This Week’s Top 5 Cybersecurity News Stories October 2024 | 03
Cybersecurity threats are evolving constantly as threat actors look to gain access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of. No story is too big or small, as we look at threats from espionage to security flaws in every day devices:
1. Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations
LinkedIn faces a €310 million fine by Ireland’s Data Protection Commission for using users’ data in targeted ads without explicit consent, breaching GDPR standards.
This ruling highlights the EU’s firm stance on data transparency and fair processing, signaling that social media giants must prioritize user consent. Pinterest now faces similar scrutiny—will big tech truly adapt to GDPR?
More details: The Hacker News.
2. CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
CISA warns of active exploits targeting Microsoft SharePoint (CVE-2024-38094), adding it to the Known Exploited Vulnerabilities catalog. With public proof-of-concept exploits available, attackers can execute code with Site Owner permissions.
Meanwhile, Samsung’s mobile processors also faced exploitation in a privilege escalation chain. CISA’s latest rules urge faster vulnerability patching and stricter data access control to strengthen defenses.
More details: The Hacker News.
3. Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack
Cisco has released patches for a critical flaw (CVE-2024-20481) affecting its Adaptive Security Appliance (ASA) VPN service, under active exploitation and vulnerable to denial-of-service (DoS) attacks through resource exhaustion.
Alongside, Cisco addresses three other high-severity flaws targeting Firepower and ASA systems, underscoring the urgency for rapid updates as brute-force campaigns increasingly target networking devices.
More details: The Hacker News.
4. Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
More details: The Hacker News.
5. Georgia secretary of state’s office says it fended off cyberattack on voting website
Georgia’s Secretary of State confirmed a cyberattack attempt aimed at disrupting the state’s absentee ballot request website. While the attack temporarily slowed systems, it didn’t prevent voters from accessing ballots.
This incident highlights the growing cybersecurity challenges as early voting for the November 5 presidential election begins across the U.S., with Georgia at the center as a key battleground state.
More details: Reuters
At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.
For more information please contact us now!