offered for $3.5M before being leaked for free
* **AT&T**: 109M customer call logs exposed via compromised Snowflake account credentials
## Major System Disruptions
* **CrowdStrike Update Incident**
* Faulty kernel driver update crashed 8.5M Windows devices
* Led to widespread organizational disruptions affecting financial firms, airlines, and hospitals
* Criminals exploited recovery efforts with fake repair tools distributing malware
* **Change Healthcare Ransomware Attack**
* BlackCat/ALPHV gang demanded $22M ransom
* Severely disrupted US healthcare operations, affecting prescriptions and claims
* Exploited Citrix service lacking MFA, resulting in 6TB of stolen data
## Regulatory Actions
* **Kaspersky Ban**
* Forced to cease US operations by September 2024
* Customer base sold to Point Wild
* Automatic migration to UltraAV software, causing customer backlash
## Emerging Threats
* **Edge Device Attacks**: Widespread compromises of Fortinet, TP-Link, Ivanti, and Cisco networking devices
* **North Korean IT Workers**: Systematic infiltration of US companies for espionage and revenue generation
* **SnowFlake Campaign**: Major data theft operation targeting companies through compromised credentials, affecting Ticketmaster, AT&T, and others
*Note: This summary covers major incidents through October 2024*
originally posted at https://stacker.news/items/836454