This Week’s Top 5 Cybersecurity News Stories October 2024 | 01
Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small, as we look at threats from espionage to security flaws in every day devices:
1. LockBit power cut: four new arrests and financial sanctions against affiliates
Europol’s latest crackdown on the notorious LockBit ransomware group involved a coordinated effort across 12 countries, resulting in four arrests, server seizures, and financial sanctions. This marks a significant victory in the ongoing fight against one of the world’s most prolific cyber threats. Discover how international law enforcement is dismantling LockBit’s operations and offering free tools to help victims recover from ransomware attacks.
For more about this story click here
2. Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
Cybersecurity researchers recently revealed critical vulnerabilities in Kia vehicles, allowing remote control of key functions using just a license plate. Attackers could gain access to a victim’s sensitive data and even manipulate vehicle controls, such as unlocking or starting the car, without detection. These issues, affecting vehicles made since 2013, have been patched, but they underscore the ongoing risks in connected cars.
For more about this story click here
3. 5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
Generative AI is transforming enterprise productivity, but it comes with the risk of sensitive data leakage. A new e-guide from LayerX, titled 5 Actionable Measures to Prevent Data Leakage Through Generative AI Tools, provides security managers with practical steps to manage this risk. By mapping AI usage, restricting personal accounts, educating employees, blocking sensitive input, and managing browser extensions, organizations can balance innovation with security and harness the full potential of GenAI tools like ChatGPT.
For more about this story click here
4. Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Cybersecurity researchers have uncovered that 5% of Adobe Commerce and Magento stores have been compromised through a severe vulnerability called CosmicSting (CVE-2024-34102), allowing remote code execution. Despite a patch in June 2024, attacks continue at a rate of 3-5 per hour, with attackers stealing payment data and taking control of systems. Merchants are urged to upgrade, rotate encryption keys, and secure their systems to mitigate further risks from this and other chained exploits.
For more about this story click here
5. Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw
Cybersecurity researchers have raised alarms over active exploitation attempts targeting a newly disclosed flaw in Synacor’s Zimbra Collaboration, CVE-2024-45519. This critical vulnerability, which allows attackers to execute arbitrary commands via the postjournal service, is being exploited through spoofed Gmail emails. Although Zimbra released a patch on September 4, 2024, unpatched systems remain vulnerable. Users are urged to apply the updates immediately or disable the postjournal service temporarily to prevent exploitation.
For more about this story click here
At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.
For more information please contact us now!