Written by
Team Nucleus
Content
Written on
24th October, 2024
SHARE ARTICLE
Analyst Insight
This week in cyber we have seen multiple new vulnerabilities disclosed and actively exploited. The Irish Data Protection Commission (DPC) has imposed additional substantial fines on social media companies, continuing the trend seen earlier this month. Meanwhile, Microsoft researchers reported a sharp rise in ransomware attacks targeting healthcare providers. Additionally, threat researchers observed a resurgence in the Bumblebee loader campaign, signaling renewed activity in this malware strain.
Critical FortiManager Vulnerability Actively Exploited in Attacks
Fortinet has disclosed details of a critical vulnerability impacting their FortiManager tool, which is known to be actively exploited in attacks. The advisory on Wednesday, tracked as CVE-2024-47575 with a CVSS score of 9.8 (Critical) states:
“A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests”
The advisory gives detailed advice on what versions of FortiManager are affected, and how to patch the vulnerability. If your organisation is using the FortiManager service on its systems, we strongly recommend following the advice within the advisory.
CISA Discloses Microsoft SharePoint Vulnerability Actively Exploited in Attacks
A vulnerability affecting Microsoft SharePoint, tracked as CVE-2024-38094 with a CVSS score of 7.2 (High) has been added to CISA’s KEV (Known Exploited Vulnerabilities) catalogue this week. Despite being disclosed in July 2024, the late addition of the vulnerability to CISA’s KEV reveals the consistent nature of threat actors persistently exploiting vulnerabilities in outdated software, months after being patched.
“An unauthenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of the SharePoint Server.” Microsoft states in the vulnerability disclosure.
As always, vulnerability management is pivotal in protecting your environments. Keeping up to date with the latest patches and vendor recommendations will help improve your organisational security.
Increased Trend of Ransomware Attacks to Healthcare Providers
A recent Microsoft Security Insider has outlined the increased trend of healthcare providers being targeted by ransomware gangs. The report mostly focuses on the US healthcare sector but outlines a disturbing trend for all in the global healthcare sector.
“Healthcare organisations prioritise patient care above all else, and if they must pay millions of dollars to avoid disruptions, they are often willing to do so.” the article states. Threat actors are taking advantage of the life-threatening nature of healthcare outages, increasing the chance of a successful payout. In a survey conducted of 402 healthcare organisations, 53% of healthcare sector organisations paid the ransom averaging of $4.4 million per payment.
LinkedIn Fined €310 Million by Irish Data Protection Commission for GDPR Violations
The Irish Data Protection Commission (DPC) in the last month has been cracking down on social media companies’ illegal data practices, falling foul of the General Data Protection Regulation (GDPR).
The press release by the DPC describes a €310 million fine over multiple infringements of articles within the GDPR regulations. The DPC has specifically stated concerns of data processing of personal data related to behavioural analysis and targeted advertising. Their decision concerns the “lawfulness, fairness and fairness of this processing.”
Last year, a similar decision of a €345 million fine imposed by the DPC on popular social media app TikTok for their GDPR violations in handling personal data related to child users.